EcosystemWallet.CreateSessionKey

BigInteger: The chain ID for the session key.

string: The address of the signer for the session key. Use "0x0000000000000000000000000000000000000000" for wildcard session keys that work with any address.

long: Duration in seconds for which the session key will be valid.

bool (optional): Whether to grant full permissions to the session key. When true, creates a "wildcard" session that ignores call and transfer policies and allows any action. When false, only the specified call and transfer policies will be applied. Defaults to true.

Important: When grantFullPermissions is true, the callPolicies and transferPolicies parameters are ignored.

List<CallSpec> (optional): List of call policies to apply to the session key. If null, no call policies will be applied. Only used when grantFullPermissions is false.

• Target (string): The contract address that can be called
• Selector (byte[]): The function selector (4 bytes) that can be called - use tools like 4byte.directory to find selectors
• MaxValuePerUse (BigInteger): Maximum ETH value that can be sent per function call
• ValueLimit (UsageLimit): Overall ETH spending limits for this call policy
• Constraints (List<Constraint>): Additional parameter constraints for function calls

Selector Examples:

• transfer(address,uint256): 0xa9059cbb
• approve(address,uint256): 0x095ea7b3
• swapExactETHForTokens(uint256,address[],address,uint256): 0x7ff36ab5

List<TransferSpec> (optional): List of transfer policies to apply to the session key. If null, no transfer policies will be applied. Only used when grantFullPermissions is false.

• Target (string): The token contract address for transfers
  • Use "0x0000000000000000000000000000000000000000" for native ETH
  • Use specific token contract addresses for ERC-20 tokens
• MaxValuePerUse (BigInteger): Maximum amount that can be transferred per transaction
• ValueLimit (UsageLimit): Overall usage limits for transfers of this token

Common Token Examples:

• ETH: 0x0000000000000000000000000000000000000000
• USDC: 0xA0b86a33E6411a3bb4CC4C7b9C5C5C7C7C8C9C0c (mainnet)
• USDT: 0xdAC17F958D2ee523a2206206994597C13D831ec7 (mainnet)

byte[] (optional): A unique identifier for the session key. If null, a new GUID will be generated automatically. This UID is used to identify and manage the session key on-chain.

Once a session key is created, you can use these methods to inspect and manage it:

// Check if a signer has full permissions (wildcard access)
bool hasFullPermissions = await ecosystemWallet.SignerHasFullPermissions(
    chainId: 1, 
    signerAddress: await sessionSigner.GetAddress()
);
 
// Get the call policies for a specific signer
var callPolicies = await ecosystemWallet.GetCallPoliciesForSigner(
    chainId: 1,
    signerAddress: await sessionSigner.GetAddress()
);
 
// Get the transfer policies for a specific signer  
var transferPolicies = await ecosystemWallet.GetTransferPoliciesForSigner(
    chainId: 1,
    signerAddress: await sessionSigner.GetAddress()
);
 
// Get the session expiration timestamp
var expirationTimestamp = await ecosystemWallet.GetSessionExpirationForSigner(
    chainId: 1,
    signerAddress: await sessionSigner.GetAddress()
);
 
// Get complete session state including remaining limits
var sessionState = await ecosystemWallet.GetSessionStateForSigner(
    chainId: 1,
    signerAddress: await sessionSigner.GetAddress()
);
 
// Check remaining limits
foreach (var limit in sessionState.TransferValue)
{
    Console.WriteLine($"Transfer limit remaining for {limit.Target}: {limit.Remaining}");
}
 
foreach (var limit in sessionState.CallValue) 
{
    Console.WriteLine($"Call value limit remaining for {limit.Target}.{limit.Selector.ToHex()}: {limit.Remaining}");
}

Controls how usage limits are enforced over time:

• 0 (Unlimited): No limits applied
• 1 (Lifetime): Total limit that never resets
• 2 (Allowance): Limit that resets every period (e.g., daily/hourly spending limits)

Defines how parameter constraints are evaluated:

• 0 (Unconstrained): No constraint applied
• 1 (Equal): Parameter must equal the reference value
• 2 (Greater): Parameter must be greater than reference value
• 3 (Less): Parameter must be less than reference value
• 4 (GreaterOrEqual): Parameter must be greater than or equal to reference value
• 5 (LessOrEqual): Parameter must be less than or equal to reference value
• 6 (NotEqual): Parameter must not equal the reference value

Defines spending or usage limits over time periods:

public class UsageLimit
{
    public byte LimitType { get; set; }     // 0=Unlimited, 1=Lifetime, 2=Allowance
    public BigInteger Limit { get; set; }   // The limit amount (ignored if Unlimited)
    public BigInteger Period { get; set; }  // Time period in seconds (only used for Allowance)
}

Examples:

• Unlimited: LimitType = 0 (Limit and Period ignored)
• Lifetime limit: LimitType = 1, Limit = 1000 (max 1000 tokens ever)
• Daily allowance: LimitType = 2, Limit = 100, Period = 86400 (100 tokens per day)

Defines parameter validation and usage limits for function calls:

public class Constraint
{
    public byte Condition { get; set; }     // Condition type (0-6, see enum above)
    public ulong Index { get; set; }        // Parameter index to constrain (0-based)
    public byte[] RefValue { get; set; }    // Reference value for comparison (32 bytes)
    public UsageLimit Limit { get; set; }   // Usage limit for this parameter value
}

Example Use Cases:

• Limit transfers to specific addresses
• Restrict token amounts in function calls
• Control which contracts can be called
• Set spending limits per recipient

The transaction receipt for the session key creation, as a ThirdwebTransactionReceipt object.

Thrown when the execution mode is not EIP7702 or EIP7702Sponsored.

Thrown when the signer address is null or empty, or when the duration is less than or equal to zero.

"Execution mode not supported"

• Ensure your EcosystemWallet is created with ExecutionMode.EIP7702 or ExecutionMode.EIP7702Sponsored

"Invalid signer address"

• Verify the signer address is a valid Ethereum address
• Use "0x0000000000000000000000000000000000000000" for wildcard sessions

"Duration too short"

• Duration must be greater than 0 seconds
• Consider reasonable session lengths (1 hour to 30 days)

"MaxValueExceeded"

• Transaction value exceeds MaxValuePerUse in CallSpec/TransferSpec
• Increase the limit or split into smaller transactions

"LifetimeUsageExceeded"

• Total usage has exceeded the lifetime limit
• Create a new session key or increase limits

"AllowanceExceeded"

• Period allowance has been exhausted
• Wait for the next period or create additional session keys

"CallPolicyViolated"

• Attempting to call a contract/function not in the CallSpec list
• Add the required contract and selector to callPolicies

"ConditionFailed"

• Function parameter doesn't meet constraint requirements
• Check parameter values match the expected constraints