Understanding advanced permissions
Advanced permissions let you grant limited, time-bound, and condition-based access to your tokens, allowing dapps to act within those boundaries without requiring repeated approvals.
This is made possible by ERC-7715, a standard that enables dapps to request flexible permissions instead of relying on basic token approvals.
These permissions give you more control over:
- How much of a token a dapp can use
- How often it can access your tokens
- How long the permission lasts
This helps reduce risk while enabling new use cases like subscriptions and streaming payments.
Advanced permissions are still a new standard and only appear in some dapps that support ERC-7715, unlike dapps that use basic token approvals.
How they work
ERC-7715 defines how dapps can request permissions from your account and perform actions within the limits and conditions you approve.
Instead of approving each transaction one by one, you can grant permission once with clear limits, and the dapp can act within those boundaries.
For example, you could allow an app to spend up to 10 USDC daily, and it can automatically spend within the time limit you set without requiring you to sign a transaction every day.
This relies on your MetaMask smart account capability which is enabled by default. Learn more about managing your smart account settings here.
- Spending limits (for example, up to 10 USDC)
- Recurring or periodic access (for example, a monthly allowance)
- Streaming payments (continuous transfers over time)
- Expiration dates (automatic end time)
This is an important shift as most dapps today use basic token approvals, which often:
- Grant more access than needed
- Do not expire automatically
- Require manual revocation
Advanced permissions improve this by allowing more limited, time-bound, and condition-based access.
A different request flow
Advanced permissions (ERC-7715) introduce a new interaction model where you can review a request from a dapp first before connecting your wallet or sharing your address. The dapp proposes permissions first and can only act after you’ve granted access.
This results in a smoother and safer experience since you can grant flexible, controlled access and let the dapp act within those limits without repeated popups.
If you’re developing an app, you can use advanced permissions to request flexible, condition-based access. Learn how to implement ERC-7715 permissions here for a smoother user experience.
This unlocks examples like subscriptions and recurring payments that work natively onchain, as well as trading strategies like passive investments or limit orders that execute without requiring a signature each time.
FAQs
What does “total exposure” mean?
Total exposure is the maximum amount of tokens a dapp can access within a permission. Example: 25 USDC over the course of 1 month.
Do I need a smart account to use advanced permissions?
Yes. Advanced permissions rely on smart account functionality. Smart accounts are enabled by default, but if disabled, MetaMask will prompt you to upgrade your account when permissions are requested.
Learn more about managing your smart account settings here.
Can I revoke advanced permissions?
Yes. You can revoke permissions at any time or let them expire automatically if an expiration date is set. Navigate to ‘Dapp connections’ in the menu to manage your permissions.
What is ERC-7715?
ERC-7715 is the standard that powers advanced permissions. It defines how dapps can request permissions from your account and perform actions within the limits and conditions you approve.