Universal Action Policy

The universal action policy allows for controlled access to specific contract functions with optional parameter-based rules. Below is an example that restricts a function call to a specific parameter value.
Security Consideration: Always set appropriate time bounds and carefully consider which contract functions to expose.
import { usersNexusClient } from "./client.ts";
import { parseUnits, toFunctionSelector } from "viem";

const createSessionsResponse = await usersNexusClient.grantPermission({
  sessionRequestedInfo: [
    {
      sessionPublicKey,
      actionPoliciesInfo: [
        {
          functionSelector: toFunctionSelector("transfer(address,uint256)"),
          contractAddress: USDC_ADDRESS,
          rules: [
            {
              condition: ParamCondition.EQUAL,
              offsetIndex: 0, // recipient parameter
              isLimited: false,
              ref: WHITELISTED_ADDRESS
            },
            {
              condition: ParamCondition.LESS_THAN,
              offsetIndex: 1, // amount parameter
              isLimited: true,
              ref: parseUnits("1000", 6), // 1000 USDC per tx
              usage: {
                limit: parseUnits("5000", 6), // 5000 USDC total
                used: 0n
              }
            }
          ],
        }
      ]
    }
  ]
});

Common Use Cases

  • Token Allowances: Set maximum spending limits for ERC20 tokens
  • Whitelisted Transfers: Restrict transfers to approved addresses only
  • Budget Management: Implement departmental spending controls
  • DeFi Risk Management: Limit exposure in DeFi protocols
  • Automated Payments: Control recurring token payments
  • Treasury Operations: Manage organizational token distributions

Best Practices

  1. Whitelist Recipients: Always specify allowed recipient addresses
  2. Dual Limits: Implement both per-transaction and cumulative limits
  3. Token Decimals: Carefully account for token decimal places when setting limits
  4. Usage Tracking: Monitor cumulative usage against total limits
  5. Multiple Tokens: Set appropriate limits for each token type
  6. Regular Reviews: Periodically audit spending patterns and adjust limits
  7. Combine Policies: Use with time-based restrictions for enhanced security