Files
nick-doc/PRD - Gasless Buyer Payments (Roadmap).md

2.4 KiB

PRD — Gasless Buyer Payments (Roadmap)

Status: Roadmap / future improvement for full gasless payments. The partial permit-approval relay shipped on backend integrate-main-into-development at 3a50dc4.

Background

The in-house checkout (Request Network fee-proxy + amn.scanner) has the buyer:

  1. approve the RN fee-proxy to spend their token (on-chain tx, gas), then
  2. pay via transferFromWithReferenceAndFee (on-chain tx, gas).

We want the buyer to pay gasless (sign only, never spend native gas) when the token supports it.

Partial (shipped — permit-approval only)

For EIP-2612 permit-capable tokens (USDC on mainnet/Base/Arbitrum/Polygon — see PERMIT_CAPABLE_TOKENS in sweepService.ts; mainnet USDT has NO permit):

  • Buyer signs an EIP-2612 permit (gasless signature) granting allowance to the fee-proxy.
  • A backend relayer broadcasts token.permit(...) (relayer pays that gas).
  • Buyer still pays gas for the transfer (transferFromWithReferenceAndFee).

Net: removes the approve tx gas only. USDC-only. The buyer still sends 1 tx.

Full gasless (THIS roadmap item — NOT done)

Blocker: transferFromWithReferenceAndFee pulls tokens from msg.sender, so a relayer calling it would pull from the relayer, not the buyer. A relayer cannot broadcast the payment on the buyer's behalf with the current contract.

To make the buyer fully gasless (sign only), build ONE of:

  1. Meta-tx forwarder / custom payment proxy — a contract that accepts a buyer EIP-2612 permit + a signed payment intent, then transferFrom(buyer, …) while the relayer is msg.sender and sponsors gas. Requires a deployed, audited contract + funded relayer wallet + replay/abuse protection.
  2. ERC-4337 account abstraction + paymaster — buyer ops sponsored by a paymaster. Requires bundler + paymaster funding + smart-account UX.

Requirements / open questions

  • Deployed contract (forwarder or AA stack) per supported chain.
  • Funded relayer/paymaster wallet; gas-cost accounting (who eats the gas, caps).
  • Abuse controls: bind each sponsored op to a real pending payment (paymentId + buyer + spender + amount), rate-limit, deadline.
  • Non-permit tokens (mainnet USDT) can never be permit-gasless — needs AA or a pre-funded-allowance flow.

Out of scope

  • The partial permit-approval flow (separate, smaller change).
  • Production relayer funding/ops.