From f8073f6a3386a7ad5a231ea36d75e5693055a0d7 Mon Sep 17 00:00:00 2001
From: runtianz <runtian@aptoslabs.com>
Date: Mon, 9 Sep 2024 10:01:44 -0700
Subject: [PATCH] create permissioned signer example

---
 .../aptos-framework/doc/create_signer.md      |   10 +
 .../framework/aptos-framework/doc/overview.md |    1 +
 .../doc/permissioned_signer.md                | 1715 +++++++++++++++++
 .../sources/create_signer.move                |    1 +
 .../sources/permissioned_signer.move          |  637 ++++++
 .../tests/permissioned_signer_tests.move      |  322 ++++
 6 files changed, 2686 insertions(+)
 create mode 100644 aptos-move/framework/aptos-framework/doc/permissioned_signer.md
 create mode 100644 aptos-move/framework/aptos-framework/sources/permissioned_signer.move
 create mode 100644 aptos-move/framework/aptos-framework/tests/permissioned_signer_tests.move

diff --git a/aptos-move/framework/aptos-framework/doc/create_signer.md b/aptos-move/framework/aptos-framework/doc/create_signer.md
index a66df38b9c601..5c15eb6bec51f 100644
--- a/aptos-move/framework/aptos-framework/doc/create_signer.md
+++ b/aptos-move/framework/aptos-framework/doc/create_signer.md
@@ -127,6 +127,16 @@ Convert address to singer and return.
 <pre><code><b>pragma</b> opaque;
 <b>aborts_if</b> [abstract] <b>false</b>;
 <b>ensures</b> [abstract] <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(result) == addr;
+<b>ensures</b> [abstract] result == <a href="create_signer.md#0x1_create_signer_spec_create_signer">spec_create_signer</a>(addr);
+</code></pre>
+
+
+
+
+<a id="0x1_create_signer_spec_create_signer"></a>
+
+
+<pre><code><b>fun</b> <a href="create_signer.md#0x1_create_signer_spec_create_signer">spec_create_signer</a>(addr: <b>address</b>): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>;
 </code></pre>
 
 
diff --git a/aptos-move/framework/aptos-framework/doc/overview.md b/aptos-move/framework/aptos-framework/doc/overview.md
index 314baa3612ba9..7ad32f3ea8ec0 100644
--- a/aptos-move/framework/aptos-framework/doc/overview.md
+++ b/aptos-move/framework/aptos-framework/doc/overview.md
@@ -46,6 +46,7 @@ This is the reference documentation of the Aptos framework.
 -  [`0x1::object`](object.md#0x1_object)
 -  [`0x1::object_code_deployment`](object_code_deployment.md#0x1_object_code_deployment)
 -  [`0x1::optional_aggregator`](optional_aggregator.md#0x1_optional_aggregator)
+-  [`0x1::permissioned_signer`](permissioned_signer.md#0x1_permissioned_signer)
 -  [`0x1::primary_fungible_store`](primary_fungible_store.md#0x1_primary_fungible_store)
 -  [`0x1::randomness`](randomness.md#0x1_randomness)
 -  [`0x1::randomness_api_v0_config`](randomness_api_v0_config.md#0x1_randomness_api_v0_config)
diff --git a/aptos-move/framework/aptos-framework/doc/permissioned_signer.md b/aptos-move/framework/aptos-framework/doc/permissioned_signer.md
new file mode 100644
index 0000000000000..801de443139aa
--- /dev/null
+++ b/aptos-move/framework/aptos-framework/doc/permissioned_signer.md
@@ -0,0 +1,1715 @@
+
+<a id="0x1_permissioned_signer"></a>
+
+# Module `0x1::permissioned_signer`
+
+A _permissioned signer_ consists of a pair of the original signer and a generated
+address which is used store information about associated permissions.
+
+A permissioned signer is a restricted version of a signer. Functions <code><b>move_to</b></code> and
+<code>address_of</code> behave the same, and can be passed wherever signer is needed. However,
+code can internally query for the permissions to assert additional restrictions on
+the use of the signer.
+
+A client which is interested in restricting access granted via a signer can create a permissioned signer
+and pass on to other existing code without changes to existing APIs. Core functions in the framework, for
+example account functions, can then assert availability of permissions, effectively restricting
+existing code in a compatible way.
+
+After introducing the core functionality, examples are provided for withdraw limit on accounts, and
+for blind signing.
+
+
+-  [Resource `GrantedPermissionHandles`](#0x1_permissioned_signer_GrantedPermissionHandles)
+-  [Enum `PermissionedHandle`](#0x1_permissioned_signer_PermissionedHandle)
+-  [Enum `StorablePermissionedHandle`](#0x1_permissioned_signer_StorablePermissionedHandle)
+-  [Enum Resource `PermissionStorage`](#0x1_permissioned_signer_PermissionStorage)
+-  [Enum `StoredPermission`](#0x1_permissioned_signer_StoredPermission)
+-  [Enum `Permission`](#0x1_permissioned_signer_Permission)
+-  [Constants](#@Constants_0)
+-  [Function `create_permissioned_handle`](#0x1_permissioned_signer_create_permissioned_handle)
+-  [Function `create_storable_permissioned_handle`](#0x1_permissioned_signer_create_storable_permissioned_handle)
+-  [Function `destroy_permissioned_handle`](#0x1_permissioned_signer_destroy_permissioned_handle)
+-  [Function `destroy_storable_permissioned_handle`](#0x1_permissioned_signer_destroy_storable_permissioned_handle)
+-  [Function `destroy_permissions_storage_address`](#0x1_permissioned_signer_destroy_permissions_storage_address)
+-  [Function `signer_from_permissioned_handle`](#0x1_permissioned_signer_signer_from_permissioned_handle)
+-  [Function `signer_from_storable_permissioned_handle`](#0x1_permissioned_signer_signer_from_storable_permissioned_handle)
+-  [Function `revoke_permission_storage_address`](#0x1_permissioned_signer_revoke_permission_storage_address)
+-  [Function `revoke_all_handles`](#0x1_permissioned_signer_revoke_all_handles)
+-  [Function `permissions_storage_address`](#0x1_permissioned_signer_permissions_storage_address)
+-  [Function `assert_master_signer`](#0x1_permissioned_signer_assert_master_signer)
+-  [Function `authorize`](#0x1_permissioned_signer_authorize)
+-  [Function `check_permission_exists`](#0x1_permissioned_signer_check_permission_exists)
+-  [Function `check_permission_capacity_above`](#0x1_permissioned_signer_check_permission_capacity_above)
+-  [Function `check_permission_consume`](#0x1_permissioned_signer_check_permission_consume)
+-  [Function `capacity`](#0x1_permissioned_signer_capacity)
+-  [Function `revoke_permission`](#0x1_permissioned_signer_revoke_permission)
+-  [Function `extract_permission`](#0x1_permissioned_signer_extract_permission)
+-  [Function `get_key`](#0x1_permissioned_signer_get_key)
+-  [Function `address_of`](#0x1_permissioned_signer_address_of)
+-  [Function `consume_permission`](#0x1_permissioned_signer_consume_permission)
+-  [Function `store_permission`](#0x1_permissioned_signer_store_permission)
+-  [Function `is_permissioned_signer`](#0x1_permissioned_signer_is_permissioned_signer)
+-  [Function `permission_address`](#0x1_permissioned_signer_permission_address)
+-  [Function `signer_from_permissioned_handle_impl`](#0x1_permissioned_signer_signer_from_permissioned_handle_impl)
+-  [Specification](#@Specification_1)
+    -  [Function `create_permissioned_handle`](#@Specification_1_create_permissioned_handle)
+    -  [Function `create_storable_permissioned_handle`](#@Specification_1_create_storable_permissioned_handle)
+    -  [Function `destroy_permissioned_handle`](#@Specification_1_destroy_permissioned_handle)
+    -  [Function `destroy_storable_permissioned_handle`](#@Specification_1_destroy_storable_permissioned_handle)
+    -  [Function `revoke_permission_storage_address`](#@Specification_1_revoke_permission_storage_address)
+    -  [Function `authorize`](#@Specification_1_authorize)
+    -  [Function `check_permission_exists`](#@Specification_1_check_permission_exists)
+    -  [Function `check_permission_capacity_above`](#@Specification_1_check_permission_capacity_above)
+    -  [Function `check_permission_consume`](#@Specification_1_check_permission_consume)
+    -  [Function `capacity`](#@Specification_1_capacity)
+    -  [Function `consume_permission`](#@Specification_1_consume_permission)
+    -  [Function `is_permissioned_signer`](#@Specification_1_is_permissioned_signer)
+    -  [Function `permission_address`](#@Specification_1_permission_address)
+    -  [Function `signer_from_permissioned_handle_impl`](#@Specification_1_signer_from_permissioned_handle_impl)
+
+
+<pre><code><b>use</b> <a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any">0x1::copyable_any</a>;
+<b>use</b> <a href="create_signer.md#0x1_create_signer">0x1::create_signer</a>;
+<b>use</b> <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error">0x1::error</a>;
