For Ecosystems
Smart Sessions
Sequence’s Smart Sessions provide a seamless way to interact with apps by reducing wallet pop-ups and improving user experience.
The Problem with Web3 UX Today
In Web3 today, the user experience is often interrupted. Every swap, every listing, every minor action requires a wallet pop-up, forcing you to “sign” and approve. This creates friction and makes apps feel clunky compared to the smooth apps we use every day.What Are Smart Sessions?
Smart Sessions is a solution to this problem. A Smart Session is a secure, temporary, and strictly limited set of permissions that you grant to a app. Instead of approving every single transaction, you approve a session once, allowing the app to perform a range of pre-agreed actions on your behalf. This eliminates constant pop-ups and unlocks a fluid, Web2-like experience without sacrificing security or self-custody.💡 Think of it this way: It’s less like handing over your master key (your main wallet signer) and more like giving an application a special-purpose keycard with very clear rules and limitations.
Two Types of Smart Sessions
Sequence offers two distinct types of Smart Sessions, each designed for a different purpose:- Implicit Sessions: For ultimate convenience within a single, trusted app.
- Explicit Sessions: For powerful, granular control over any on-chain action.
1. Implicit Sessions: The “In-App Convenience Pass”
An Implicit Session is the simplest and most common type of Smart Session. Its entire purpose is to make your experience inside a single app as smooth as possible.🎯 The Core Idea
When you connect to a app you trust, you are creating a “trust boundary” around that app’s website domain. An Implicit Session gives that app a pass to operate freely only within its own walls.⚙️ How It Works
- Connect & Trust: You connect your wallet to a app (e.g.,
app.my-defi-protocol.com) - Silent Approval: A session is automatically and silently created that is cryptographically locked to that specific domain without the user having to approve it.
- Seamless Experience: You can now perform any action inside that app, swapping, staking, listing, without any further pop-ups. It just works.
🔒 The Security Guardrail
This session is useless anywhere else. If the app was malicious and tried to use this session to call a contract outside its domain (like the USDC contract), the transaction would be automatically rejected on-chain. The session is only valid for the app’s own smart contracts. The app will configure the permissions in the Sequence Builder📊 Implicit Sessions at a Glance
| Aspect | Details |
|---|---|
| Best For | Day-to-day use of a single app (DeFi protocols, marketplaces, games) |
| Key Feature | Maximum convenience. Eliminates all signing pop-ups within a trusted app environment |
| Analogy | A keycard for a specific building. It lets you move freely between all the rooms inside, but it won’t open the door to the building next door |
2. Explicit Sessions: The “Programmable Permission Slip”
An Explicit Session is a more advanced and powerful tool. It’s designed for when a app needs to perform very specific tasks that interact with other external protocols.🎯 The Core Idea
Instead of just trusting a whole app and its smart contracts, you are approving a precise list of rules for a temporary signer. You are building a custom permission slip that says exactly what can be done, where it can be done, how much can be spent, for how long, and for which contracts.⚙️ How It Works
-
The app Proposes a “Contract”: The app presents your wallet with a list of very specific permissions it needs. For example:
- “Allow me to call the
transferfunction on theUSDC contract.” - ”… with the
recipientaddress0x...only” - “…for a
cumulativetotal of no more than100USDC.” - “…and this permission will
expirein24 hours.”
- “Allow me to call the
- You Explicitly Approve the Rules: Your wallet displays these rules in a human-readable format. You review and approve this exact set of conditions.
- The app Executes: The app can now perform those actions automatically, with 0 pop-ups.
🔒 The Security Guardrail
The power of Explicit Sessions comes from their granularity. Each rule is validated on-chain. If the app tries to do anything outside the approved scope, like spend 101 USDC instead of 100, or call theapprove function instead of transfer, the transaction will fail.
📊 Explicit Sessions at a Glance
| Aspect | Details |
|---|---|
| Best For | Authorizing specific, automated, or high-value actions (e.g., automated yield harvesting, placing bids on an NFT, setting up recurring payments) or 0 pop-ups |
| Key Feature | Granular, programmable control. You define the exact scope of what the app is allowed to do |
| Analogy | A pre-authorized check. You write it out to a specific person (target), for an exact amount (valueLimit), and write “for deposit only” in the memo (rules). The bank will enforce all those rules |