Grants permission for an application to access user data with gasless transactions.
The permission grant configuration object
A Promise that resolves to the transaction hash when successfully submitted
This method combines signature creation and gasless submission for a complete end-to-end permission grant flow. It creates the grant file, stores it on IPFS, generates an EIP-712 signature, and submits via relayer. The grant file contains detailed parameters while the blockchain stores only a reference to enable efficient permission queries.
Prepares a permission grant with preview before signing.
The permission grant parameters
A promise resolving to a preview object and confirm function
This method implements a two-phase commit workflow that allows applications
to show users a preview of what they're authorizing before requesting a signature.
Unlike createAndSign(), this method does NOT upload to IPFS or prompt for signatures
until the returned confirm() function is called.
const { preview, confirm } = await vana.permissions.prepareGrant({
grantee: "0x742d35Cc6558Fd4D9e9E0E888F0462ef6919Bd36",
operation: "llm_inference",
files: [1, 2, 3],
parameters: { model: "gpt-4", prompt: "Analyze my social media data" }
});
console.log(`Granting ${preview.operation} access to ${preview.files?.length} files`);
const transactionHash = await confirm();
Creates typed data and signature for a permission grant without submitting.
The permission grant configuration object
A promise resolving to the typed data structure and signature for gasless submission
This method handles the first phase of permission granting: creating the grant file, storing it on IPFS, and generating the user's EIP-712 signature. Use this when you want to handle submission separately or batch multiple operations. The method validates the grant file against the JSON schema before creating the signature.
For interactive user flows, consider using prepareGrant() instead,
which allows showing a preview before signing.
Submits an already-signed permission grant to the blockchain.
The EIP-712 typed data structure for the permission grant
The user's signature as a hex string
A Promise that resolves to the transaction hash
Submits an already-signed trust server transaction to the blockchain. This method extracts the trust server input from typed data and submits it directly.
The EIP-712 typed data for TrustServer
The user's signature
Promise resolving to the transaction hash
Submits an already-signed permission revoke transaction to the blockchain. This method handles the revocation of previously granted permissions.
The EIP-712 typed data for PermissionRevoke
The user's signature
Promise resolving to the transaction hash
Submits an already-signed untrust server transaction to the blockchain. This method handles the removal of trusted servers.
The EIP-712 typed data for UntrustServer
The user's signature
Promise resolving to the transaction hash
Revokes a previously granted permission.
Parameters for revoking the permission
Promise resolving to transaction hash
// Revoke a permission by its ID
const txHash = await vana.permissions.revoke({
permissionId: 123n
});
console.log('Permission revoked in transaction:', txHash);
// Wait for confirmation if needed
const receipt = await vana.core.waitForTransaction(txHash);
console.log('Revocation confirmed in block:', receipt.blockNumber);
Revokes a permission with a signature (gasless transaction).
Parameters for revoking the permission
Promise resolving to transaction hash
Gets on-chain permission grant data without expensive off-chain resolution.
Options for retrieving permissions (limit, subgraph URL)
A Promise that resolves to an array of OnChainPermissionGrant objects
This method provides a fast, performance-focused way to retrieve permission grants
by querying only the subgraph without making expensive IPFS or individual contract calls.
It eliminates the N+1 query problem of the legacy getUserPermissions() method.
The returned data contains all on-chain information but does NOT include resolved
operation details, parameters, or file IDs. Use retrieveGrantFile() separately
for specific grants when detailed data is needed.
Performance: Completes in ~100-500ms regardless of permission count. Reliability: Single point of failure (subgraph) with clear RPC fallback path.
// Fast: Get all on-chain permission data
const grants = await vana.permissions.getUserPermissionGrantsOnChain({ limit: 20 });
// Display in UI immediately
grants.forEach(grant => {
console.log(`Permission ${grant.id}: ${grant.grantUrl}`);
});
// Lazy load detailed data for specific permission when user clicks
const grantFile = await retrieveGrantFile(grants[0].grantUrl);
console.log(`Operation: ${grantFile.operation}`);
console.log(`Parameters:`, grantFile.parameters);
Gets all permission IDs for a specific file.
The file ID to query permissions for
Promise resolving to array of permission IDs
Gets all file IDs associated with a permission.
The permission ID to query files for
Promise resolving to array of file IDs
Checks if a permission is active.
The permission ID to check
Promise resolving to boolean indicating if permission is active
Gets permission details from the contract.
The permission ID to query
Promise resolving to permission info
Trusts a server for data processing.
Parameters for trusting the server
Promise resolving to transaction hash
// Trust a server by providing its ID and URL
const txHash = await vana.permissions.trustServer({
serverId: '0x742d35Cc6634C0532925a3b8D4C9db96C4b4d8b6',
serverUrl: 'https://myserver.example.com'
});
console.log('Server trusted in transaction:', txHash);
// Verify the server was added to trusted list
const trustedServers = await vana.permissions.getTrustedServers();
console.log('Trusted servers:', trustedServers.length);
Trusts a server using a signature (gasless transaction).
Parameters for trusting the server
Promise resolving to transaction hash
Untrusts a server.
Parameters for untrusting the server
Promise resolving to transaction hash
Untrusts a server using a signature (gasless transaction).
Parameters for untrusting the server
Promise resolving to transaction hash
Gets all servers trusted by a user.
OptionaluserAddress: `0x${string}`Optional user address (defaults to current user)
Promise resolving to array of trusted server addresses
Gets server information by server ID.
Server address
Promise resolving to server information
Gets the total count of trusted servers for a user.
OptionaluserAddress: `0x${string}`Optional user address (defaults to current user)
Promise resolving to the number of trusted servers
Gets trusted servers with pagination support.
Query options including pagination parameters
Promise resolving to paginated trusted servers
Gets trusted servers with their complete information.
Query options
Promise resolving to array of trusted server info
Gets server information for multiple servers efficiently.
Array of server IDs to query
Promise resolving to batch result with successes and failures
Checks whether a specific server is trusted by a user.
Server ID to check
OptionaluserAddress: `0x${string}`Optional user address (defaults to current user)
Promise resolving to server trust status
Manages gasless data access permissions and trusted server registry operations.
Remarks
This controller enables users to grant applications access to their data without paying gas fees. It handles the complete EIP-712 permission flow including signature creation, IPFS storage of permission details, and gasless transaction submission. The controller also manages trusted servers that can process user data and provides methods for revoking permissions when access is no longer needed.
All permission operations support both gasless transactions via relayers and direct blockchain transactions. Grant files containing detailed permission parameters are stored on IPFS while permission references are recorded on the blockchain.
Example
See
[URL_PLACEHOLDER] | Vana Permissions System for conceptual overview