+<b>use</b> <a href="../../aptos-stdlib/../move-stdlib/doc/option.md#0x1_option">0x1::option</a>;
+<b>use</b> <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">0x1::signer</a>;
+<b>use</b> <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map">0x1::simple_map</a>;
+<b>use</b> <a href="timestamp.md#0x1_timestamp">0x1::timestamp</a>;
+<b>use</b> <a href="transaction_context.md#0x1_transaction_context">0x1::transaction_context</a>;
+<b>use</b> <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">0x1::vector</a>;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_GrantedPermissionHandles"></a>
+
+## Resource `GrantedPermissionHandles`
+
+
+
+<pre><code><b>struct</b> <a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a> <b>has</b> key
+</code></pre>
+
+
+
+<details>
+<summary>Fields</summary>
+
+
+<dl>
+<dt>
+<code>active_handles: <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector">vector</a>&lt;<b>address</b>&gt;</code>
+</dt>
+<dd>
+
+</dd>
+</dl>
+
+
+</details>
+
+<a id="0x1_permissioned_signer_PermissionedHandle"></a>
+
+## Enum `PermissionedHandle`
+
+
+
+<pre><code>enum <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionedHandle">PermissionedHandle</a>
+</code></pre>
+
+
+
+<details>
+<summary>Variants</summary>
+
+
+<details>
+<summary>V1</summary>
+
+
+<details>
+<summary>Fields</summary>
+
+
+<dl>
+<dt>
+<code>master_account_addr: <b>address</b></code>
+</dt>
+<dd>
+
+</dd>
+<dt>
+<code>permissions_storage_addr: <b>address</b></code>
+</dt>
+<dd>
+
+</dd>
+</dl>
+
+
+</details>
+
+</details>
+
+</details>
+
+<a id="0x1_permissioned_signer_StorablePermissionedHandle"></a>
+
+## Enum `StorablePermissionedHandle`
+
+
+
+<pre><code>enum <a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">StorablePermissionedHandle</a> <b>has</b> store
+</code></pre>
+
+
+
+<details>
+<summary>Variants</summary>
+
+
+<details>
+<summary>V1</summary>
+
+
+<details>
+<summary>Fields</summary>
+
+
+<dl>
+<dt>
+<code>master_account_addr: <b>address</b></code>
+</dt>
+<dd>
+
+</dd>
+<dt>
+<code>permissions_storage_addr: <b>address</b></code>
+</dt>
+<dd>
+
+</dd>
+<dt>
+<code>expiration_time: u64</code>
+</dt>
+<dd>
+
+</dd>
+</dl>
+
+
+</details>
+
+</details>
+
+</details>
+
+<a id="0x1_permissioned_signer_PermissionStorage"></a>
+
+## Enum Resource `PermissionStorage`
+
+
+
+<pre><code>enum <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> <b>has</b> key
+</code></pre>
+
+
+
+<details>
+<summary>Variants</summary>
+
+
+<details>
+<summary>V1</summary>
+
+
+<details>
+<summary>Fields</summary>
+
+
+<dl>
+<dt>
+<code>perms: <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_SimpleMap">simple_map::SimpleMap</a>&lt;<a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any_Any">copyable_any::Any</a>, <a href="permissioned_signer.md#0x1_permissioned_signer_StoredPermission">permissioned_signer::StoredPermission</a>&gt;</code>
+</dt>
+<dd>
+
+</dd>
+</dl>
+
+
+</details>
+
+</details>
+
+</details>
+
+<a id="0x1_permissioned_signer_StoredPermission"></a>
+
+## Enum `StoredPermission`
+
+
+
+<pre><code>enum <a href="permissioned_signer.md#0x1_permissioned_signer_StoredPermission">StoredPermission</a> <b>has</b> drop, store
+</code></pre>
+
+
+
+<details>
+<summary>Variants</summary>
+
+
+<details>
+<summary>Unlimited</summary>
+
+
+<details>
+<summary>Fields</summary>
+
+
+<dl>
+</dl>
+
+
+</details>
+
+</details>
+
+<details>
+<summary>Capacity</summary>
+
+
+<details>
+<summary>Fields</summary>
+
+
+<dl>
+<dt>
+<code>0: u256</code>
+</dt>
+<dd>
+
+</dd>
+</dl>
+
+
+</details>
+
+</details>
+
+</details>
+
+<a id="0x1_permissioned_signer_Permission"></a>
+
+## Enum `Permission`
+
+
+
+<pre><code>enum <a href="permissioned_signer.md#0x1_permissioned_signer_Permission">Permission</a>&lt;K&gt;
+</code></pre>
+
+
+
+<details>
+<summary>Variants</summary>
+
+
+<details>
+<summary>Capacity</summary>
+
+
+<details>
+<summary>Fields</summary>
+
+
+<dl>
+<dt>
+<code>owner_address: <b>address</b></code>
+</dt>
+<dd>
+
+</dd>
+<dt>
+<code>key: K</code>
+</dt>
+<dd>
+
+</dd>
+<dt>
+<code>capacity: u256</code>
+</dt>
+<dd>
+
+</dd>
+</dl>
+
+
+</details>
+
+</details>
+
+</details>
+
+<a id="@Constants_0"></a>
+
+## Constants
+
+
+<a id="0x1_permissioned_signer_ECANNOT_AUTHORIZE"></a>
+
+Cannot authorize a permission.
+
+
+<pre><code><b>const</b> <a href="permissioned_signer.md#0x1_permissioned_signer_ECANNOT_AUTHORIZE">ECANNOT_AUTHORIZE</a>: u64 = 2;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_ECANNOT_EXTRACT_PERMISSION"></a>
+
+signer doesn't have enough capacity to extract permission.
+
+
+<pre><code><b>const</b> <a href="permissioned_signer.md#0x1_permissioned_signer_ECANNOT_EXTRACT_PERMISSION">ECANNOT_EXTRACT_PERMISSION</a>: u64 = 4;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_ENOT_MASTER_SIGNER"></a>
+
+Trying to grant permission using master signer.
+
+
+<pre><code><b>const</b> <a href="permissioned_signer.md#0x1_permissioned_signer_ENOT_MASTER_SIGNER">ENOT_MASTER_SIGNER</a>: u64 = 1;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_ENOT_PERMISSIONED_SIGNER"></a>
+
+Access permission information from a master signer.
+
+
+<pre><code><b>const</b> <a href="permissioned_signer.md#0x1_permissioned_signer_ENOT_PERMISSIONED_SIGNER">ENOT_PERMISSIONED_SIGNER</a>: u64 = 3;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_E_NOT_ACTIVE"></a>
+
+destroying permission handle that has already been revoked or not owned by the
+given master signer.
+
+
+<pre><code><b>const</b> <a href="permissioned_signer.md#0x1_permissioned_signer_E_NOT_ACTIVE">E_NOT_ACTIVE</a>: u64 = 8;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_E_PERMISSION_EXPIRED"></a>
+
+permission handle has expired.
+
+
+<pre><code><b>const</b> <a href="permissioned_signer.md#0x1_permissioned_signer_E_PERMISSION_EXPIRED">E_PERMISSION_EXPIRED</a>: u64 = 5;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_E_PERMISSION_MISMATCH"></a>
+
+storing extracted permission into a different signer.
+
+
+<pre><code><b>const</b> <a href="permissioned_signer.md#0x1_permissioned_signer_E_PERMISSION_MISMATCH">E_PERMISSION_MISMATCH</a>: u64 = 6;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_E_PERMISSION_REVOKED"></a>
+
+permission handle has been revoked by the original signer.
+
+
+<pre><code><b>const</b> <a href="permissioned_signer.md#0x1_permissioned_signer_E_PERMISSION_REVOKED">E_PERMISSION_REVOKED</a>: u64 = 7;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_U256_MAX"></a>
+
+
+
+<pre><code><b>const</b> <a href="permissioned_signer.md#0x1_permissioned_signer_U256_MAX">U256_MAX</a>: u256 = 115792089237316195423570985008687907853269984665640564039457584007913129639935;
+</code></pre>
+
+
+
+<a id="0x1_permissioned_signer_create_permissioned_handle"></a>
+
+## Function `create_permissioned_handle`
+
+Create an ephermeral permission handle based on the master signer.
+
+This handle can be used to derive a signer that can be used in the context of
+the current transaction.
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_create_permissioned_handle">create_permissioned_handle</a>(master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionedHandle">permissioned_signer::PermissionedHandle</a>
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_create_permissioned_handle">create_permissioned_handle</a>(master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionedHandle">PermissionedHandle</a> {
+    <a href="permissioned_signer.md#0x1_permissioned_signer_assert_master_signer">assert_master_signer</a>(master);
+    <b>let</b> permissions_storage_addr = generate_auid_address();
+    <b>let</b> master_account_addr = <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(master);
+
+    <b>move_to</b>(
+        &<a href="create_signer.md#0x1_create_signer">create_signer</a>(permissions_storage_addr),
+        PermissionStorage::V1 { perms: <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_new">simple_map::new</a>() }
+    );
+
+    PermissionedHandle::V1 { master_account_addr, permissions_storage_addr }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_create_storable_permissioned_handle"></a>
+
+## Function `create_storable_permissioned_handle`
+
+Create an storable permission handle based on the master signer.
+
+This handle can be used to derive a signer that can be stored by a smart contract.
+This is as dangerous as key delegation, thus it remains public(friend) for now.
