> For the complete documentation index, see [llms.txt](/llms.txt). # Perform executions on a MetaMask user's behalf [Advanced Permissions (ERC-7715)](/smart-accounts-kit/development/concepts/advanced-permissions/) are fine-grained permissions that your dapp can request from a MetaMask user to execute transactions on their behalf. For example, a user can grant your dapp permission to spend 10 USDC per day to buy ETH over the course of a month. Once the permission is granted, your dapp can use the allocated 10 USDC each day to purchase ETH directly from the MetaMask user's account. In this guide, you'll request an ERC-20 periodic transfer permission from a MetaMask user to transfer 1 USDC every day on their behalf. ## Prerequisites[​](#prerequisites "Direct link to Prerequisites") - [Install and set up the Smart Accounts Kit.](/smart-accounts-kit/development/get-started/install/) - [Install MetaMask Flask 13.5.0 or later.](/snaps/get-started/install-flask/) ## Steps[​](#steps "Direct link to Steps") ### 1. Set up a Wallet Client[​](#1-set-up-a-wallet-client "Direct link to 1. Set up a Wallet Client") Set up a Wallet Client using Viem's [createWalletClient](https://viem.sh/docs/clients/wallet) function. This client will help you interact with MetaMask Flask. Then, extend the Wallet Client functionality using `erc7715ProviderActions`. These actions enable you to request [Advanced Permissions](/smart-accounts-kit/development/reference/glossary#advanced-permissions)**Advanced Permissions** Fine-grained, wallet execution permissions that dapps can request from MetaMask extension users. Based on ERC-7715. from the user. ``` import { createWalletClient, custom } from 'viem' import { erc7715ProviderActions } from '@metamask/smart-accounts-kit/actions' const walletClient = createWalletClient({ transport: custom(window.ethereum), }).extend(erc7715ProviderActions()) ``` ### 2. Set up a Public Client[​](#2-set-up-a-public-client "Direct link to 2. Set up a Public Client") Set up a Public Client using Viem's [createPublicClient](https://viem.sh/docs/clients/public) function. This client will help you query the account state and interact with the blockchain network. ``` import { createPublicClient, http } from 'viem' import { sepolia as chain } from 'viem/chains' const publicClient = createPublicClient({ chain, transport: http(), }) ``` ### 3. Set up a session account[​](#3-set-up-a-session-account "Direct link to 3. Set up a session account") Set up a session account, which can be either a smart account or an [EOA](/smart-accounts-kit/development/reference/glossary#externally-owned-account-eoa)**Externally owned account (EOA)** A private-key-controlled account with no built-in programmable execution logic., to request [Advanced Permissions](/smart-accounts-kit/development/reference/glossary#advanced-permissions)**Advanced Permissions** Fine-grained, wallet execution permissions that dapps can request from MetaMask extension users. Based on ERC-7715.. The requested permissions are granted to the session account, which is responsible for executing transactions on behalf of the user. - Smart account - EOA ``` import { privateKeyToAccount } from 'viem/accounts' import { toMetaMaskSmartAccount, Implementation } from '@metamask/smart-accounts-kit' const privateKey = '0x...' const account = privateKeyToAccount(privateKey) const sessionAccount = await toMetaMaskSmartAccount({ client: publicClient, implementation: Implementation.Hybrid, deployParams: [account.address, [], [], []], deploySalt: '0x', signer: { account }, }) ``` ``` import { privateKeyToAccount } from 'viem/accounts' import { sepolia as chain } from 'viem/chains' import { createWalletClient, http } from 'viem' const sessionAccount = privateKeyToAccount('0x...') ``` ### 4. Check the EOA account code[​](#4-check-the-eoa-account-code "Direct link to 4. Check the EOA account code") With MetaMask Flask 13.9.0 or later, Advanced Permissions support automatically upgrading a user's account to a [MetaMask smart account](/smart-accounts-kit/development/concepts/smart-accounts/). On earlier versions, upgrade the user to a smart account before requesting Advanced Permissions. If the user has not yet been upgraded, you can handle the upgrade [programmatically](/metamask-connect/evm/guides/send-transactions/batch-transactions/) or ask the user to [switch to a smart account manually](https://support.metamask.io/configure/accounts/switch-to-or-revert-from-a-smart-account/#how-to-switch-to-a-metamask-smart-account). Why is a Smart Account upgrade is required? MetaMask's Advanced Permissions (ERC-7715) implementation requires the user to be upgraded to a MetaMask Smart Account because, under the hood, you're requesting a signature for an [ERC-7710 delegation](/smart-accounts-kit/development/concepts/delegation/overview/). ERC-7710 delegation is one of the core features supported only by MetaMask Smart Accounts. ``` import { getSmartAccountsEnvironment } from '@metamask/smart-accounts-kit' import { sepolia as chain } from 'viem/chains' const addresses = await walletClient.requestAddresses() const address = addresses[0] // Get the EOA account code const code = await publicClient.getCode({ address, }) if (code) { // The address to which EOA has delegated. According to EIP-7702, 0xef0100 || address // represents the delegation. // // You need to remove the first 8 characters (0xef0100) to get the delegator address. const delegatorAddress = `0x${code.substring(8)}` const statelessDelegatorAddress = getSmartAccountsEnvironment(chain.id).implementations .EIP7702StatelessDeleGatorImpl // If account is not upgraded to MetaMask smart account, you can // either upgrade programmatically or ask the user to switch to a smart account manually. const isAccountUpgraded = delegatorAddress.toLowerCase() === statelessDelegatorAddress.toLowerCase() } ``` ### 5. Request Advanced Permissions[​](#5-request-advanced-permissions "Direct link to 5. Request Advanced Permissions") Request Advanced Permissions from the user with the Wallet Client's `requestExecutionPermissions` action. In this example, you'll request an [ERC-20 periodic permission](/smart-accounts-kit/development/guides/advanced-permissions/use-permissions/erc20-token/#erc-20-periodic-permission). See the [requestExecutionPermissions](/smart-accounts-kit/development/reference/advanced-permissions/wallet-client/#requestexecutionpermissions) API reference for more information. ``` import { sepolia as chain } from 'viem/chains' import { parseUnits } from 'viem' // Since current time is in seconds, we need to convert milliseconds to seconds. const currentTime = Math.floor(Date.now() / 1000) // 1 week from now. const expiry = currentTime + 604800 // USDC address on Ethereum Sepolia. const tokenAddress = '0x1c7D4B196Cb0C7B01d743Fbc6116a902379C7238' const grantedPermissions = await walletClient.requestExecutionPermissions([ { chainId: chain.id, expiry, // The requested permissions will granted to the // session account. to: sessionAccount.address, permission: { type: 'erc20-token-periodic', data: { tokenAddress, // 10 USDC in WEI format. Since USDC has 6 decimals, 10 * 10^6 periodAmount: parseUnits('10', 6), // 1 day in seconds periodDuration: 86400, justification: 'Permission to transfer 10 USDC every day', }, isAdjustmentAllowed: true, }, }, ]) ``` ### 6. Set up a Viem client[​](#6-set-up-a-viem-client "Direct link to 6. Set up a Viem client") Set up a Viem client depending on your session account type. For a smart account, set up a Bundler Client using Viem's [createBundlerClient](https://viem.sh/account-abstraction/clients/bundler) function. This lets you use the [bundler](/smart-accounts-kit/development/reference/glossary#bundler)**Bundler** An ERC-4337 component that manages the alternate mempool: it collects user operations from smart accounts, packages them, and submits them to the network. service to estimate gas for user operations and submit transactions to the network. For an EOA, set up a Wallet Client using Viem's [createWalletClient](https://viem.sh/docs/clients/wallet) function. This lets you send transactions directly to the network. The toolkit provides public actions for both of the clients which can be used to redeem Advanced Permissions, and execute transactions on a user's behalf. - Smart account - EOA ``` import { createBundlerClient } from 'viem/account-abstraction' import { erc7710BundlerActions } from '@metamask/smart-accounts-kit/actions' const bundlerClient = createBundlerClient({ client: publicClient, transport: http('https://your-bundler-rpc.com'), // Allows you to use the same Bundler Client as paymaster. paymaster: true, }).extend(erc7710BundlerActions()) ``` ``` import { createWalletClient, http } from 'viem' import { erc7710WalletActions } from '@metamask/smart-accounts-kit/actions' import { sepolia as chain } from 'viem/chains' const sessionAccountWalletClient = createWalletClient({ account: sessionAccount, chain, transport: http(), }).extend(erc7710WalletActions()) ``` ### 7. Redeem Advanced Permissions[​](#7-redeem-advanced-permissions "Direct link to 7. Redeem Advanced Permissions") The session account can now redeem the permissions. The redeem transaction is sent to the `DelegationManager` contract, which validates the delegation and executes actions on the user's behalf. To redeem the permissions, use the client action based on your session account type. A smart account uses the Bundler Client's `sendUserOperationWithDelegation` action, and an EOA uses the Wallet Client's `sendTransactionWithDelegation` action. See the [sendUserOperationWithDelegation](/smart-accounts-kit/development/reference/erc7710/bundler-client/#senduseroperationwithdelegation) and [sendTransactionWithDelegation](/smart-accounts-kit/development/reference/erc7710/wallet-client/#sendtransactionwithdelegation) API reference for more information. - Smart account - EOA - config.ts ``` import { calldata } from './config.ts' // These properties must be extracted from the permission response. const permissionContext = grantedPermissions[0].context const delegationManager = grantedPermissions[0].delegationManager // USDC address on Ethereum Sepolia. const tokenAddress = '0x1c7D4B196Cb0C7B01d743Fbc6116a902379C7238' // Calls without permissionContext and delegationManager will be executed // as a normal user operation. const userOperationHash = await bundlerClient.sendUserOperationWithDelegation({ publicClient, account: sessionAccount, calls: [ { to: tokenAddress, data: calldata, permissionContext, delegationManager, }, ], // Appropriate values must be used for fee-per-gas. maxFeePerGas: 1n, maxPriorityFeePerGas: 1n, }) ``` ``` import { calldata } from './config.ts' // These properties must be extracted from the permission response. const permissionContext = grantedPermissions[0].context const delegationManager = grantedPermissions[0].delegationManager // USDC address on Ethereum Sepolia. const tokenAddress = '0x1c7D4B196Cb0C7B01d743Fbc6116a902379C7238' const transactionHash = await sessionAccountWalletClient.sendTransactionWithDelegation({ to: tokenAddress, data: calldata, permissionContext, delegationManager, }) ``` ``` import { encodeFunctionData, erc20Abi, parseUnits } from 'viem' export const calldata = encodeFunctionData({ abi: erc20Abi, args: [sessionAccount.address, parseUnits('1', 6)], functionName: 'transfer', }) ``` ## Next steps[​](#next-steps "Direct link to Next steps") - See how to [get the supported execution permissions](/smart-accounts-kit/development/guides/advanced-permissions/get-supported-permissions/). - See how to configure different [ERC-20 token permissions](/smart-accounts-kit/development/guides/advanced-permissions/use-permissions/erc20-token/) and [native token permissions](/smart-accounts-kit/development/guides/advanced-permissions/use-permissions/native-token/).