Biontbiont
Pipoke

Session Keys

Session keys make posting silent. Instead of a wallet popup on every post, like, and reply, you authorize a session key once and then feed actions go through without a prompt.

Pipoke runs on Octra Devnet today. Any fee, price, or limit referred to here is a contract setting chosen for testing. Every one is owner-settable, and mainnet values will be different. These docs describe how the mechanics work, not what the numbers are.

#The problem session keys solve

Every feed action is an on-chain transaction, and by default every transaction needs a wallet signature. Posting, liking, and replying through a popup each time is slow. Session keys move that friction to a single one-time approval.

#How a session key works

A session key is a fresh keypair generated in your browser. You sign one wallet transaction to register that key as your delegate, and from then on the key signs feed transactions for you.

SessionRegistry is the contract that holds the link.

SessionRegistry.register_session(session, expiry_epoch)
SessionRegistry.revoke_session(session)
SessionRegistry.is_valid_for(session, claimed_principal)

register_session binds a session key address to you (the caller becomes the principal) with an expiry epoch. The registry caps that expiry at 500,000 epochs out from registration. When a feed action arrives signed by the session key, the feed shard calls is_valid_for(session, claimed_principal) to confirm the key really represents the wallet it claims to, and that it has not expired. If the check passes, the action is recorded under your wallet, not the session key.

Your posts, likes, and dedupe state all key off your wallet, so it makes no difference which key submitted the transaction.

#The one-time setup

When you connect and enable silent posting, the app generates the session keypair, stores its seed in the browser, and bundles one wallet popup that does three things:

  1. Register the session key on SessionRegistry with an expiry epoch.
  2. Grant a POKE allowance to the feed so action fees can be charged.
  3. Fund the session key with a small amount of OCT so it can pay transaction gas.

After that single approval, posting is silent for the life of the session.

#Gas funding

The session key signs its own transactions, so it needs OCT to pay gas. The setup popup sends it a small OCT float. As you post, that float draws down. When it runs low, the app prompts you for a top-up. The float is kept deliberately small, so a compromised session key can only ever spend a little OCT.

#Expiry and revocation

A session key has a fixed expiry epoch set at registration. Once the current epoch passes the expiry, is_valid_for returns false and the key stops working. To keep posting silently, you register a new key.

You can also end a session early. revoke_session clears the key's binding immediately, and the app wipes the stored seed from the browser. Logging out does both.

#What session keys do not cover

Session keys cover feed actions only: posts, replies, reposts, and likes, plus poke tips. They deliberately do not cover everything.

Direct messages and group messages always require a wallet signature. Messaging is a private, consequential action and stays gated behind explicit wallet approval. See Messaging.

Bonding and unbonding a biont always require a wallet signature. That action routes real economic value, so it is never delegated to a session key. See The biont bridge.

The main safety brake on a session key is the POKE allowance you grant: a session key can never pull more POKE than that allowance, and it only ever holds a tiny OCT float.

PreviousMarketsNext The Biont Bridge