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_create_storable_permissioned_handle">create_storable_permissioned_handle</a>(master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, expiration_time: u64): <a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">permissioned_signer::StorablePermissionedHandle</a>
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_create_storable_permissioned_handle">create_storable_permissioned_handle</a>(
+    master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, expiration_time: u64
+): <a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">StorablePermissionedHandle</a> <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a> {
+    <a href="permissioned_signer.md#0x1_permissioned_signer_assert_master_signer">assert_master_signer</a>(master);
+    <b>let</b> permissions_storage_addr = generate_auid_address();
+    <b>let</b> master_account_addr = <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(master);
+
+    <b>assert</b>!(
+        <a href="timestamp.md#0x1_timestamp_now_seconds">timestamp::now_seconds</a>() &lt; expiration_time,
+        <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_E_PERMISSION_EXPIRED">E_PERMISSION_EXPIRED</a>)
+    );
+
+    <b>if</b> (!<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr)) {
+        <b>move_to</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(
+            master, <a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a> { active_handles: <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector_empty">vector::empty</a>() }
+        );
+    };
+
+    <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector_push_back">vector::push_back</a>(
+        &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr).active_handles,
+        permissions_storage_addr
+    );
+
+    <b>move_to</b>(
+        &<a href="create_signer.md#0x1_create_signer">create_signer</a>(permissions_storage_addr),
+        PermissionStorage::V1 { perms: <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_new">simple_map::new</a>() }
+    );
+
+    StorablePermissionedHandle::V1 {
+        master_account_addr,
+        permissions_storage_addr,
+        expiration_time
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_destroy_permissioned_handle"></a>
+
+## Function `destroy_permissioned_handle`
+
+Destroys an ephermeral permission handle. Clean up the permission stored in that handle
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_permissioned_handle">destroy_permissioned_handle</a>(p: <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionedHandle">permissioned_signer::PermissionedHandle</a>)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_permissioned_handle">destroy_permissioned_handle</a>(p: <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionedHandle">PermissionedHandle</a>) <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>let</b> PermissionedHandle::V1 { master_account_addr: _, permissions_storage_addr } =
+        p;
+    <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_permissions_storage_address">destroy_permissions_storage_address</a>(permissions_storage_addr);
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_destroy_storable_permissioned_handle"></a>
+
+## Function `destroy_storable_permissioned_handle`
+
+Destroys a storable permission handle. Clean up the permission stored in that handle
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_storable_permissioned_handle">destroy_storable_permissioned_handle</a>(p: <a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">permissioned_signer::StorablePermissionedHandle</a>)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_storable_permissioned_handle">destroy_storable_permissioned_handle</a>(
+    p: <a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">StorablePermissionedHandle</a>
+) <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>, <a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a> {
+    <b>let</b> StorablePermissionedHandle::V1 {
+        master_account_addr,
+        permissions_storage_addr,
+        expiration_time: _
+    } = p;
+
+    <b>assert</b>!(
+        <b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr),
+        <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_E_PERMISSION_REVOKED">E_PERMISSION_REVOKED</a>),
+    );
+    <b>let</b> granted_permissions =
+        <b>borrow_global_mut</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr);
+    <b>let</b> (found, idx) = <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector_index_of">vector::index_of</a>(
+        &granted_permissions.active_handles, &permissions_storage_addr
+    );
+
+    // Removing the <b>address</b> from the active handle list <b>if</b> it's still active.
+    <b>if</b>(found) {
+        <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector_swap_remove">vector::swap_remove</a>(&<b>mut</b> granted_permissions.active_handles, idx);
+    };
+
+    <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_permissions_storage_address">destroy_permissions_storage_address</a>(permissions_storage_addr);
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_destroy_permissions_storage_address"></a>
+
+## Function `destroy_permissions_storage_address`
+
+
+
+<pre><code><b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_permissions_storage_address">destroy_permissions_storage_address</a>(permissions_storage_addr: <b>address</b>)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code>inline <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_permissions_storage_address">destroy_permissions_storage_address</a>(
+    permissions_storage_addr: <b>address</b>
+) <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>if</b> (<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(permissions_storage_addr)) {
+        <b>let</b> PermissionStorage::V1 { perms } =
+            <b>move_from</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(permissions_storage_addr);
+        <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_destroy">simple_map::destroy</a>(
+            perms,
+            |_dk| {},
+            |_dv| {}
+        );
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_signer_from_permissioned_handle"></a>
+
+## Function `signer_from_permissioned_handle`
+
+Generate the permissioned signer based on the ephermeral permission handle.
+
+This signer can be used as a regular signer for other smart contracts. However when such
+signer interacts with various framework functions, it would subject to permission checks
+and would abort if check fails.
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_permissioned_handle">signer_from_permissioned_handle</a>(p: &<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionedHandle">permissioned_signer::PermissionedHandle</a>): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_permissioned_handle">signer_from_permissioned_handle</a>(p: &<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionedHandle">PermissionedHandle</a>): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a> {
+    <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_permissioned_handle_impl">signer_from_permissioned_handle_impl</a>(
+        p.master_account_addr, p.permissions_storage_addr
+    )
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_signer_from_storable_permissioned_handle"></a>
+
+## Function `signer_from_storable_permissioned_handle`
+
+Generate the permissioned signer based on the storable permission handle.
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_storable_permissioned_handle">signer_from_storable_permissioned_handle</a>(p: &<a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">permissioned_signer::StorablePermissionedHandle</a>): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_storable_permissioned_handle">signer_from_storable_permissioned_handle</a>(
+    p: &<a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">StorablePermissionedHandle</a>
+): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a> {
+    <b>assert</b>!(
+        <a href="timestamp.md#0x1_timestamp_now_seconds">timestamp::now_seconds</a>() &lt; p.expiration_time,
+        <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_E_PERMISSION_EXPIRED">E_PERMISSION_EXPIRED</a>)
+    );
+    <b>assert</b>!(
+        <b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(p.permissions_storage_addr),
+        <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_E_PERMISSION_REVOKED">E_PERMISSION_REVOKED</a>)
+    );
+    <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_permissioned_handle_impl">signer_from_permissioned_handle_impl</a>(
+        p.master_account_addr, p.permissions_storage_addr
+    )
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_revoke_permission_storage_address"></a>
+
+## Function `revoke_permission_storage_address`
+
+Revoke a specific storable permission handle immediately. This would disallow owner of
+the storable permission handle to derive signer from it anymore.
+
+
+<pre><code><b>public</b> entry <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_revoke_permission_storage_address">revoke_permission_storage_address</a>(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, permissions_storage_addr: <b>address</b>)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> entry <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_revoke_permission_storage_address">revoke_permission_storage_address</a>(
+    s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, permissions_storage_addr: <b>address</b>
+) <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>, <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>assert</b>!(
+        !<a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s), <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_ENOT_MASTER_SIGNER">ENOT_MASTER_SIGNER</a>)
+    );
+    <b>let</b> master_account_addr = <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(s);
+
+    <b>assert</b>!(
+        <b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr),
+        <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_E_PERMISSION_REVOKED">E_PERMISSION_REVOKED</a>),
+    );
+    <b>let</b> granted_permissions =
+        <b>borrow_global_mut</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr);
+    <b>let</b> (found, idx) = <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector_index_of">vector::index_of</a>(
+        &granted_permissions.active_handles, &permissions_storage_addr
+    );
+
+    // The <b>address</b> <b>has</b> <b>to</b> be in the activated list in the master <a href="account.md#0x1_account">account</a> <b>address</b>.
+    <b>assert</b>!(found, <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_E_NOT_ACTIVE">E_NOT_ACTIVE</a>));
+    <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector_swap_remove">vector::swap_remove</a>(&<b>mut</b> granted_permissions.active_handles, idx);
+    <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_permissions_storage_address">destroy_permissions_storage_address</a>(permissions_storage_addr);
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_revoke_all_handles"></a>
+
+## Function `revoke_all_handles`
+
+Revoke all storable permission handle of the signer immediately.
+
+
+<pre><code><b>public</b> entry <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_revoke_all_handles">revoke_all_handles</a>(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> entry <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_revoke_all_handles">revoke_all_handles</a>(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>) <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>, <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>assert</b>!(
+        !<a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s), <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_ENOT_MASTER_SIGNER">ENOT_MASTER_SIGNER</a>)
+    );
+    <b>let</b> master_account_addr = <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(s);
+    <b>if</b> (!<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr)) { <b>return</b> };
+
+    <b>let</b> granted_permissions =
+        <b>borrow_global_mut</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr);
+    <b>let</b> delete_list = <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector_trim_reverse">vector::trim_reverse</a>(
+        &<b>mut</b> granted_permissions.active_handles, 0
+    );
+    <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector_destroy">vector::destroy</a>(
+        delete_list,
+        |<b>address</b>| {
+            <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_permissions_storage_address">destroy_permissions_storage_address</a>(<b>address</b>);
+        }
+    )
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_permissions_storage_address"></a>
+
+## Function `permissions_storage_address`
+
+Return the permission handle address so that it could be used for revokation purpose.
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_permissions_storage_address">permissions_storage_address</a>(p: &<a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">permissioned_signer::StorablePermissionedHandle</a>): <b>address</b>
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_permissions_storage_address">permissions_storage_address</a>(
+    p: &<a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">StorablePermissionedHandle</a>
+): <b>address</b> {
+    p.permissions_storage_addr
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_assert_master_signer"></a>
+
+## Function `assert_master_signer`
+
+Helper function that would abort if the signer passed in is a permissioned signer.
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_assert_master_signer">assert_master_signer</a>(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_assert_master_signer">assert_master_signer</a>(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>) {
+    <b>assert</b>!(
+        !<a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s), <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_ENOT_MASTER_SIGNER">ENOT_MASTER_SIGNER</a>)
+    );
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_authorize"></a>
+
+## Function `authorize`
+
+=====================================================================================================
+Permission Management
+
+Authorizes <code>permissioned</code> with the given permission. This requires to have access to the <code>master</code>
+signer.
