Skip to main content

ERC-7715 permissions

The Delegation Toolkit supports ERC-7715, which lets you request fine-grained permissions from a MetaMask user to execute transactions on their behalf. For example, a user can grant your dapp permission to spend 10 USDC per day to buy ETH over the course of a month. Once the permission is granted, your dapp can use the allocated 10 USDC each day to purchase ETH directly from the MetaMask user's account.

ERC-7715 eliminates the need for users to approve every transaction, which is useful for highly interactive dapps. It also enables dapps to execute transactions for users without an active wallet connection.

note

This feature requires MetaMask Flask 12.14.2 or later.

ERC-7715 technical overview

ERC-7715 defines a JSON-RPC method wallet_grantPermissions. Dapps can use this method to request a wallet to grant the dapp permission to execute transactions on a user's behalf. wallet_grantPermissions requires a signer parameter, which identifies the entity requesting or managing the permission. Common signer implementations include wallet signers, single key and multisig signers, and account signers.

The Delegation Toolkit supports multiple types of signers, but an account signer is used in this documentation's examples as a common implementation. With an account signer, a session account is created and used for the single purpose of requesting and redeeming ERC-7715 permissions, and does not contain tokens. The session account can be granted with permissions and redeem them as specified in ERC-7710. The session account can be a smart account or an externally owned account (EOA).

The MetaMask user that the session account requests permissions from must be upgraded to a MetaMask smart account.

ERC-7715 vs. delegations

ERC-7715 expands on regular delegations by enabling permission sharing via the MetaMask browser extension.

With regular delegations, the dapp constructs a delegation and requests the user to sign it. These delegations are not human-readable, so it is the dapp's responsibility to provide context for the user. Regular delegations cannot be signed through the MetaMask extension, because if a dapp requests a delegation without constraints, the whole wallet can be exposed to the dapp.

In contrast, ERC-7715 enables dapps (and AI agents) to request permissions from a user directly via the MetaMask extension. ERC-7715 requires a permission configuration which displays a human-readable confirmation for the MetaMask user. The user can modify the permission parameters if the request is configured to allow adjustments.

For example, the following ERC-7715 permission request displays a rich UI including the start time, amount, and period duration for an ERC-20 token periodic transfer:

ERC-7715 request

ERC-7715 permissions lifecycle

The ERC-7715 permissions lifecycle is as follows:

  1. Set up a session account - Set up a session account to execute transactions on behalf of the MetaMask user. It can be a smart account or an externally owned account (EOA).

  2. Request permissions - Request permissions from the user. The Delegation Toolkit supports ERC-20 token permissions and native token permissions.

  3. Redeem permissions - Once the permission is granted, the session account can redeem the permission, executing on the user's behalf.

See how to perform executions on a MetaMask user's behalf to get started with the ERC-7715 lifecycle.