Session Keys are ephemeral keys with fine-grained instruction scoping for tiered access in your Solana Programs.

Session keys are a giant leap for improving UX for users as they take away the need for repeated wallet popups while a user performs actions in-game like purchases or on-chain interactions. The expiry and access are stored at the contract level which immunes session keys from potential security vulnerabilities. The Session Keys parameters can be duration, the maximum amount of tokens spent, amount of transactions or any other function specific to your use case.

You can also provide a layered security model which allows tiered access to a session key making sure a user’s assets are always secure and can’t be accessed by the session keys. This type of layered security is a standard model in web2 applications and provides a stronger defence against attacks and helps ensure the security of your users’ asset. This is now possible in web3 with the use of Session Keys at the contract level.

Example use cases for Session Keys

  • An uninterrupted gaming experience for an on-chain game.
  • A seamless experience for in-app NFTs purchase
  • A layered security model for your game/dApp


The original Session key program was developed by Gum. The newly deployed program is ‘KeyspM2ssCJbqUhQ4k7sveSiY4WjnYsrXkC8oDbwde5’

Was this page helpful?