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_authorize">authorize</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, capacity: u256, perm: PermKey)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_authorize">authorize</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(
+    master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>,
+    permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>,
+    capacity: u256,
+    perm: PermKey
+) <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>assert</b>!(
+        <a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(permissioned)
+            && !<a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(master)
+            && <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(master) == <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(permissioned),
+        <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_ECANNOT_AUTHORIZE">ECANNOT_AUTHORIZE</a>)
+    );
+    <b>let</b> permission_signer_addr = <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(permissioned);
+    <b>let</b> perms =
+        &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(permission_signer_addr).perms;
+    <b>let</b> key = <a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any_pack">copyable_any::pack</a>(perm);
+    <b>if</b> (<a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_contains_key">simple_map::contains_key</a>(perms, &key)) {
+        <b>let</b> entry = <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_borrow_mut">simple_map::borrow_mut</a>(perms, &key);
+        match (entry) {
+            StoredPermission::Capacity(current_capacity) =&gt; {
+                *current_capacity = *current_capacity + capacity;
+            }
+            StoredPermission::Unlimited =&gt; (),
+        }
+    } <b>else</b> {
+        <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_add">simple_map::add</a>(perms, key, StoredPermission::Capacity(capacity));
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_check_permission_exists"></a>
+
+## Function `check_permission_exists`
+
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_exists">check_permission_exists</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: PermKey): bool
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_exists">check_permission_exists</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(
+    s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: PermKey
+): bool <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>if</b> (!<a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s)) {
+        // master <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a> <b>has</b> all permissions
+        <b>return</b> <b>true</b>
+    };
+    <b>let</b> addr = <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(s);
+    <b>if</b> (!<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr)) {
+        <b>return</b> <b>false</b>
+    };
+    <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_contains_key">simple_map::contains_key</a>(
+        &<b>borrow_global</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr).perms,
+        &<a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any_pack">copyable_any::pack</a>(perm)
+    )
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_check_permission_capacity_above"></a>
+
+## Function `check_permission_capacity_above`
+
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_capacity_above">check_permission_capacity_above</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, threshold: u256, perm: PermKey): bool
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_capacity_above">check_permission_capacity_above</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(
+    s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, threshold: u256, perm: PermKey
+): bool <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>if</b> (!<a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s)) {
+        // master <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a> <b>has</b> all permissions
+        <b>return</b> <b>true</b>
+    };
+    <b>let</b> addr = <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(s);
+    <b>if</b> (!<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr)) {
+        <b>return</b> <b>false</b>
+    };
+    <b>let</b> key = <a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any_pack">copyable_any::pack</a>(perm);
+    <b>let</b> storage = &<b>borrow_global</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr).perms;
+    <b>if</b> (!<a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_contains_key">simple_map::contains_key</a>(storage, &key)) {
+        <b>return</b> <b>false</b>
+    };
+    <b>let</b> perm = <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_borrow">simple_map::borrow</a>(storage, &key);
+    match (perm) {
+        StoredPermission::Capacity(capacity) =&gt; *capacity &gt; threshold,
+        StoredPermission::Unlimited =&gt; <b>true</b>
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_check_permission_consume"></a>
+
+## Function `check_permission_consume`
+
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_consume">check_permission_consume</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, threshold: u256, perm: PermKey): bool
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_consume">check_permission_consume</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(
+    s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, threshold: u256, perm: PermKey
+): bool <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>if</b> (!<a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s)) {
+        // master <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a> <b>has</b> all permissions
+        <b>return</b> <b>true</b>
+    };
+    <b>let</b> addr = <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(s);
+    <b>if</b> (!<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr)) {
+        <b>return</b> <b>false</b>
+    };
+    <b>let</b> key = <a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any_pack">copyable_any::pack</a>(perm);
+    <b>let</b> storage = &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr).perms;
+    <b>if</b> (!<a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_contains_key">simple_map::contains_key</a>(storage, &key)) {
+        <b>return</b> <b>false</b>
+    };
+    <b>let</b> perm = <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_borrow_mut">simple_map::borrow_mut</a>(storage, &key);
+    match (perm) {
+        StoredPermission::Capacity(current_capacity) =&gt; {
+            <b>if</b> (*current_capacity &gt;= threshold) {
+                *current_capacity = *current_capacity - threshold;
+                <b>true</b>
+            } <b>else</b> { <b>false</b> }
+        }
+        StoredPermission::Unlimited =&gt; <b>true</b>
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_capacity"></a>
+
+## Function `capacity`
+
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_capacity">capacity</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: PermKey): <a href="../../aptos-stdlib/../move-stdlib/doc/option.md#0x1_option_Option">option::Option</a>&lt;u256&gt;
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_capacity">capacity</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(
+    s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: PermKey
+): Option&lt;u256&gt; <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>if</b> (!<a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s)) {
+        <b>return</b> <a href="../../aptos-stdlib/../move-stdlib/doc/option.md#0x1_option_some">option::some</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_U256_MAX">U256_MAX</a>)
+    };
+    <b>let</b> addr = <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(s);
+    <b>if</b> (!<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr)) {
+        <b>return</b> <a href="../../aptos-stdlib/../move-stdlib/doc/option.md#0x1_option_none">option::none</a>()
+    };
+    <b>let</b> perm_storage = &<b>borrow_global</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr).perms;
+    <b>let</b> key = <a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any_pack">copyable_any::pack</a>(perm);
+    <b>if</b> (<a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_contains_key">simple_map::contains_key</a>(perm_storage, &key)) {
+        <b>let</b> perm = <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_borrow">simple_map::borrow</a>(perm_storage, &key);
+        <a href="../../aptos-stdlib/../move-stdlib/doc/option.md#0x1_option_some">option::some</a>(match (perm) {
+            StoredPermission::Capacity(capacity) =&gt; *capacity,
+            StoredPermission::Unlimited =&gt; <a href="permissioned_signer.md#0x1_permissioned_signer_U256_MAX">U256_MAX</a>,
+        })
+    } <b>else</b> {
+        <a href="../../aptos-stdlib/../move-stdlib/doc/option.md#0x1_option_none">option::none</a>()
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_revoke_permission"></a>
+
+## Function `revoke_permission`
+
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_revoke_permission">revoke_permission</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: PermKey)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_revoke_permission">revoke_permission</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(
+    permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: PermKey
+) <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>if</b> (!<a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(permissioned)) {
+        // Master <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a> <b>has</b> no permissions associated <b>with</b> it.
+        <b>return</b>
+    };
+    <b>let</b> addr = <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(permissioned);
+    <b>if</b> (!<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr)) { <b>return</b> };
+    <b>let</b> perm_storage = &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr).perms;
+    <b>let</b> key = <a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any_pack">copyable_any::pack</a>(perm);
+    <b>if</b> (<a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_contains_key">simple_map::contains_key</a>(perm_storage, &key)) {
+        <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_remove">simple_map::remove</a>(
+            &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr).perms,
+            &<a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any_pack">copyable_any::pack</a>(perm)
+        );
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_extract_permission"></a>
+
+## Function `extract_permission`
+
+Another flavor of api to extract and store permissions
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_extract_permission">extract_permission</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, weight: u256, perm: PermKey): <a href="permissioned_signer.md#0x1_permissioned_signer_Permission">permissioned_signer::Permission</a>&lt;PermKey&gt;
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_extract_permission">extract_permission</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(
+    s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, weight: u256, perm: PermKey
+): <a href="permissioned_signer.md#0x1_permissioned_signer_Permission">Permission</a>&lt;PermKey&gt; <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>assert</b>!(
+        <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_consume">check_permission_consume</a>(s, weight, perm),
+        <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_ECANNOT_EXTRACT_PERMISSION">ECANNOT_EXTRACT_PERMISSION</a>)
+    );
+    Permission::Capacity {
+        owner_address: <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(s),
+        key: perm,
+        capacity: weight
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_get_key"></a>
+
+## Function `get_key`
+
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_get_key">get_key</a>&lt;PermKey&gt;(perm: &<a href="permissioned_signer.md#0x1_permissioned_signer_Permission">permissioned_signer::Permission</a>&lt;PermKey&gt;): &PermKey
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_get_key">get_key</a>&lt;PermKey&gt;(perm: &<a href="permissioned_signer.md#0x1_permissioned_signer_Permission">Permission</a>&lt;PermKey&gt;): &PermKey {
+    &perm.key
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_address_of"></a>
+
+## Function `address_of`
+
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_address_of">address_of</a>&lt;PermKey&gt;(perm: &<a href="permissioned_signer.md#0x1_permissioned_signer_Permission">permissioned_signer::Permission</a>&lt;PermKey&gt;): <b>address</b>
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_address_of">address_of</a>&lt;PermKey&gt;(perm: &<a href="permissioned_signer.md#0x1_permissioned_signer_Permission">Permission</a>&lt;PermKey&gt;): <b>address</b> {
+    perm.owner_address
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_consume_permission"></a>
+
+## Function `consume_permission`
+
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_consume_permission">consume_permission</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(perm: &<b>mut</b> <a href="permissioned_signer.md#0x1_permissioned_signer_Permission">permissioned_signer::Permission</a>&lt;PermKey&gt;, weight: u256, perm_key: PermKey): bool
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_consume_permission">consume_permission</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(
+    perm: &<b>mut</b> <a href="permissioned_signer.md#0x1_permissioned_signer_Permission">Permission</a>&lt;PermKey&gt;, weight: u256, perm_key: PermKey
+): bool {
+    <b>if</b> (perm.key != perm_key) {
+        <b>return</b> <b>false</b>
+    };
+    <b>if</b> (perm.capacity &gt;= weight) {
+        perm.capacity = perm.capacity - weight;
+        <b>return</b> <b>true</b>
+    } <b>else</b> {
+        <b>return</b> <b>false</b>
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_store_permission"></a>
+
+## Function `store_permission`
+
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_store_permission">store_permission</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: <a href="permissioned_signer.md#0x1_permissioned_signer_Permission">permissioned_signer::Permission</a>&lt;PermKey&gt;)
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_store_permission">store_permission</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(
+    s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: <a href="permissioned_signer.md#0x1_permissioned_signer_Permission">Permission</a>&lt;PermKey&gt;
+) <b>acquires</b> <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a> {
+    <b>assert</b>!(
+        <a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s),
+        <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_ENOT_PERMISSIONED_SIGNER">ENOT_PERMISSIONED_SIGNER</a>)
+    );
+    <b>let</b> Permission::Capacity { key, capacity, owner_address } = perm;
+
+    <b>assert</b>!(
+        <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(s) == owner_address,
+        <a href="../../aptos-stdlib/../move-stdlib/doc/error.md#0x1_error_permission_denied">error::permission_denied</a>(<a href="permissioned_signer.md#0x1_permissioned_signer_E_PERMISSION_MISMATCH">E_PERMISSION_MISMATCH</a>)
+    );
+
+    <b>let</b> permission_signer_addr = <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(s);
+
+    <b>if</b> (!<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(permission_signer_addr)) {
+        <b>let</b> <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a> = <a href="create_signer.md#0x1_create_signer">create_signer</a>(permission_signer_addr);
+        <b>move_to</b>(&<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, PermissionStorage::V1 { perms: <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_new">simple_map::new</a>() });
+    };
+    <b>let</b> perms =
+        &<b>mut</b> <b>borrow_global_mut</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(permission_signer_addr).perms;
+    <b>let</b> key = <a href="../../aptos-stdlib/doc/copyable_any.md#0x1_copyable_any_pack">copyable_any::pack</a>(key);
+    <b>if</b> (<a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_contains_key">simple_map::contains_key</a>(perms, &key)) {
+        <b>let</b> entry = <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_borrow_mut">simple_map::borrow_mut</a>(perms, &key);
+        match (entry) {
+            StoredPermission::Capacity(current_capacity) =&gt; {
+                *current_capacity = *current_capacity + capacity;
+            }
+            StoredPermission::Unlimited =&gt; (),
+        }
+    } <b>else</b> {
+        <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_add">simple_map::add</a>(perms, key, StoredPermission::Capacity(capacity))
+    }
+}
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_is_permissioned_signer"></a>
+
+## Function `is_permissioned_signer`
+
+Creates a permissioned signer from an existing universal signer. The function aborts if the
+given signer is already a permissioned signer.
