Delegated actions

With embedded wallets, your app can request permission to take certain actions on behalf of users, without needing the user to be in the loop. These are called delegated actions. This means your app can securely interact with users' wallets directly from your servers.

Privy makes it easy to prompt your user for delegation consent or build your own UIs for this.

When delegating these permissions to your app, the user provisions a secure enclave with a key share for their embedded wallet. This enables you to trigger delegated actions by making a server call to produce a signature within the enclave. The key material used to produce this signature is secured using Shamir's secret sharing (SSS) cryptography within secure enclaves to ensure that both:

• private keys are only ever reconstituted within a secure, isolated enclave as needed to generate the signature,
• permissioned actions can only take place with the user's consent.

Users typically consent to delegated actions to enable apps to take any onchain actions on their behalf. Likewise, users always have the option to revoke delegated actions. You can read more about the system here.

Get started with delegated actions with the guides below:

Setup

Enable delegated actions and create an authorization keypair

Prompting consent

Prompt users to consent to delegated actions from their device

Configuring permissions

Configure permissions that users can grant your app

Using delegated actions

Take actions with delegated wallets like signatures, transactions, and more

Revoke delegated actions

Allow users to revoke delegated actions

Architecture

Read more about the architecture and security behind delegated actions