Overview
Autosign enables your application to send transactions automatically without requiring user confirmation for each transaction. This feature uses a dedicated signing wallet derived from the connected wallet’s signature to sign specific transactions on behalf of users, providing a seamless user experience while maintaining security through granular permission controls.Autosign is built on the Cosmos SDK’s
authz and feegrant modules, allowing
fine-grained control over which transaction types can be automatically signed
and when permissions expire.What Is the AutoSign Wallet?
The AutoSign wallet is a dedicated signer that InterwovenKit derives from the connected wallet’s signature flow. When autosign is enabled, InterwovenKit uses that derived wallet as the grantee for the authz and feegrant permissions needed to sign approved transaction types automatically. Key characteristics of the AutoSign wallet:- Separate Address: Each AutoSign wallet has its own blockchain address
- Derived Per App Origin: InterwovenKit derives the wallet from a signed message scoped to the current origin
- Managed Automatically: InterwovenKit handles derivation and wallet lifecycle in the app
- Scoped Permissions: Can only sign transactions you’ve explicitly authorized
- Time-Limited: Permissions expire after a set duration
- Revocable: Users can revoke permissions at any time
How Autosign Works
When autosign is enabled, the following process occurs:Permission Request
Your application requests permission to automatically sign specific transaction
types on specific chains. This is configured through the
enableAutoSign prop
in InterwovenKitProvider.Wallet Derivation
InterwovenKit asks the connected wallet to sign a derivation message and uses
that signature to derive a dedicated AutoSign wallet for the current app origin.
Grant Authorization
The user’s main wallet grants permission to the AutoSign wallet via Cosmos SDK’s
authz and feegrant modules:- Authz grants: Authorize the AutoSign wallet to execute specific message types
- Feegrant: Allows the AutoSign wallet to pay transaction fees on behalf of the user
Automatic Signing
When transactions match the granted permissions:
- InterwovenKit validates that the transaction message types match the grants
- InterwovenKit checks that permissions haven’t expired
- The AutoSign wallet automatically signs the transaction
- The transaction is broadcast without user interaction
Benefits
Autosign provides several key benefits for both users and developers: For users:- Seamless Experience: No need to approve every transaction manually
- Reduced Friction: Faster interactions, especially for frequent operations
- Security: Permissions are scoped, time-limited, and revocable
- Control: Users can see and manage all autosign permissions
- Better UX: Reduce transaction approval fatigue
- Flexible Permissions: Configure exactly which transaction types can be auto-signed
- Multi-Chain Support: Configure different permissions per chain
- Trust Indicators: Works with domain trust verification
Security
Autosign maintains security through several mechanisms:- Scoped Permissions: Only specific message types can be auto-signed. For
example, you might grant permission for
/minievm.evm.v1.MsgCallbut not for/cosmos.bank.v1beta1.MsgSend, ensuring the AutoSign wallet can only execute the exact operations you’ve authorized. - Time-Limited Grants: All autosign permissions have expiration dates. Users can set expiration times when enabling autosign, and permissions automatically expire, requiring re-authorization.
- Domain Trust: InterwovenKit shows security warnings for untrusted domains. Applications listed in the Initia registry are automatically trusted, while others show warnings that users can acknowledge or dismiss.
- Revocable Permissions: Users can revoke autosign permissions at any time through their wallet settings. When revoked, all grants are immediately invalidated.