+
+The implementation of this function requires to extend the value representation for signers in the VM.
+
+Check whether this is a permissioned signer.
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): bool
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>public</b> <b>native</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): bool;
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_permission_address"></a>
+
+## Function `permission_address`
+
+Return the address used for storing permissions. Aborts if not a permissioned signer.
+
+
+<pre><code><b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): <b>address</b>
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>native</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): <b>address</b>;
+</code></pre>
+
+
+
+</details>
+
+<a id="0x1_permissioned_signer_signer_from_permissioned_handle_impl"></a>
+
+## Function `signer_from_permissioned_handle_impl`
+
+
+invariants:
+signer::address_of(master) == signer::address_of(signer_from_permissioned_handle(create_permissioned_handle(master))),
+
+
+<pre><code><b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_permissioned_handle_impl">signer_from_permissioned_handle_impl</a>(master_account_addr: <b>address</b>, permissions_storage_addr: <b>address</b>): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>
+</code></pre>
+
+
+
+<details>
+<summary>Implementation</summary>
+
+
+<pre><code><b>native</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_permissioned_handle_impl">signer_from_permissioned_handle_impl</a>(
+    master_account_addr: <b>address</b>, permissions_storage_addr: <b>address</b>
+): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>;
+</code></pre>
+
+
+
+</details>
+
+<a id="@Specification_1"></a>
+
+## Specification
+
+
+
+<pre><code><b>axiom</b> <b>forall</b> a: <a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>:
+    (
+        <b>forall</b> i in 0..len(a.active_handles):
+            <b>forall</b> j in 0..len(a.active_handles):
+                i != j ==&gt;
+                    a.active_handles[i] != a.active_handles[j]
+    );
+</code></pre>
+
+
+
+
+<a id="0x1_permissioned_signer_spec_is_permissioned_signer"></a>
+
+
+<pre><code><b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(s: <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): bool;
+</code></pre>
+
+
+
+<a id="@Specification_1_create_permissioned_handle"></a>
+
+### Function `create_permissioned_handle`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_create_permissioned_handle">create_permissioned_handle</a>(master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionedHandle">permissioned_signer::PermissionedHandle</a>
+</code></pre>
+
+
+
+
+<pre><code><b>pragma</b> opaque;
+<b>aborts_if</b> [abstract] <a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(master);
+<b>let</b> permissions_storage_addr = <a href="transaction_context.md#0x1_transaction_context_spec_generate_unique_address">transaction_context::spec_generate_unique_address</a>();
+<b>modifies</b> <b>global</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(permissions_storage_addr);
+<b>let</b> master_account_addr = <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(master);
+<b>ensures</b> result.master_account_addr == master_account_addr;
+<b>ensures</b> result.permissions_storage_addr == permissions_storage_addr;
+</code></pre>
+
+
+
+<a id="@Specification_1_create_storable_permissioned_handle"></a>
+
+### Function `create_storable_permissioned_handle`
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_create_storable_permissioned_handle">create_storable_permissioned_handle</a>(master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, expiration_time: u64): <a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">permissioned_signer::StorablePermissionedHandle</a>
+</code></pre>
+
+
+
+
+<pre><code><b>pragma</b> opaque;
+<b>aborts_if</b> [abstract] <a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(master);
+<b>let</b> permissions_storage_addr = <a href="transaction_context.md#0x1_transaction_context_spec_generate_unique_address">transaction_context::spec_generate_unique_address</a>();
+<b>modifies</b> <b>global</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(permissions_storage_addr);
+<b>let</b> master_account_addr = <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(master);
+<b>modifies</b> <b>global</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr);
+<b>ensures</b> result.master_account_addr == master_account_addr;
+<b>ensures</b> result.permissions_storage_addr == permissions_storage_addr;
+<b>ensures</b> result.expiration_time == expiration_time;
+<b>ensures</b> <a href="../../aptos-stdlib/../move-stdlib/doc/vector.md#0x1_vector_spec_contains">vector::spec_contains</a>(
+    <b>global</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr).active_handles,
+    permissions_storage_addr
+);
+<b>ensures</b> <b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(master_account_addr);
+</code></pre>
+
+
+
+<a id="@Specification_1_destroy_permissioned_handle"></a>
+
+### Function `destroy_permissioned_handle`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_permissioned_handle">destroy_permissioned_handle</a>(p: <a href="permissioned_signer.md#0x1_permissioned_signer_PermissionedHandle">permissioned_signer::PermissionedHandle</a>)
+</code></pre>
+
+
+
+
+<pre><code><b>ensures</b> !<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(p.permissions_storage_addr);
+</code></pre>
+
+
+
+<a id="@Specification_1_destroy_storable_permissioned_handle"></a>
+
+### Function `destroy_storable_permissioned_handle`
+
+
+<pre><code><b>public</b>(<b>friend</b>) <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_destroy_storable_permissioned_handle">destroy_storable_permissioned_handle</a>(p: <a href="permissioned_signer.md#0x1_permissioned_signer_StorablePermissionedHandle">permissioned_signer::StorablePermissionedHandle</a>)
+</code></pre>
+
+
+
+
+<pre><code><b>ensures</b> !<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(p.permissions_storage_addr);
+<b>let</b> <b>post</b> granted_permissions = <b>global</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_GrantedPermissionHandles">GrantedPermissionHandles</a>&gt;(
+    p.master_account_addr
+);
+</code></pre>
+
+
+
+<a id="@Specification_1_revoke_permission_storage_address"></a>
+
+### Function `revoke_permission_storage_address`
+
+
+<pre><code><b>public</b> entry <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_revoke_permission_storage_address">revoke_permission_storage_address</a>(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, permissions_storage_addr: <b>address</b>)
+</code></pre>
+
+
+
+
+<a id="@Specification_1_authorize"></a>
+
+### Function `authorize`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_authorize">authorize</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(master: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, capacity: u256, perm: PermKey)
+</code></pre>
+
+
+
+
+<pre><code><b>pragma</b> aborts_if_is_partial;
+<b>aborts_if</b> !<a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(permissioned);
+<b>aborts_if</b> <a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(master);
+<b>aborts_if</b> <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(permissioned) != <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer_address_of">signer::address_of</a>(master);
+<b>ensures</b> <b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(
+    <a href="permissioned_signer.md#0x1_permissioned_signer_spec_permission_address">spec_permission_address</a>(permissioned)
+);
+</code></pre>
+
+
+
+<a id="@Specification_1_check_permission_exists"></a>
+
+### Function `check_permission_exists`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_exists">check_permission_exists</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: PermKey): bool
+</code></pre>
+
+
+
+
+<pre><code><b>pragma</b> opaque;
+<b>aborts_if</b> <b>false</b>;
+<b>ensures</b> result == <a href="permissioned_signer.md#0x1_permissioned_signer_spec_check_permission_exists">spec_check_permission_exists</a>(s, perm);
+</code></pre>
+
+
+
+
+<a id="0x1_permissioned_signer_spec_check_permission_exists"></a>
+
+
+<pre><code><b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_spec_check_permission_exists">spec_check_permission_exists</a>&lt;PermKey: <b>copy</b> + drop + store&gt;(s: <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: PermKey): bool {
+   <b>use</b> aptos_std::type_info;
+   <b>use</b> std::bcs;
+   <b>let</b> addr = <a href="permissioned_signer.md#0x1_permissioned_signer_spec_permission_address">spec_permission_address</a>(s);
+   <b>let</b> key = Any {
+       type_name: <a href="../../aptos-stdlib/doc/type_info.md#0x1_type_info_type_name">type_info::type_name</a>&lt;PermKey&gt;(),
+       data: <a href="../../aptos-stdlib/../move-stdlib/doc/bcs.md#0x1_bcs_serialize">bcs::serialize</a>(perm)
+   };
+   <b>if</b> (!<a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(s)) { <b>true</b> }
