Skip to main content

Authorization

Inside each checks-deferrable call function, an onBehalfOfAccount must be specified. The function will determine whether or not msg.sender is authorized to perform operations on this account:

  • If msg.sender has never before interacted with the EVC, if it shares the first 19 bytes with the onBehalfOfAccount, then onBehalfOfAccount is considered to be a sub-account of msg.sender and therefore msg.sender is authorized. Upon that first interaction with the EVC, msg.sender address is stored in EVC's storage as an owner of the group of 256 accounts having the same first 19 bytes
  • If msg.sender has interacted with the EVC before and it shares the first 19 bytes with the onBehalfOfAccount, its address is supposed to match the one stored in the EVC's storage. If it does, then it is authorized
  • If msg.sender has previously been authorized as an operator for the onBehalfOfAccount, it is authorized
  • If the msg.sender is the EVC itself, then this must be from the permit function and the effective sender is taken from the execution context
  • In all other cases, the caller is invalid, and the entire transaction will fail