Permissionless meta-transactions

Please proceed to our Security Considerations page and read it thoroughly before advancing with your implementation. It is crucial to understand all potential security risks and measures to mitigate them.

If you're not using ERC-2771, your users might have smart contract wallets, in which case you should have a look at Account Abstraction.

Gelato Relay offers two methods that don't implement ERC2771 signature verification:

Please exercise utmost caution when using the Gelato Relay without implementing ERC-2771 for authentication/authorization.

We highly recommend cross-checking with us on Discord if you believe your setup doesn't require the ERC-2771 user verification. We can help confirm whether your implementation is sufficiently secure.

There are specific use cases where the Gelato ERC-2771 implementation may not be necessary:

  1. If your application or protocol already implements user signature/verification and has authentication/authorization mechanisms in place.

  2. Applications like Gnosis Safe multisigs, where a non-ERC2771 compliant signature mechanism is already established.

  3. If your application does not require any access control and does not involve any fund transfers.

Last updated