+   <b>else</b> <b>if</b> (!<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr)) { <b>false</b> }
+   <b>else</b> {
+       <a href="../../aptos-stdlib/doc/simple_map.md#0x1_simple_map_spec_contains_key">simple_map::spec_contains_key</a>(<b>global</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(addr).perms, key)
+   }
+}
+</code></pre>
+
+
+
+<a id="@Specification_1_check_permission_capacity_above"></a>
+
+### Function `check_permission_capacity_above`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_capacity_above">check_permission_capacity_above</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, threshold: u256, perm: PermKey): bool
+</code></pre>
+
+
+
+
+<pre><code><b>let</b> permissioned_signer_addr = <a href="permissioned_signer.md#0x1_permissioned_signer_spec_permission_address">spec_permission_address</a>(s);
+<b>ensures</b> !<a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(s) ==&gt; result == <b>true</b>;
+<b>ensures</b> (
+    <a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(s)
+        && !<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(permissioned_signer_addr)
+) ==&gt; result == <b>false</b>;
+<b>let</b> key = Any {
+    type_name: <a href="../../aptos-stdlib/doc/type_info.md#0x1_type_info_type_name">type_info::type_name</a>&lt;SimpleMap&lt;Any, u256&gt;&gt;(),
+    data: <a href="../../aptos-stdlib/../move-stdlib/doc/bcs.md#0x1_bcs_serialize">bcs::serialize</a>(perm)
+};
+</code></pre>
+
+
+
+<a id="@Specification_1_check_permission_consume"></a>
+
+### Function `check_permission_consume`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_check_permission_consume">check_permission_consume</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, threshold: u256, perm: PermKey): bool
+</code></pre>
+
+
+
+
+<pre><code><b>let</b> permissioned_signer_addr = <a href="permissioned_signer.md#0x1_permissioned_signer_spec_permission_address">spec_permission_address</a>(s);
+<b>ensures</b> !<a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(s) ==&gt; result == <b>true</b>;
+<b>ensures</b> (
+    <a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(s)
+        && !<b>exists</b>&lt;<a href="permissioned_signer.md#0x1_permissioned_signer_PermissionStorage">PermissionStorage</a>&gt;(permissioned_signer_addr)
+) ==&gt; result == <b>false</b>;
+</code></pre>
+
+
+
+<a id="@Specification_1_capacity"></a>
+
+### Function `capacity`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_capacity">capacity</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>, perm: PermKey): <a href="../../aptos-stdlib/../move-stdlib/doc/option.md#0x1_option_Option">option::Option</a>&lt;u256&gt;
+</code></pre>
+
+
+
+
+<a id="@Specification_1_consume_permission"></a>
+
+### Function `consume_permission`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_consume_permission">consume_permission</a>&lt;PermKey: <b>copy</b>, drop, store&gt;(perm: &<b>mut</b> <a href="permissioned_signer.md#0x1_permissioned_signer_Permission">permissioned_signer::Permission</a>&lt;PermKey&gt;, weight: u256, perm_key: PermKey): bool
+</code></pre>
+
+
+
+
+<pre><code><b>ensures</b> perm.key != perm_key ==&gt; result == <b>false</b>;
+<b>ensures</b> perm.key == perm_key && <b>old</b>(perm.capacity) &lt; weight ==&gt; result == <b>false</b>;
+<b>ensures</b> perm.key == perm_key
+    && perm.capacity &gt;= weight ==&gt;
+    (perm.capacity == <b>old</b>(perm.capacity) - weight
+        && result == <b>true</b>);
+</code></pre>
+
+
+
+<a id="@Specification_1_is_permissioned_signer"></a>
+
+### Function `is_permissioned_signer`
+
+
+<pre><code><b>public</b> <b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_is_permissioned_signer">is_permissioned_signer</a>(s: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): bool
+</code></pre>
+
+
+
+
+<pre><code><b>pragma</b> opaque;
+<b>aborts_if</b> [abstract] <b>false</b>;
+<b>ensures</b> [abstract] result == <a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(s);
+</code></pre>
+
+
+
+
+<a id="0x1_permissioned_signer_spec_permission_address"></a>
+
+
+<pre><code><b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_spec_permission_address">spec_permission_address</a>(s: <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): <b>address</b>;
+</code></pre>
+
+
+
+<a id="@Specification_1_permission_address"></a>
+
+### Function `permission_address`
+
+
+<pre><code><b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_permission_address">permission_address</a>(permissioned: &<a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>): <b>address</b>
+</code></pre>
+
+
+
+
+<pre><code><b>pragma</b> opaque;
+<b>aborts_if</b> [abstract]!<a href="permissioned_signer.md#0x1_permissioned_signer_spec_is_permissioned_signer">spec_is_permissioned_signer</a>(permissioned);
+<b>ensures</b> [abstract] result == <a href="permissioned_signer.md#0x1_permissioned_signer_spec_permission_address">spec_permission_address</a>(permissioned);
+</code></pre>
+
+
+
+
+<a id="0x1_permissioned_signer_spec_signer_from_permissioned_handle_impl"></a>
+
+
+<pre><code><b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_spec_signer_from_permissioned_handle_impl">spec_signer_from_permissioned_handle_impl</a>(
+   master_account_addr: <b>address</b>, permissions_storage_addr: <b>address</b>
+): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>;
+</code></pre>
+
+
+
+<a id="@Specification_1_signer_from_permissioned_handle_impl"></a>
+
+### Function `signer_from_permissioned_handle_impl`
+
+
+<pre><code><b>fun</b> <a href="permissioned_signer.md#0x1_permissioned_signer_signer_from_permissioned_handle_impl">signer_from_permissioned_handle_impl</a>(master_account_addr: <b>address</b>, permissions_storage_addr: <b>address</b>): <a href="../../aptos-stdlib/../move-stdlib/doc/signer.md#0x1_signer">signer</a>
+</code></pre>
+
+
+
+
+<pre><code><b>pragma</b> opaque;
+<b>ensures</b> [abstract] result
+    == <a href="permissioned_signer.md#0x1_permissioned_signer_spec_signer_from_permissioned_handle_impl">spec_signer_from_permissioned_handle_impl</a>(
+        master_account_addr, permissions_storage_addr
+    );
+</code></pre>
+
+
+[move-book]: https://aptos.dev/move/book/SUMMARY
diff --git a/aptos-move/framework/aptos-framework/sources/create_signer.move b/aptos-move/framework/aptos-framework/sources/create_signer.move
index 3da0c50c904f0..a92dd88845568 100644
--- a/aptos-move/framework/aptos-framework/sources/create_signer.move
+++ b/aptos-move/framework/aptos-framework/sources/create_signer.move
@@ -16,6 +16,7 @@ module aptos_framework::create_signer {
     friend aptos_framework::genesis;
     friend aptos_framework::multisig_account;
     friend aptos_framework::object;
+    friend aptos_framework::permissioned_signer;
 
     public(friend) native fun create_signer(addr: address): signer;
 }
diff --git a/aptos-move/framework/aptos-framework/sources/permissioned_signer.move b/aptos-move/framework/aptos-framework/sources/permissioned_signer.move
new file mode 100644
index 0000000000000..5da091eb23111
--- /dev/null
+++ b/aptos-move/framework/aptos-framework/sources/permissioned_signer.move
@@ -0,0 +1,637 @@
+/// A _permissioned signer_ consists of a pair of the original signer and a generated
+/// address which is used store information about associated permissions.
+///
+/// A permissioned signer is a restricted version of a signer. Functions `move_to` and
+/// `address_of` behave the same, and can be passed wherever signer is needed. However,
+/// code can internally query for the permissions to assert additional restrictions on
+/// the use of the signer.
+///
+/// A client which is interested in restricting access granted via a signer can create a permissioned signer
+/// and pass on to other existing code without changes to existing APIs. Core functions in the framework, for
+/// example account functions, can then assert availability of permissions, effectively restricting
+/// existing code in a compatible way.
+///
+/// After introducing the core functionality, examples are provided for withdraw limit on accounts, and
+/// for blind signing.
+module aptos_framework::permissioned_signer {
+    use std::signer;
+    use std::error;
+    use std::vector;
+    use std::option::{Option, Self};
+    use aptos_std::copyable_any::{Self, Any};
+    use aptos_std::simple_map::{Self, SimpleMap};
+    use aptos_framework::create_signer::create_signer;
+    use aptos_framework::transaction_context::generate_auid_address;
+    use aptos_framework::timestamp;
+
+    #[test_only]
+    friend aptos_framework::permissioned_signer_tests;
+
+    /// Trying to grant permission using master signer.
+    const ENOT_MASTER_SIGNER: u64 = 1;
+
+    /// Cannot authorize a permission.
+    const ECANNOT_AUTHORIZE: u64 = 2;
+
+    /// Access permission information from a master signer.
+    const ENOT_PERMISSIONED_SIGNER: u64 = 3;
+
+    /// signer doesn't have enough capacity to extract permission.
+    const ECANNOT_EXTRACT_PERMISSION: u64 = 4;
+
+    /// permission handle has expired.
