Advanced Permissions

Full controls for the on-chain policy that bounds what Ava can do — for users who want more than the chat-surface defaults.

Advanced Permissions#

The Telegram chat gives you safe defaults: one or two cap numbers, sensible allowlists, plain-English explanations. Studio gives you the full controls — useful if you want fine-grained policies, you're managing several positions, or you're using Ava for a team / treasury.

What Studio's Permissions screen shows#

  • Every active policy on every smart wallet under your control.
  • The full allowlist (contracts + function selectors) per policy.
  • The current cap usage vs total (e.g. "320 / 500 USDC used this period").
  • The throttle settings (max actions per period).
  • The on-chain policy contract address (for verification on a block explorer).
  • A revoke button per policy.

What you can do here that chat can't#

  • Multi-asset caps. Set independent caps per asset, including assets the default flow didn't pre-fill.
  • Per-contract allowlists. Add or remove specific helper contracts.
  • Throttle tuning. Adjust the action rate limit (e.g. "max 2 actions per hour").
  • Expiry dates. Set a hard expiry ("policy auto-invalidates 2026-12-31").
  • Snapshot the policy. Export a JSON description of the policy for audit.

Safe defaults vs full controls#

Studio surfaces full controls — including ones with sharp edges. For example, you can set a per-period cap of 100,000 USDC. The chat surface would push back; Studio just lets you.

This is intentional. The goal is to never lock power users into the consumer defaults — but also to make the consumer defaults safe enough that 90% of users never open Studio.

Verifying a policy on-chain#

For each policy, Studio shows the policy contract address and a deep link to a block explorer. There you can:

  • Read the cap values, allowlist, throttle directly from the contract.
  • Verify the operator address is the Ava operator (we'll publish the canonical operator addresses on this docs site).
  • Confirm the policy's active flag is true.

Trust nothing, verify everything — the surface is for ergonomics, the chain is the truth.

Power-user patterns#

  • Tiered caps. Two Liquidation Guards on the same Aave position with different caps — a small one Ava will trigger early, a larger one as a backstop.
  • Per-time-of-day throttles. Tighter throttle during the day (when you're watching anyway), looser at night.
  • Allowlist Helper Contracts. If you're using a custom rebalancer, you can allowlist it (but be careful — this widens trust).

These patterns can introduce mistakes. When in doubt, prefer the simple default; Ava's safety guarantees rely on tight allowlists.