Time-bound delegation logic

Each session key has an expiry timestamp encoded in the signed delegation payload:

{
  "delegate": "0x1234...",
  "validUntil": 1718890000,
  "scope": {
    "contracts": ["0xExecutor"],
    "methods": ["0x09..."]
  }
}

Smart contract enforces:

require(block.timestamp < sessions[msg.sender].validUntil, "Session expired");

This ensures all sessions are finite and revocable.

Last updated 1 month ago