Usage Limit Policy

The usage limit policy allows you to restrict how many times a session key can be used. This provides a simple but effective way to limit the total number of operations a session can perform, regardless of the operation type.
Security Consideration: Set conservative usage limits based on expected legitimate usage patterns to minimize potential abuse.
import { usersNexusClient } from "./client.ts";
import { parseEther } from "viem";

const createSessionsResponse = await usersNexusClient.grantPermission({
  sessionRequestedInfo: [
    {
      sessionPublicKey,
      actionPoliciesInfo: [
        {
          contractAddress: "0x123",
          functionSelector: "0x456",
          // Limit total usage to 100 transactions
          usageLimit: BigInt(100),
          // Optional: Combine with other policies
          validUntil: BigInt(Date.now() + 7 * 24 * 60 * 60 * 1000) // 7 days
        }
      ]
    }
  ]
});

Common Use Cases

  • Limited Trial Access: Grant a fixed number of operations for evaluation purposes
  • Batch Operations: Allow a specific number of automated transactions
  • Risk Management: Cap total possible operations for security
  • Resource Control: Limit API or service usage through smart contract calls

Best Practices

  1. Set Reasonable Limits: Choose usage limits that balance functionality with security
  2. Combine with Time Bounds: Add time restrictions to prevent rapid consumption of usage quota
  3. Monitor Usage: Track usage patterns to adjust limits appropriately
  4. Consider Operation Types: Set different limits for different function calls based on risk