Authorization

Lotus supports delegated position management across all markets/tranches.

Model

• Mapping: isAuthorized[authorizer][authorized] controls who may act on behalf of authorizer.

• Two flows:

  • Direct: setAuthorization(authorized, isAuthorized) by the authorizer.

  • Signed: setAuthorizationWithSig(Authorization, Signature) using EIP‑712.

• Replay protection: per‑authorizer nonce(authorizer) incremented on each successful setAuthorizationWithSig.

EIP‑712 Domain

• DOMAIN_SEPARATOR = keccak256(abi.encode(DOMAIN_TYPEHASH, chainId, contractAddress))

Typed Data

Authorization struct fields signed by the authorizer:

• authorizer address

• authorized address

• isAuthorized bool

• nonce uint256 (must equal current nonce(authorizer))

• deadline uint256 (timestamp; must be ≥ block.time)

Signature format: { v, r, s }, recovered signer must equal authorizer.

Usage Notes

• Delegation applies protocol‑wide (all markets and tranches) for the authorizer’s positions.

• Set/unset with care; always bound signatures with fresh nonces and deadlines.

• Frontends should show current nonce and compose typed‑data accordingly.

Pre-Liquidation Authorization

Pre-liquidation contracts require borrower authorization to function. The pre-liquidation contract calls withdrawCollateral on behalf of the borrower during the pre-liquidation flow, which requires the borrower to have called setAuthorization(preLiquidationAddress, true) beforehand. Repayment does not require authorization — anyone can repay on behalf of any borrower — but collateral seizure does.

Without this authorization, pre-liquidation attempts revert at the withdrawCollateral step. Borrowers can compute the pre-liquidation contract address deterministically via PreLiquidationFactory.computePreLiquidationAddress and authorize it before deployment using the signed authorization flow.

See also

• Reference → Pre-Liquidation for the full pre-liquidation API

• Reference → Contract API → Authorization

• Learn → Advanced → Core Interactions