Smart Wallet UX
Tutorial - Real-World Integration
Building a Session Key for a dApp.
Tutorial: Building a Session Key
In this tutorial, we will enable a "One-Click Trading" mode for a DEX.
Goal: Allow a temporary key to swap on Uniswap, but limiting volume to 1000 USDC.
Treat sessions like ephemeral permissions
Set short expiries and tight scopes so keys expire quickly if leaked.
Step 1: Write the Session Policy
session.matador:
import "abis/UniswapRouter.json" as Uniswap;
permission SessionKeyGuard -> 1.0.0 {
parameters: {
sessionKey: address,
router: address,
maxAmountIn: uint256,
expiresAt: uint256
}
when: {
context.caller == parameters.sessionKey,
context.timestamp < parameters.expiresAt,
context.target == parameters.router,
Uniswap.exactInputSingle(params: tuple),
calldata.params.amountIn <= parameters.maxAmountIn
}
}Step 2: Compile
matador compile session.matador --out ./outStep 3: Install on Account
The user approves the session by installing the policy on their Smart Account.
// Frontend Code
const sessionKey = generatePrivateKey(); // Created in browser memory
const policyBytecode = await compilePolicy(sessionKey.address);
// User signs this once
await kernelClient.installPolicy(policyBytecode);Step 4: Execute
The user clicks "Swap".
- No Popup: The browser signs the tx with
sessionKey. - Matador: Verifies key, time, and volume. Approved.
Result
A Web2-like experience with Web3 self-custody.