Live on Mainnet & Devnet

Sign Once.
Transact Forever.

The first B2B infrastructure platform for session key wallets. Your users' master key signs once — your app runs frictionlessly for hours, backed by on-chain policy enforcement across EVM and Solana.

Get API Key → Read the Docs
🎮📈🛒🏢🤖
Built for gaming, DeFi, commerce, enterprise & IoT
game-session.ts
// 1. pnpm add @sessionguard/sdk import { SessionGuardClient, AllowlistPolicy, SpendingLimitPolicy } from '@sessionguard/sdk'; const client = new SessionGuardClient({ chainId: 8453 }); const account = await client.createAccount({ owner: userWallet }); // 2. User signs ONCE — that's it const session = await client.createSession({ account, ttlSeconds: 8 * 60 * 60, // 8 hours policies: [ AllowlistPolicy({ rules: [{ target: GAME_CONTRACT }] }), SpendingLimitPolicy({ maxAmount: 5_000_000n }), ], }); // 3. Every action after ✨ NO popup, self-custodial await client.execute({ session, target: GAME_CONTRACT, data }); await client.execute({ session, target: GAME_CONTRACT, data }); await client.execute({ session, target: GAME_CONTRACT, data });
0 Solana TPS
<$0.001 Per Transaction
0 Supported Networks
0 On-Chain Policies
The Problem

Web3 UX is broken. We fix it.

Every wallet popup is a lost transaction. SessionGuard eliminates the friction without compromising custody.

Without SessionGuard
🚨Wallet popup on every single transaction — users abandon your app
🔓To automate, devs store private keys server-side — catastrophic if breached
Users confused by gas fees, networks, and raw transaction hex
⏱️Mobile UX is broken — every action requires a wallet app context switch
🤖No bots, no automation, no subscriptions — they all require custody of keys
With SessionGuard
🎯User signs once — plays, trades, shops for hours without seeing a popup
🔒Session keys are scoped, time-limited, and can't exceed on-chain policy limits
💸Developer sponsors gas — user experience is completely fee-transparent
📱Smooth native-app feel in-browser or on mobile, all self-custodial
Bots and automation run within hard guardrails enforced at the VM level
Integration

From npm install to session keys in 5 minutes

SessionGuard is an SDK + API service. No smart contract deployments, no infra to manage.

1
Install the SDK

pnpm add @sessionguard/sdk

Works with any TypeScript or JavaScript app. EVM and Solana packages are separate by choice — only import what you use.

2
Define Your Policies

Mix and match 5 on-chain policy types: spending limits, program/contract allowlists, rate limits, compute budgets, and time bounds. All enforced at the VM level — not by a server you trust.

3
Ship Frictionless UX

User's master key signs once to register the session. Your app calls execute() as many times as needed — the session key handles all subsequent signing behind the scenes.

Supported Networks
Ethereum
🔵
Base
🟣
Polygon
🔵
Arbitrum
🔴
Optimism
Solana
New
🟡
Sepolia
🌐
Devnet
On-Chain Policies

Guardrails that can't be bypassed

Every policy is enforced at the VM layer — not by a server, not by the SDK. Even a compromised session key can't exceed these limits.

💰
Spending Limit
Cap the total token value a session key can spend. Resets per session. Supports native ETH/SOL and any ERC-20 / SPL token.
EVM Solana
SpendingLimitPolicy({ maxAmount: 5_000_000n, // 5 USDC token: USDC_ADDRESS })
📋
Allowlist Policy
Restrict which contracts (EVM) or programs (Solana) the session key can call. Optionally lock to specific function selectors on EVM.
EVM Solana
AllowlistPolicy({ rules: [{ target: GAME, selector: '0x...' }] })
⏱️
Rate Limit
Limit operations per time window. Prevents runaway bots while allowing legitimate fast-paced use cases like gaming at 120 ops/min.
EVM Solana
RateLimitPolicy({ maxOps: 120, windowSeconds: 60 })
Gas / Compute Limit
Cap total gas units (EVM) or compute units (Solana) the session can consume. Prevents unintended heavy computation or gas drain attacks.
EVM Solana
ComputeLimitPolicy({ maxComputeUnits: 50_000_000n }) // 50M CUs
🕐
Time Bound
Every session has a valid window — a start time and expiry — enforced at the block timestamp level. No off-chain timers, no trust required.
EVM Solana
ttlSeconds: 8 * 60 * 60 // validAfter + validUntil // set on-chain, immutable
🔧
Custom Policies
Need something bespoke? Implement the IPolicy interface (EVM) or a Solana PDA policy account. Enterprise plans include custom policy development.
EVM Solana
See custom policy guide ↗
Market Verticals

