spendLimit caps how much of a given token a session key may spend over a rolling time
window. The limit is enforced on-chain in the contract’s __check_auth - not in the
SDK, not in the facilitator. A stolen session blob still cannot exceed its configured cap.
Usage
policies array when calling grantSession:
Period values
| Value | Window |
|---|---|
"day" | Rolling 24-hour window |
"week" | Rolling 7-day window |
"month" | Rolling 30-day window |
"total" | Lifetime cap for the session (no reset) |
What happens when the limit is exceeded
A payment that would exceed the cap is rejected by the contract during__check_auth. The
facilitator maps the on-chain rejection to BuckspayError("SESSION_POLICY_VIOLATION").
The limit is per-session, per-token. Two separate sessions each with
max: "100" can each
spend up to 100 USDC independently.Combining policies
spendLimit is commonly paired with allowlist so the session key is scoped both by
spend and by callable contracts. See Sessions overview for
the full lifecycle example.
Next
Allowlist policy
Restrict which contracts the session key may call.
Sessions overview
Full lifecycle: grant, serialize, use, and revoke a session.