+    const E_PERMISSION_EXPIRED: u64 = 5;
+
+    /// storing extracted permission into a different signer.
+    const E_PERMISSION_MISMATCH: u64 = 6;
+
+    /// permission handle has been revoked by the original signer.
+    const E_PERMISSION_REVOKED: u64 = 7;
+
+    /// destroying permission handle that has already been revoked or not owned by the
+    /// given master signer.
+    const E_NOT_ACTIVE: u64 = 8;
+
+    const U256_MAX: u256 =
+        115792089237316195423570985008687907853269984665640564039457584007913129639935;
+
+    struct GrantedPermissionHandles has key {
+        active_handles: vector<address>
+    }
+
+    enum PermissionedHandle {
+        V1 {
+            master_account_addr: address,
+            permissions_storage_addr: address
+        }
+    }
+
+    enum StorablePermissionedHandle has store {
+        V1 {
+            master_account_addr: address,
+            permissions_storage_addr: address,
+            expiration_time: u64
+        }
+    }
+
+    enum PermissionStorage has key {
+        V1 {
+            perms: SimpleMap<Any, StoredPermission>
+        }
+    }
+
+    enum StoredPermission has store, copy, drop {
+        Unlimited,
+        Capacity(u256),
+    }
+
+    enum Permission<K> {
+        V1 {
+            owner_address: address,
+            key: K,
+            perm: StoredPermission,
+        }
+    }
+
+    /// Create an ephermeral permission handle based on the master signer.
+    ///
+    /// This handle can be used to derive a signer that can be used in the context of
+    /// the current transaction.
+    public fun create_permissioned_handle(master: &signer): PermissionedHandle {
+        assert_master_signer(master);
+        let permissions_storage_addr = generate_auid_address();
+        let master_account_addr = signer::address_of(master);
+
+        move_to(
+            &create_signer(permissions_storage_addr),
+            PermissionStorage::V1 { perms: simple_map::new() }
+        );
+
+        PermissionedHandle::V1 { master_account_addr, permissions_storage_addr }
+    }
+
+    /// Create an storable permission handle based on the master signer.
+    ///
+    /// This handle can be used to derive a signer that can be stored by a smart contract.
+    /// This is as dangerous as key delegation, thus it remains public(friend) for now.
+    public(friend) fun create_storable_permissioned_handle(
+        master: &signer, expiration_time: u64
+    ): StorablePermissionedHandle acquires GrantedPermissionHandles {
+        assert_master_signer(master);
+        let permissions_storage_addr = generate_auid_address();
+        let master_account_addr = signer::address_of(master);
+
+        assert!(
+            timestamp::now_seconds() < expiration_time,
+            error::permission_denied(E_PERMISSION_EXPIRED)
+        );
+
+        if (!exists<GrantedPermissionHandles>(master_account_addr)) {
+            move_to<GrantedPermissionHandles>(
+                master, GrantedPermissionHandles { active_handles: vector::empty() }
+            );
+        };
+
+        vector::push_back(
+            &mut borrow_global_mut<GrantedPermissionHandles>(master_account_addr).active_handles,
+            permissions_storage_addr
+        );
+
+        move_to(
+            &create_signer(permissions_storage_addr),
+            PermissionStorage::V1 { perms: simple_map::new() }
+        );
+
+        StorablePermissionedHandle::V1 {
+            master_account_addr,
+            permissions_storage_addr,
+            expiration_time
+        }
+    }
+
+    /// Destroys an ephermeral permission handle. Clean up the permission stored in that handle
+    public fun destroy_permissioned_handle(p: PermissionedHandle) acquires PermissionStorage {
+        let PermissionedHandle::V1 { master_account_addr: _, permissions_storage_addr } =
+            p;
+        destroy_permissions_storage_address(permissions_storage_addr);
+    }
+
+    /// Destroys a storable permission handle. Clean up the permission stored in that handle
+    public(friend) fun destroy_storable_permissioned_handle(
+        p: StorablePermissionedHandle
+    ) acquires PermissionStorage, GrantedPermissionHandles {
+        let StorablePermissionedHandle::V1 {
+            master_account_addr,
+            permissions_storage_addr,
+            expiration_time: _
+        } = p;
+
+        assert!(
+            exists<GrantedPermissionHandles>(master_account_addr),
+            error::permission_denied(E_PERMISSION_REVOKED),
+        );
+        let granted_permissions =
+            borrow_global_mut<GrantedPermissionHandles>(master_account_addr);
+        let (found, idx) = vector::index_of(
+            &granted_permissions.active_handles, &permissions_storage_addr
+        );
+
+        // Removing the address from the active handle list if it's still active.
+        if(found) {
+            vector::swap_remove(&mut granted_permissions.active_handles, idx);
+        };
+
+        destroy_permissions_storage_address(permissions_storage_addr);
+    }
+
+    inline fun destroy_permissions_storage_address(
+        permissions_storage_addr: address
+    ) acquires PermissionStorage {
+        if (exists<PermissionStorage>(permissions_storage_addr)) {
+            let PermissionStorage::V1 { perms } =
+                move_from<PermissionStorage>(permissions_storage_addr);
+            simple_map::destroy(
+                perms,
+                |_dk| {},
+                |_dv| {}
+            );
+        }
+    }
+
+    /// Generate the permissioned signer based on the ephermeral permission handle.
+    ///
+    /// This signer can be used as a regular signer for other smart contracts. However when such
+    /// signer interacts with various framework functions, it would subject to permission checks
+    /// and would abort if check fails.
+    public fun signer_from_permissioned_handle(p: &PermissionedHandle): signer {
+        signer_from_permissioned_handle_impl(
+            p.master_account_addr, p.permissions_storage_addr
+        )
+    }
+
+    /// Generate the permissioned signer based on the storable permission handle.
+    public(friend) fun signer_from_storable_permissioned_handle(
+        p: &StorablePermissionedHandle
+    ): signer {
+        assert!(
+            timestamp::now_seconds() < p.expiration_time,
+            error::permission_denied(E_PERMISSION_EXPIRED)
+        );
+        assert!(
+            exists<PermissionStorage>(p.permissions_storage_addr),
+            error::permission_denied(E_PERMISSION_REVOKED)
+        );
+        signer_from_permissioned_handle_impl(
+            p.master_account_addr, p.permissions_storage_addr
+        )
+    }
+
+    /// Revoke a specific storable permission handle immediately. This would disallow owner of
+    /// the storable permission handle to derive signer from it anymore.
+    public entry fun revoke_permission_storage_address(
+        s: &signer, permissions_storage_addr: address
+    ) acquires GrantedPermissionHandles, PermissionStorage {
+        assert!(
+            !is_permissioned_signer(s), error::permission_denied(ENOT_MASTER_SIGNER)
+        );
+        let master_account_addr = signer::address_of(s);
+
+        assert!(
+            exists<GrantedPermissionHandles>(master_account_addr),
+            error::permission_denied(E_PERMISSION_REVOKED),
+        );
+        let granted_permissions =
+            borrow_global_mut<GrantedPermissionHandles>(master_account_addr);
+        let (found, idx) = vector::index_of(
+            &granted_permissions.active_handles, &permissions_storage_addr
+        );
+
+        // The address has to be in the activated list in the master account address.
+        assert!(found, error::permission_denied(E_NOT_ACTIVE));
+        vector::swap_remove(&mut granted_permissions.active_handles, idx);
+        destroy_permissions_storage_address(permissions_storage_addr);
+    }
+
+    /// Revoke all storable permission handle of the signer immediately.
+    public entry fun revoke_all_handles(s: &signer) acquires GrantedPermissionHandles, PermissionStorage {
+        assert!(
+            !is_permissioned_signer(s), error::permission_denied(ENOT_MASTER_SIGNER)
+        );
+        let master_account_addr = signer::address_of(s);
+        if (!exists<GrantedPermissionHandles>(master_account_addr)) { return };
+
+        let granted_permissions =
+            borrow_global_mut<GrantedPermissionHandles>(master_account_addr);
+        let delete_list = vector::trim_reverse(
+            &mut granted_permissions.active_handles, 0
+        );
+        vector::destroy(
+            delete_list,
+            |address| {
+                destroy_permissions_storage_address(address);
+            }
+        )
+    }
+
+    /// Return the permission handle address so that it could be used for revokation purpose.
+    public(friend) fun permissions_storage_address(
+        p: &StorablePermissionedHandle
+    ): address {
+        p.permissions_storage_addr
+    }
+
+    /// Helper function that would abort if the signer passed in is a permissioned signer.
+    public fun assert_master_signer(s: &signer) {
+        assert!(
+            !is_permissioned_signer(s), error::permission_denied(ENOT_MASTER_SIGNER)
+        );
+    }
+
+    /// =====================================================================================================
+    /// StoredPermission operations
+    ///
+    /// check if StoredPermission has at least `threshold` capacity.