Every app that touches digital assets is a customer

SessionGuard is horizontal infrastructure — the session key layer for every Web3 vertical.

🎮
Gaming
$3.2B market · Highest Priority
Player signs at game launch, plays for hours without popups. Studio sponsors gas. NFT trades, in-game purchases, and crafting — all instant.
Allowlist 120 ops/min 8h sessions
📈
DeFi Automation
$50B+ TVL across protocols
Users run trading bots and yield strategies within a strict spending limit. Bot can't exceed on-chain guardrails — even if compromised.
Spending Limit Rate Limit 4h windows
🛒
Commerce & Subscriptions
$1.2T subscription economy
One-click crypto checkouts and recurring USDC subscriptions — the "save card" model for Web3, fully self-custodial.
1 charge/month USDC Solana Pay
🏢
Enterprise & Treasury
$250B+ corporate crypto
CFO holds Ledger. Employees get role-scoped session keys with hard spending limits. Full on-chain audit trail, one-click emergency revoke.
Role-based Audit Trail Instant Revoke
💬
Social & Creator Economy
$250B creator economy
Browse and tip with a $10 daily budget. Every like, boost, collect, and tip is instant — no popup interrupting the scroll.
Micro-tips 200 ops/hr cNFTs
🤖
IoT & Machine Economy
$1.1T IoT market by 2028
Fleet manager provisions daily session keys for vehicles. Devices pay tolls, EV charging, and submit telemetry autonomously within hard budgets.
24h rotation 50 SOL/day limit DePIN
SDK Demo

Same API.
Two Chains.

The EVM and Solana SDKs share the same mental model — install, define policies, execute. No need to learn two completely different paradigms.

Full TypeScript types on every call
Session serialization for client persistence across page reloads
REST API fallback if you prefer HTTP over the SDK
Works in browser, Node.js, and edge runtimes
EVM Docs ↗ Solana Docs ↗
evm-session.ts
import { SessionGuardClient, AllowlistPolicy, RateLimitPolicy, SpendingLimitPolicy } from '@sessionguard/sdk'; const client = new SessionGuardClient({ chainId: 8453, // Base mainnet rpcUrl: 'https://mainnet.base.org', bundlerUrl: 'https://bundler.sessionguard.io/base', }); const account = await client.createAccount({ owner: userWallet }); const session = await client.createSession({ account, label: 'DeFi Bot Session', ttlSeconds: 4 * 60 * 60, policies: [ AllowlistPolicy({ rules: [ { target: UNISWAP_ROUTER, selector: '0x...' }, ]}), SpendingLimitPolicy({ maxAmount: 500_000_000n }), RateLimitPolicy({ maxOps: 20, windowSeconds: 3600 }), ], }); // No more wallet popups from here const receipt = await client.execute({ session, target: UNISWAP_ROUTER, data: swapCalldata, }); console.log('Tx:', receipt.transactionHash);
solana-session.ts
import { SolanaSessionGuardClient, AllowlistPolicy, SpendingLimitPolicy, ComputeLimitPolicy } from '@sessionguard/solana-sdk'; import { Keypair } from '@solana/web3.js'; const client = new SolanaSessionGuardClient({ cluster: 'mainnet-beta', rpcUrl: 'https://api.mainnet-beta.solana.com', }); const guard = await client.initializeAccount(ownerKeypair); const session = await client.createSession({ owner: ownerKeypair, guardAccount: guard, label: 'Gaming Session', ttlSeconds: 8 * 60 * 60, policies: [ AllowlistPolicy({ allowedPrograms: [GAME_PROGRAM] }), SpendingLimitPolicy({ maxAmount: 5_000_000_000n }), ComputeLimitPolicy({ maxComputeUnits: 50_000_000n }), ], }); // Ed25519 session key signs — owner never prompted again const result = await client.execute({ session, targetProgram: GAME_PROGRAM, instructionData: Buffer.from([0x01, ...payload]), }); console.log('Sig:', result.signature);
REST API
# Create a session via REST (no SDK required) POST /api/v1/sessions Authorization: Bearer sg_live_xxx Content-Type: application/json { "account": "0x...", "chainId": 8453, "ttlSeconds": 86400, "label": "Game Session", "policies": [ { "type": "spending-limit", "maxAmount": "5000000" }, { "type": "allowlist", "rules": [ { "target": "0x...", "selector": "0x..." } ]} ] } # Solana endpoint POST /api/v1/solana/sessions # Same pattern — just different chain context # Revoke instantly DELETE /api/v1/sessions/:account/:sessionKey
Why SessionGuard

