Smart Session Manager

Rhinestone and Biconomy co-developed the Smart Session Manager. It is highly customizable, and compatible with ERC-771.

The Smart Session Manager’s design separates policies and validators. This allows for a much more composable developer experience, where session keys can be configured by reusing existing policies and validators.

Below is an overview of the Smart Session Manager architecture:

A Policy is a defined permission, such as a gas limit, spending limit, or a whitelist of contract addresses. The (Stateless) Validator is a signing mechanism, such as an ECDSA validator (EOA), MPC, passkeys, etc. The Smart Session Manager stores validator IDs, which map to an IValidator contract that verifies signatures and an IPolicy contract that validates policies.

Each Smart Session, created by Coinrule and approved by the user, has a corresponding validator ID. When a transaction is triggered against a specific validator ID, the policies are looped over, and the session key signatures are verified against the signing mechanism.

Composability emerges here because a specific Policy and Validator (Coinrule) only needs to be written once and can be reused anytime a Rule/Strategy condition is met to execute a trade.