Implementation Overview

User sessions are initiated when a user authorizes an app through HYPLAY's OAuth flow. You can learn more about apps and the OAuth flow here.

A user session links a set of approved permissions between the given user and the application they authorized. These approved permissions limit the scope the application can submit transactions, transfer tokens or NFTs, and more on behalf of the user within a limited time period before the session expires.

When a user authorizes an application through the application's OAuth flow, the developer receives a unique session access token specific to the user. The developer can use this session access token prior to its expiration to invoke transactions, read data, and more on behalf of the user, so long as these actions fall under the permission scope approved by the user during the initial authorization flow.

Motivation

The way we've developer user sessions with HYPLAY unlocks a novel pattern for both users and developers that completely removes the pain points and friction from web3 enabled apps and games in a vertically integrated manner. Players never need to deal with transaction signing, gas fees, or wallet popups. Developers never need to build their own wallet systems, implement fragmented API providers, or pay for gas fees as their application or game scales.

Lastly, HYPLAY's API services are not required to invoke session transactions on behalf of users by apps or games - HYPLAY's API is simply a convenience layer to streamline the process for developers. The core systems that HYPLAY utilizes are open for other developers to build on top of through the same publicly available smart contracts we use on HYCHAIN.