Aegis

User-to-Agent Delegation

Users delegate a gas budget and scoped permissions to an agent. The agent receives sponsored execution when acting within the delegation; the user's wallet pays (via the delegated budget), not the protocol.

Overview

Delegation is built on EIP-712 signatures and optional ERC-8004 agent registration. The delegator signs a message that grants an agent permission to use a gas budget under constraints (contract whitelist, function whitelist, value limits, rate limits). Aegis validates each sponsorship request against the active delegation before sponsoring.

Bearer token required
All delegation API endpoints (create, list, get, revoke, usage) requireAuthorization: Bearer AEGIS_API_KEY. Use your API key when calling from a backend or store it securely when using the delegation UI.

Flow

  • Delegator creates a delegation (EIP-712 signature + POST /api/delegation).
  • Agent (or user) requests sponsorship with a delegationId; Aegis checks scope, budget, and expiry.
  • After sponsorship, delegation gas budget is deducted; usage is recorded.
  • Delegator can list delegations, view usage, or revoke (DELETE with X-Delegator-Address).

Permissions schema

Permissions are scoped: contracts (address whitelist), functions (selector whitelist), maxValuePerTx (Wei), maxGasPerTx, maxDailySpend (USD), maxTxPerDay, maxTxPerHour. Empty arrays mean "all allowed" for that category.

json
{
  "contracts": ["0x..."],
  "functions": ["0x095ea7b3"],
  "maxValuePerTx": "0",
  "maxGasPerTx": 500000,
  "maxDailySpend": 100,
  "maxTxPerDay": 50,
  "maxTxPerHour": 10
}

Create delegation (POST)

Body must include delegator, agent, permissions, gasBudgetWei, validFrom, validUntil, nonce, and EIP-712 signature. The signature is produced off-chain by the delegator's wallet.

text
POST /api/delegation
Authorization: Bearer <AEGIS_API_KEY>

{
  "delegator": "0x...",
  "agent": "0x...",
  "permissions": { "contracts": [], "functions": [], "maxValuePerTx": "0", "maxGasPerTx": 500000, "maxDailySpend": 100, "maxTxPerDay": 50, "maxTxPerHour": 10 },
  "gasBudgetWei": "1000000000000000",
  "validFrom": "2024-01-15T00:00:00.000Z",
  "validUntil": "2024-02-15T00:00:00.000Z",
  "nonce": "1",
  "signature": "0x..."
}

List delegations (GET)

Query params: delegator, agent, status (ACTIVE | REVOKED | EXPIRED | EXHAUSTED | ALL), limit, offset.

text
GET /api/delegation?delegator=0x...&agent=0x...&status=ACTIVE&limit=50&offset=0
Authorization: Bearer <AEGIS_API_KEY>

To list delegations for an agent by address: GET /api/agent/{agentAddress}/delegations.

Get delegation and usage

GET /api/delegation/[delegationId] returns the delegation. GET /api/delegation/[delegationId]/usage returns usage records (txHash, gasUsed, success, createdAt).

Revoke delegation (DELETE)

Send X-Delegator-Address header (must match the delegation's delegator) and optional body reason.

text
DELETE /api/delegation/[delegationId]
Authorization: Bearer <AEGIS_API_KEY>
X-Delegator-Address: 0x...

{ "reason": "No longer needed" }

Full request/response shapes are in the API Reference (Delegation tab). You can also use the Delegation page to list and inspect delegations (with API key).