You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: CAIPs/caip-25.md
+7-5Lines changed: 7 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -46,10 +46,12 @@ Note that wallets NOT returning `sessionId`s MUST implement additional methods a
46
46
* [`wallet_sessionChanged`][CAIP-311] to notify caller of updated session authorizations.
47
47
48
48
After a session is established between wallet and caller, subsequent `wallet_createSession` calls can be used to update the properties and authorization scopes of the session.
49
-
- When a `sessionId` is returned in the initial `wallet_createSession` response, subsequent `wallet_createSession` calls either:
49
+
- When a `sessionId` is returned in the initial `wallet_createSession` response, subsequent `wallet_createSession` calls either:
50
50
- include a previously used `sessionId` on the root of the request meaning this request is intended to modify that session, or
51
51
- do not include a `sessionId`, in which case a new session is created - the respondent generates a new `sessionId` and sends it with the success response - and the previous session dangles in parallel (until its expiration, if applicable), though maintaining concurrent sessions is discouraged (see Security Considerations).
52
-
- When the wallet does not provide a `sessionId` in its initial response, subsequent `wallet_createSession` calls overwrite the previous singular session between caller and wallet.
52
+
- When the wallet does not provide a `sessionId` in its initial response, subsequent `wallet_createSession` calls target the previous singular session between caller and wallet.
53
+
- Wallets MAY interpret the intent of subsequent scope requests as adding to or overwriting of existing permissions
54
+
- Users MAY choose to grant a subset, superset, or entirely different set of permissions
53
55
54
56
When a user wishes to update the authorizations of an active session from within the wallet, the wallet should notify the caller of the changes with a [`wallet_sessionChanged`][CAIP-311] notification.
55
57
@@ -119,7 +121,7 @@ Example:
119
121
},
120
122
"scopedProperties": {
121
123
"eip155:42161": {
122
-
"extension_foo":"bar"
124
+
"extension_foo":"bar"
123
125
}
124
126
},
125
127
"sessionProperties": {
@@ -210,7 +212,7 @@ An example of a successful response follows:
210
212
"cosmos": {
211
213
...
212
214
}
213
-
},
215
+
},
214
216
"scopedProperties": {
215
217
"eip155:42161": {
216
218
"walletExtensionConfig": {
@@ -296,7 +298,7 @@ Regardless of caller trust level, the following error responses can reduce frict
296
298
- message = "Unknown notification(s) requested"
297
299
- When a badly-formed request defines one `chainId` two ways
298
300
- code = 5204
299
-
- message = "ChainId defined in two different scopes"
301
+
- message = "ChainId defined in two different scopes"
0 commit comments