Skip to main content
Restrict when a session function can be called. Attach the policy at the function level.
const session = toSession({
  chain: base,
  owners: {
    type: 'ecdsa',
    accounts: [sessionOwnerAccount],
  },
  permissions: [
    {
      abi: erc20Abi,
      address: usdcAddress,
      functions: {
        transfer: {
          validAfter: new Date(),
          validUntil: new Date(Date.now() + 1000 * 60 * 60 * 24),
        },
      },
    },
  ],
})
This limits the function to a 24-hour window.