Core Concepts

Policies

Authorization policies in Runtimee

Policies

Policies are the core of Runtimee's authorization system. They define the rules that determine whether an actor can perform a specific action.

Policy Types

Runtimee includes several built-in policy types:

Budget Check: Ensures the actor has sufficient budget for the action.
Allowlist: Restricts actions to a predefined list of targets.
Max Per Call: Limits the amount that can be spent in a single action.
Rate Limit: Limits the number of actions within a time window.

Policy Structure

Each policy has:

id: Unique identifier
version: Version of the policy
type: Policy type (e.g., "budget-check")
config: Configuration specific to the policy type
priority: Priority in the policy evaluation order (lower numbers evaluated first)

Example: Budget Check Policy

import { createBudgetCheckPolicy } from "@runtimee/core/policies"

const policy = createBudgetCheckPolicy({
  id: "monthly-budget",
  version: "1",
  config: {
    amount: "1000000000000", // 1 USDC in wei (6 decimals)
    currency: "USDC",
    period: "monthly"
  }
})

How is this guide?

Actors

Financial identities in Runtimee

Authorization

How authorization works in Runtimee

On this page

Policies Policy Types Policy Structure Example: Budget Check Policy