// PDA Seeds: ['pre-authorization', token_account, debit_authority]
pub struct PreAuthorization {
pub bump: u8, // The canocial bump in the PDA seed
pub paused: bool, // Set to true if the pre-authorization is paused
pub token_account: Pubkey, // The account from which funds can be debited
pub variant: PreAuthorizationVariant, // Recurring or One-Time variant (see below)
pub debit_authority: Pubkey, // The authority that needs to sign to debit via the pre-auth
pub activation_unix_timestamp: i64, // The timestamp at which this pre-auth becomes debitable
}
pub enum PreAuthorizationVariant {
OneTime {
amount_authorized: u64, // Total amount that can be debited via this pre-auth
expiry_unix_timestamp: i64, // Any debits should occur before this timestamp
amount_debited: u64, // Tracks total debited so far via this pre-auth
},
Recurring {
repeat_frequency_seconds: u64, // The time period between cycles
recurring_amount_authorized: u64, // Total amount that can be debited via this pre-auth in each cycle
amount_debited_last_cycle: u64, // Tracks amount debited in the "last_debited_cycle" (see below)
amount_debited_total: u64, // Tracks total amount debited via this pre-auth
last_debited_cycle: u64, // Tracks the cycle in which the last debit occured via this pre-auth
// None: infinite recurring
// Some(n): approved for n cycles from activation,
num_cycles: Option<u64>, // Set this to limit duration of the recurring pre-auth
// true: amount authorized is reset to "recurring_amount_authorized" each cycle
// false: unused amounts from prev. cycles carries forward to new cycles
reset_every_cycle: bool, // WARNING: setting this to false will cause the "recurring_amount_authorized" to accumulate across cycles
},
}
This account let's the token account owner express 2 types of pre-authorizations:
One-time
Recurring
One-time pre-auths allow the debit authority to debit the authorized amount in the given window between activation and expiry (can be done in one IX or in batches).
Recurring pre-auths allow the debit authority to debit the authorized amount in each cycle. If the reset_every_cycle flag is set to false, the unused authorized amount will accrue across cycles until expiry (i.e. num_cycles). Note that if there is no cycle limit and this flag is set to false, the amount available to the debit authority will increase forever, so proceed with caution if you decide to configure it with those parameters.
The Pre Authorization account () is the on-chain representation of a pre-authorization created for a token account by its owner and is debitable by a specific debit authority. Note that this entity is tied to a token account and NOT it's owner. This means that if you (as a token account owner) create a pre-authorization and then transfer the token account itself to someone else, this pre-authorization WILL be propagated also BUT it will not be active due to where the delegate is unset by the SPL Token program. Hence, the new owner has to set the delegate to the smart-delegate once again to re-activate all the pre-authorizations and so the funds are not at risk in the interim.
A pre-authorization can be created by the and it can be deactivated simply by closing it via the .
Multiple pre-authorizations for the same signer can be created by leveraging created from the master signer as unique derived debit authorities. Our SDK (WIP) will expose helper methods to do so.