Overview
Spend Permissions let you designate a trusted spender that can spend tokens on behalf of your Smart Account. After you sign the permission, the spender can initiate token spending within the limits you define. You can define limits based on token, time period and amount.Smart Accounts must have spend permissions enabled at the time of creation. You cannot create spend permissions on accounts that were created without spend permissions enabled.
- Subscription payments - Enable recurring payments for SaaS, content subscriptions, or membership fees
- Agentic payments - Control your agent’s spending limits for autonomous operations
- Algorithmic trading - Allow trading bots to execute trades within predefined limits
- Automated payouts - Schedule regular distributions or reward payments
- Allowance management - Give team members or family controlled access to funds
- Dollar-cost averaging - Automate periodic investment purchases
How Spend Permissions Work
There are two parties involved in a Spend Permission:- Account - The smart account that creates the Spend Permission and approves it onchain.
- Spender - The entity that can spend tokens on behalf of the account within the limits defined by a Spend Permission. Can be a Smart Account or a regular account.
Anatomy of a Spend Permission
These are the main components of a Spend Permission:- Spender - The entity that can spend tokens on behalf of the account.
- Token - The token that the Spend Permission is for, and the amount of that token that the Spender is allowed to spend.
- Time Period - The time period for which the Spend Permission is valid.
- Salt - A random value used to differentiate between Spend Permissions with the same parameters. The SDK will generate a random salt for you, but you can also specify your own.
- Extra Data - Arbitrary data that can be used to store additional information about the Spend Permission.
Spender
The spender is specified in thespender
field of the Spend Permission. It can be the address of any account, whether it’s a Smart Account or a regular account.
Token
The token is specified in thetoken
field of the Spend Permission, and the amount allowed to spend is specified in the allowance
field.
Spend Permissions support both native tokens and ERC-20 tokens. When using the CDP SDK, you have two options for specifying tokens:
- Convenient shortcuts - Use
"eth"
for native ETH or"usdc"
for USDC, and the SDK will handle the conversion to the correct token address. This shortcut is only supported on Base or Base Sepolia. - ERC-20 contract addresses - For other tokens, specify the token contract address as a string (e.g.,
"0x4200000000000000000000000000000000000006"
for WETH).
allowance
field, using the smallest unit of the token. For example, if the token is ETH, the allowance is specified in wei, and if the token is USDC, the allowance is specified in the smallest unit of USDC (6 decimals).
Time Period
The time period is specified using theperiodInDays
field for simple day-based periods, or the period
, start
and end
fields for more complex time controls.
The periodInDays
field provides a convenient way to specify common time periods (e.g., periodInDays: 1
for daily limits, periodInDays: 7
for weekly limits).
For more advanced control, the start
and end
fields specify when the Spend Permission is valid. This means that the Spender can spend the amount specified in the allowance
field after the start
time and before the end
time; attempting to spend outside of this time range will fail.
The
period
field specifies a rolling window of time in seconds in which the Spender can spend the amount specified in the allowance
field. This allows you specify things like “the Spender can spend up to 0.00001 ETH per day” or “the Spender can spend up to 100 USDC per week”.Creating a Spend Permission
Here’s how to create a spend permission that allows a spender to withdraw up to 0.00001 ETH per day:Creating Spend Permissions is currently only supported on CDP Smart Accounts owned by CDP Server Wallets.
ERC-20 Token Permissions
To create spend permissions for ERC-20 tokens other than USDC, specify the token contract address:Using a Spend Permission
Once a spend permission is created, the designated spender can spend tokens on behalf of the account within the defined limits:Managing Spend Permissions
Listing Spend Permissions
ThelistSpendPermissions
method works differently depending on whether you’re querying as the Account or as the Spender:
As the Account
When listing as the Account, you see all spend permissions you’ve granted to various spenders:As the Spender
When listing as the Spender, you must query spend permissions granted by the account whose tokens you want to spend. You can then filter the results to find the spend permission you want to use.Revoking Spend Permissions
You can revoke a Spend Permission using therevokeSpendPermission
method:
Spend Permissions vs. Policies
At its core, a Spend Permission enables a spender to spend tokens on behalf of an account within a specified time period and amount. The tokens can be native ETH or an ERC-20 token. This section explores the differences between Spend Permissions and CDP Policies.Spend Permissions | Policies | |
---|---|---|
Evaluation Environment | Evaluated entirely onchain through smart contracts, providing transparency and decentralization | Evaluated within Coinbase’s trusted infrastructure using TEE technology, providing secure off-chain evaluation |
Scope and Flexibility | Specifically designed for spending assets on EVM chains | Can be applied to any arbitrary transaction type, giving full control over allowed transactions |
Platform Support | Only available on EVM chains | Available on both EVM chains and Solana |
Account Scope | Can grant permissions to any account onchain, including accounts outside your CDP project | Govern accounts within your CDP project only |
Best Practices
- Set Reasonable Limits - Use the minimum allowance necessary for your use case
- Define Time Boundaries - Set appropriate start and end times to limit exposure
- Monitor Usage - Track spending activity to detect any unusual behavior
- Revoke When Necessary - Implement logic to revoke permissions when no longer needed
Supported Networks
Spend Permissions are currently supported on: Testnets:- Base Sepolia
- Ethereum Sepolia
- Base
- Ethereum
- Optimism
- Arbitrum
- Polygon
- Avalanche
The Spend Permission Manager contract is deployed at
0xf85210B21cC50302F477BA56686d2019dC9b67Ad
on all supported networks.What to read next
- Smart Accounts: Learn more about ERC-4337 Smart Accounts
- Gas Sponsorship: Sponsor gas fees for your users’ transactions