Permissions & Limits

The on-chain policy that bounds what Ava can do — what's in it, how to set it, how to change it.

Permissions & Limits#

The on-chain policy attached to your smart wallet (we call it AvaPolicy) is the hard boundary Ava operates inside. You sign it once, you can change it later, you can revoke it anytime.

What's in the policy#

Every Guardian job has its own policy. A Liquidation Guard policy for your Aave position contains:

  • Authorized actor. The Guardian operator address (a specific Ava address; you can verify it on-chain). Only this address can initiate actions.
  • Authorized contracts. The Aave Pool contract for the relevant chain, plus a small set of supporting helpers (e.g. token allowances). Anything not on this list cannot be called, ever, by this permission.
  • Authorized function selectors. Only supply() and repay() for this Guardian — not borrow(), not withdraw(), not delegate(). Even within authorized contracts, only safe-direction calls are allowed.
  • Spend caps per asset. E.g. ≤ 500 USDC and ≤ 0.2 WETH from this wallet, refilled monthly. Each asset has an independent cap.
  • Action throttle. A rate limit — e.g. at most 1 action per hour for this Guardian — to prevent runaway behavior even if anything else goes wrong.
  • Optional expiry. You can set an explicit expiry (e.g. valid for 90 days). Default is no expiry, until revoked.

What's deliberately not in the policy#

  • No "trust Ava on everything." Each Guardian job is its own narrow permission. The Liquidation Guard can't earn-rebalance. The Earn agent can't repay a loan.
  • No "Ava can withdraw to address X." External transfers are not in any Guardian permission. There is no policy shape that lets Ava send funds to an Ava-controlled address.
  • No "Ava can change the cap." Only you can raise or lower the cap (with a signature). Ava can ask, in chat, but it can't act.

Setting the policy#

The first time you authorize a Guardian, Ava walks you through a setup page in a browser (signing happens in your wallet, not in Telegram). You'll see:

  • The exact contract addresses the policy will allowlist.
  • The exact function selectors.
  • The caps — pre-filled with a sensible default based on your position size, fully editable.
  • A summary of "what this lets Ava do" in plain English.

Then a single signature in your wallet creates the policy.

Changing the policy#

You can raise or lower a cap any time — each change is a new signature. Common reasons:

  • You added more capital to a position and want Ava able to defend more of it → raise the USDC cap.
  • You want to dial Ava back without revoking → lower all caps to a small number.
  • You added a new asset to a position → add that asset's cap.

In chat, Ava will surface the change as a clear prompt: "to do this top-up at the size you want, the policy needs to allow up to 700 USDC. Want to update?"

Pausing vs revoking#

  • Pause (/pause) is off-chain — Ava stops acting but the policy still exists. Quick, no gas.
  • Revoke is on-chain — the policy is invalidated; even if Ava wanted to act, the chain would refuse. See Revoking Access.

Reading the policy yourself#

The policy is on-chain. You can:

  • Ask Ava for the policy contract address — "show me the policy address".
  • Inspect it on a block explorer to read the caps, allowlist, and operator.
  • (Power users) Use the SDK or call the read methods directly to script your own checks. See Developers → SDK Reference.

You don't have to trust Ava's UI to know the truth — the truth is on-chain.