Skip to main content

Overview

Purchase permits are signed messages that authorize specific wallet addresses to purchase tokens for verified entities. They serve as the bridge between Sonar’s compliance verification and your onchain sale contract. Each permit proves that an entity has completed the required verification and is authorized to make a specific purchase with given funding bounds.

Permit Architecture

Permits are short-lived (10 minutes) and single-use to ensure fresh compliance status and prevent replay attacks.

Permit Structure

Sonar will set different fields in the permit based on your sale configuration: 
{
    entityID: "0x1234567890abcdef1234567890abcdef", // Entity ID
    saleUUID: "0xabcdef1234567890abcdef1234567890",  // Your sale UUID
    wallet: "0x742d35Cc6364C0532d0ef6b1234567890abcdef", // Authorized wallet
    expiresAt: 1704067200, // Unix timestamp (10 minutes from now)
    minAmount: 1000000000, // If you have purchase limits configured, this will be set to the minimum amount
    maxAmount: 10000000000, // If you have purchase limits configured, this will be set to the maximum total amount
    minPrice: 1000000000, // If you have a dynamic pricing model (e.g. auctions), this can be set to the minimum price
    maxPrice: 10000000000, // If you have a dynamic pricing model (e.g. auctions), this can be set to the maximum price
    payload: "0x" // Reserved for future use
}
For more detail on purchase limits, see the Purchase Limit Management page.

Common Issues

Signature Verification Failures Most permit issues stem from signature verification problems:
  1. Wrong signer address: Ensure your contract has the correct Sonar signer address
  2. Struct encoding: Permit structure must exactly match Solidity definition
  3. Sale UUID mismatch: Verify your sale UUID matches exactly
Debug by logging the recovered signer address in your contract. Expiration Handling Permits expire in 10 minutes:
  1. Generate permits just-in-time: Don’t fetch permits during page load
  2. Implement retry logic: Regenerate expired permits automatically
  3. Handle expired permit errors gracefully: Provide clear retry options

See Also

Smart Contract Integration

Learn how to validate permits in your sale contract

Frontend Integration

Generate and use permits in your application

Purchase Limit Management

How permits work with purchase limits