How we stack up against the field

SessionGuard is the only session key infrastructure that spans both EVM and Solana under a single unified SDK — while staying non-custodial end-to-end.

Feature SessionGuard ZeroDev Biconomy Safe Permissionless
EVM session keys partial
Solana session keys
Unified cross-chain SDK
On-chain policy enforcement partial
Spending limit policy plugin
Rate limit policy partial
Gas limit policy
Allowlist policy plugin
Custom policy API partial
Fully non-custodial optional
ERC-4337 compliant
REST API (no SDK needed)
Free tier available

✓ supported — partial / plugin required — ✗ not supported. Data based on public documentation as of Q1 2026.

Security

Trustless by design. Verified on-chain.

Every security guarantee is enforced at the VM layer. Nothing relies on trusting SessionGuard's servers.

  • 🔐
    On-Chain Policy Enforcement
    Spending limits, allowlists, and rate limits are stored and checked in Solidity or Anchor. No server can override them.
  • 🗝️
    Master Key Isolation
    The user's master key signs exactly once to register a session. It never touches your server, ever.
  • Block-Level Time Bounds
    Sessions expire at the block timestamp — not a backend timer. An expired session key becomes cryptographically useless.
  • 🚫
    Instant Revocation
    Any session can be revoked in a single transaction. Effective immediately — no waiting for TTL to expire.
  • 🛡️
    Replay Protection
    ERC-4337 EntryPoint nonces on EVM, native recent-blockhash on Solana. Replayed transactions are rejected at consensus.
Execution Flow
🖥️  Your Application calls execute()
🔑  Session Key Signs not master key
⛓️  On-Chain Validation
Time bounds check (block.timestamp)
Revoked flag check
Allowlist policy
Spending limit policy
Rate limit policy
all pass
🎯  Target Contract / Program executed ✓
No server involved after session registration
Pricing

Start free. Scale as you grow.

All plans include SDK access, API keys, and both EVM and Solana support.

Free
$0
forever · no card required
  • 1,000 transactions / month
  • Devnet & Testnets only
  • SDK + REST API access
  • Both EVM and Solana SDKs
  • Community Discord support
Get started free →
Most Popular
Growth
$99
per month
  • 50,000 transactions / month
  • All chains + Solana mainnet
  • SDK + REST API access
  • Email support (48h SLA)
  • Basic analytics dashboard
  • Paymaster / fee sponsorship
Start Growth →
Scale
$499
per month
  • 500,000 transactions / month
  • All chains + Solana mainnet
  • Priority support (12h SLA)
  • Full analytics + spending reports
  • Custom policy development
  • Dedicated RPC endpoints
Start Scale →
Enterprise
Custom
contact us
  • Unlimited transactions
  • SLA + dedicated support
  • On-premise deployment option
  • SSO + team management
  • Audit & compliance reports
  • Custom contract audits
Contact Sales →

Additional usage billed at $0.002 per transaction · Paymaster fee: 1% of sponsored gas/fees

Early Access · Limited Spots

Ready to give your users
seamless Web3 UX?

Join the waitlist for early API access. We're onboarding developers starting Q2 2026.

No spam. We'll reach out when your API key is ready.

Free tier available
No credit card required
Works on EVM + Solana