| description | Learn how to constrain a delegation scope using caveat enforcers. | |||||
|---|---|---|---|---|---|---|
| sidebar_label | Constrain a scope | |||||
| toc_max_heading_level | 3 | |||||
| keywords |
|
import Tabs from "@theme/Tabs"; import TabItem from "@theme/TabItem"; import GlossaryTerm from '@theme/GlossaryTerm';
Delegation scopes define the delegation's initial authority and help prevent delegation misuse. You can further constrain these scopes and limit the delegation's authority by applying caveat enforcers.
For example, Alice creates a delegation with an ERC-20 transfer scope that allows Bob to spend up to 10 USDC.
If Alice wants to further restrict the scope to limit Bob's delegation to be valid for only seven days,
she can apply the timestamp caveat enforcer.
The following example creates a delegation using createDelegation, applies the ERC-20 transfer scope with a spending limit of 10 USDC, and applies the timestamp caveat enforcer to restrict the delegation's validity to a seven-day period:
import { createDelegation, ScopeType, CaveatType } from '@metamask/smart-accounts-kit'
// Convert milliseconds to seconds.
const currentTime = Math.floor(Date.now() / 1000)
// Seven days after current time.
const beforeThreshold = currentTime + 604800
const caveats = [
{
type: CaveatType.Timestamp,
afterThreshold: currentTime,
beforeThreshold,
},
]
const delegation = createDelegation({
scope: {
type: ScopeType.Erc20TransferAmount,
tokenAddress: '0xc11F3a8E5C7D16b75c9E2F60d26f5321C6Af5E92',
maxAmount: 10000n,
},
// Apply caveats to the delegation.
caveats,
to: delegateAccount,
from: delegatorAccount,
environment: delegatorAccount.environment,
})- See the caveats reference for the full list of caveat types and their parameters.
- For more specific or custom control, you can also create custom caveat enforcers and apply them to delegations.