# Authorization (/docs/risex/contracts/contract-interface/authorization)

## Contract Functions

### Register Signer

**Description**

Registers a signer (session key) to sign on behalf of an account. The signer must be an EOA, while the account can be
either an EOA or a smart contract account. Both the account and signer must provide EIP-712 typed data signatures.

```solidity
function registerSigner(
    address account,
    address signer,
    string memory message,
    uint256 nonce,
    uint40 expiration,
    bytes memory accountSignature,
    bytes memory signerSignature
) external;
```

**Parameters**

* `account`: The account address that will authorize the signer
* `signer`: The signer address (must be an EOA) that will sign on behalf of the account
* `message`: A message string for the account signature
* `nonce`: A unique nonce for both account and signer to prevent replay attacks
* `expiration`: The expiration timestamp (uint40) when the session key expires
* `accountSignature`: EIP-712 signature from the account authorizing the signer
* `signerSignature`: EIP-712 signature from the signer confirming authorization

**Example**

```solidity
// Prepare registration data
address account = 0x...;
address signer = 0x...;
string memory message = "Authorize signer";
uint256 nonce = 123;
uint40 expiration = uint40(block.timestamp + 30 days);
bytes32 registerHash = _hashTypedDataV4(
    keccak256(
        abi.encode(
            REGISTER_SIGNER_TYPEHASH, // "RegisterSigner(address signer,string message,uint40 expiration,uint256 nonce)"
            signer,
            keccak256(abi.encodePacked(message)),
            expiration,
            nonce
        )
    )
);
bytes memory accountSignature = _signTypedDataHash(accountPrivateKey, registerHash);

bytes32 signKeyHash = _hashTypedDataV4(
    keccak256(
      abi.encode(
        VERIFY_SIGNER_TYPEHASH, // "VerifySigner(address account,uint256 nonce)"
        account,
        nonce
      )
    )
);
bytes memory signerSignature = _signTypedDataHash(signerPrivateKey, signKeyHash);

// Register the signer
risExAuthorization.registerSigner(
    account,
    signer,
    message,
    nonce,
    expiration,
    accountSignature,
    signerSignature
);
```

***

### Revoke Signer

**Description**

Revokes a signer's authorization to sign on behalf of an account. The signer must currently be authorized. The account
must provide an EIP-712 typed data signature.

```solidity
function revokeSigner(
    address account,
    address signer,
    uint256 nonce,
    bytes memory accountSignature
) external;
```

**Parameters**

* `account`: The account address that authorized the signer
* `signer`: The signer address to revoke
* `nonce`: A unique nonce to prevent replay attacks
* `accountSignature`: EIP-712 signature from the account authorizing the revocation

**Example**

```solidity
// Prepare revocation data
address account = 0x...;
address signer = 0x...;
uint256 nonce = 456;

bytes32 revokeHash = _hashTypedDataV4(
    keccak256(
      abi.encode(
        REVOKE_SIGNER_TYPEHASH, // "RevokeSigner(address signer,uint256 nonce)"
        signer,
        nonce
      )
    )
);
bytes memory accountSignature = _signTypedDataHash(accountPrivateKey, revokeHash);

// Revoke the signer
risExAuthorization.revokeSigner(account, signer, nonce, accountSignature);
```