> For the complete documentation index, see [llms.txt](https://shinkalabs.gitbook.io/hub/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://shinkalabs.gitbook.io/hub/andromeda/guides/session-keys.md). # Session keys A session key is a temporary, scoped key over a dWallet. The limits are enforced on-chain by the [`session-keys`](/hub/andromeda/guides/deploy-policy/session-keys.md) policy program, so the delegate can do exactly what you allowed and nothing more. This is how you let a bot or an agent sign on behalf of a wallet without giving it full control. {% hint style="info" %} Session-key endpoints require an API key with the `admin` scope. Exact bodies are in the [OpenAPI spec](https://api.andromedainfra.pro/openapi.json). {% endhint %} ## What a session bounds * **Expiry**: a Solana slot after which the session no longer signs. * **Max uses**: a hard cap on the number of signatures the session can produce. * **Max amount per transaction**: the largest value any single signed transaction may move. * **Allowed destination programs**: the only programs the session may sign for. The program checks all of these on every signature. A request that violates any limit is rejected on-chain. ## Many sessions, each replay-safe A dWallet can have a large number of concurrent sessions (up to about 2^32). Each session has its own monotonic replay nonce, and the nonce binds together the message digest, the amount, the destination program and the signature nonce, so a signed action from one session cannot be replayed in a different context. ## Lifecycle 1. **Create** a session with its limits. Follow the [policy lifecycle](/hub/andromeda/guides/deploy-policy.md): preview, then deploy (sign and submit the returned transaction). 2. **Use** it: the delegate signs through the normal signing endpoints; the policy program enforces the session's bounds. 3. **Inspect** sessions: read the policy state with `GET .../{dwalletAddress}`. 4. **Revoke** a session before its expiry by updating the policy through its change/admin flow, or let it expire. ## On-chain guarantees * Every limit is enforced by the program that holds the dWallet authority. The API cannot exceed them. * The replay nonce makes each signed action single-use in its context. * The PDA is seeded with an init-authority hash, so the address cannot be front-run. ## When to use it * Trading bots: a key that expires, with a per-trade cap and a fixed venue list. * AI agents: a key that can sign small amounts to known programs for a bounded time. * Any delegation that should be revocable, time-boxed, capped and scoped. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://shinkalabs.gitbook.io/hub/andromeda/guides/session-keys.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.