+    fun is_above(perm: &StoredPermission, threshold: u256): bool {
+        match (perm) {
+            StoredPermission::Capacity(capacity) => *capacity > threshold,
+            StoredPermission::Unlimited => true,
+        }
+    }
+
+    /// consume `threshold` capacity from StoredPermission
+    fun consume_capacity(perm: &mut StoredPermission, threshold: u256): bool {
+        match (perm) {
+            StoredPermission::Capacity(current_capacity) => {
+                if (*current_capacity >= threshold) {
+                    *current_capacity = *current_capacity - threshold;
+                    true
+                } else { false }
+            }
+            StoredPermission::Unlimited => true
+        }
+    }
+
+    /// increase `threshold` capacity from StoredPermission
+    fun increase_capacity(perm: &mut StoredPermission, threshold: u256) {
+        match (perm) {
+            StoredPermission::Capacity(current_capacity) => {
+                *current_capacity = *current_capacity + threshold;
+            }
+            StoredPermission::Unlimited => (),
+        }
+    }
+
+    /// merge the two stored permission
+    fun merge(lhs: &mut StoredPermission, rhs: StoredPermission) {
+        match (rhs) {
+            StoredPermission::Capacity(new_capacity) => {
+                match (lhs) {
+                    StoredPermission::Capacity(current_capacity) => {
+                        *current_capacity = *current_capacity + new_capacity;
+                    }
+                    StoredPermission::Unlimited => (),
+                }
+            }
+            StoredPermission::Unlimited => *lhs = StoredPermission::Unlimited,
+        }
+    }
+
+    /// =====================================================================================================
+    /// Permission Management
+    ///
+    /// Authorizes `permissioned` with the given permission. This requires to have access to the `master`
+    /// signer.
+
+    inline fun map_or<PermKey: copy + drop + store, T>(
+        permissioned: &signer,
+        perm: PermKey,
+        mutate: |&mut StoredPermission| T,
+        default: T,
+    ): T {
+        let permission_signer_addr = permission_address(permissioned);
+        assert!(
+            exists<PermissionStorage>(permission_signer_addr),
+            error::permission_denied(E_NOT_ACTIVE)
+        );
+        let perms =
+            &mut borrow_global_mut<PermissionStorage>(permission_signer_addr).perms;
+        let key = copyable_any::pack(perm);
+        if (simple_map::contains_key(perms, &key)) {
+            mutate(simple_map::borrow_mut(perms, &key))
+        } else {
+            default
+        }
+    }
+
+    inline fun insert_or<PermKey: copy + drop + store>(
+        permissioned: &signer,
+        perm: PermKey,
+        mutate: |&mut StoredPermission|,
+        default: StoredPermission,
+    ) {
+        let permission_signer_addr = permission_address(permissioned);
+        assert!(
+            exists<PermissionStorage>(permission_signer_addr),
+            error::permission_denied(E_NOT_ACTIVE)
+        );
+        let perms =
+            &mut borrow_global_mut<PermissionStorage>(permission_signer_addr).perms;
+        let key = copyable_any::pack(perm);
+        if (simple_map::contains_key(perms, &key)) {
+            mutate(simple_map::borrow_mut(perms, &key));
+        } else {
+            simple_map::add(perms, key, default);
+        }
+    }
+
+    public fun authorize<PermKey: copy + drop + store>(
+        master: &signer,
+        permissioned: &signer,
+        capacity: u256,
+        perm: PermKey
+    ) acquires PermissionStorage {
+        assert!(
+            is_permissioned_signer(permissioned)
+                && !is_permissioned_signer(master)
+                && signer::address_of(master) == signer::address_of(permissioned),
+            error::permission_denied(ECANNOT_AUTHORIZE)
+        );
+        insert_or(
+            permissioned,
+            perm,
+            |stored_permission| {
+                increase_capacity(stored_permission, capacity);
+            },
+            StoredPermission::Capacity(capacity),
+        )
+    }
+
+    /// Authorizes `permissioned` with the given unlimited permission.
+    /// Unlimited permission can be consumed however many times.
+    public fun authorize_unlimited<PermKey: copy + drop + store>(
+        master: &signer,
+        permissioned: &signer,
+        perm: PermKey
+    ) acquires PermissionStorage {
+        assert!(
+            is_permissioned_signer(permissioned)
+                && !is_permissioned_signer(master)
+                && signer::address_of(master) == signer::address_of(permissioned),
+            error::permission_denied(ECANNOT_AUTHORIZE)
+        );
+        insert_or(
+            permissioned,
+            perm,
+            |stored_permission| {
+                *stored_permission = StoredPermission::Unlimited;
+            },
+            StoredPermission::Unlimited,
+        )
+    }
+
+    public fun check_permission_exists<PermKey: copy + drop + store>(
+        s: &signer, perm: PermKey
+    ): bool acquires PermissionStorage {
+        check_permission_capacity_above(s, 0, perm)
+    }
+
+    public fun check_permission_capacity_above<PermKey: copy + drop + store>(
+        s: &signer, threshold: u256, perm: PermKey
+    ): bool acquires PermissionStorage {
+        if (!is_permissioned_signer(s)) {
+            // master signer has all permissions
+            return true
+        };
+        map_or(
+            s,
+            perm,
+            |stored_permission| {
+                is_above(stored_permission, threshold)
+            },
+            false,
+        )
+    }
+
+    public fun check_permission_consume<PermKey: copy + drop + store>(
+        s: &signer, threshold: u256, perm: PermKey
+    ): bool acquires PermissionStorage {
+        if (!is_permissioned_signer(s)) {
+            // master signer has all permissions
+            return true
+        };
+        map_or(
+            s,
+            perm,
+            |stored_permission| {
+                 consume_capacity(stored_permission, threshold)
+            },
+            false,
+        )
+    }
+
+    public fun capacity<PermKey: copy + drop + store>(
+        s: &signer, perm: PermKey
+    ): Option<u256> acquires PermissionStorage {
+        if (!is_permissioned_signer(s)) {
+            return option::some(U256_MAX)
+        };
+        map_or(
+            s,
+            perm,
+            |stored_permission: &mut StoredPermission| {
+                option::some(match (stored_permission) {
+                    StoredPermission::Capacity(capacity) => *capacity,
+                    StoredPermission::Unlimited => U256_MAX,
+                })
+            },
+            option::none(),
+        )
+    }
+
+    public fun revoke_permission<PermKey: copy + drop + store>(
+        permissioned: &signer, perm: PermKey
+    ) acquires PermissionStorage {
+        if (!is_permissioned_signer(permissioned)) {
+            // Master signer has no permissions associated with it.
+            return
+        };
+        let addr = permission_address(permissioned);
+        if (!exists<PermissionStorage>(addr)) { return };
+        let perm_storage = &mut borrow_global_mut<PermissionStorage>(addr).perms;
+        let key = copyable_any::pack(perm);
+        if (simple_map::contains_key(perm_storage, &key)) {
+            simple_map::remove(
+                &mut borrow_global_mut<PermissionStorage>(addr).perms,
+                &copyable_any::pack(perm)
+            );
+        }
+    }
+
+    /// =====================================================================================================
+    /// Another flavor of api to extract and store permissions
+    ///
+    ///
+    public fun extract_permission<PermKey: copy + drop + store>(
+        s: &signer, weight: u256, perm: PermKey
+    ): Permission<PermKey> acquires PermissionStorage {
+        assert!(
+            check_permission_consume(s, weight, perm),
+            error::permission_denied(ECANNOT_EXTRACT_PERMISSION)
+        );
+        Permission::V1 {
+            owner_address: signer::address_of(s),
+            key: perm,
+            perm: StoredPermission::Capacity(weight),
+        }
+    }
+
+    public fun extract_all_permission<PermKey: copy + drop + store>(
+        s: &signer, perm_key: PermKey
+    ): Permission<PermKey> acquires PermissionStorage {
+        assert!(
+            is_permissioned_signer(s),
+            error::permission_denied(ECANNOT_EXTRACT_PERMISSION)
+        );
+        let addr = permission_address(s);
+        assert!(
+            exists<PermissionStorage>(addr),
+            error::permission_denied(ECANNOT_EXTRACT_PERMISSION)
+        );
+        let key = copyable_any::pack(perm_key);
+        let storage = &mut borrow_global_mut<PermissionStorage>(addr).perms;
+        let (_, value) = simple_map::remove(storage, &key);
+
+        Permission::V1 {
+            owner_address: signer::address_of(s),
+            key: perm_key,
+            perm: value,
+        }
+    }
+
+    public fun address_of<PermKey>(perm: &Permission<PermKey>): address {
+        perm.owner_address
+    }
+
+    public fun consume_permission<PermKey: copy + drop + store>(
+        perm: &mut Permission<PermKey>, weight: u256, perm_key: PermKey
+    ): bool {
+        if (perm.key != perm_key) {
+            return false
+        };
+        consume_capacity(&mut perm.perm, weight)
+    }
+
+    public fun store_permission<PermKey: copy + drop + store>(
+        s: &signer, perm: Permission<PermKey>
+    ) acquires PermissionStorage {
+        assert!(
+            is_permissioned_signer(s),
+            error::permission_denied(ENOT_PERMISSIONED_SIGNER)
+        );
+        let Permission::V1 { key, perm, owner_address } = perm;
+
+        assert!(
+            signer::address_of(s) == owner_address,
+            error::permission_denied(E_PERMISSION_MISMATCH)
+        );
+
+        insert_or(
+            s,
+            key,
+            |stored_permission| {
+                merge(stored_permission, perm);
+            },
+            perm,
+        )
+    }
+
+    // =====================================================================================================
+    // Native Functions
+    ///
+    /// Check whether this is a permissioned signer.
+    public native fun is_permissioned_signer(s: &signer): bool;
+    /// Return the address used for storing permissions. Aborts if not a permissioned signer.
+    native fun permission_address(permissioned: &signer): address;
+    /// Creates a permissioned signer from an existing universal signer. The function aborts if the
+    /// given signer is already a permissioned signer.
+    ///
+    /// The implementation of this function requires to extend the value representation for signers in the VM.
+    /// invariants:
+    ///   signer::address_of(master) == signer::address_of(signer_from_permissioned_handle(create_permissioned_handle(master))),
+    ///
+    native fun signer_from_permissioned_handle_impl(
+        master_account_addr: address, permissions_storage_addr: address
+    ): signer;
+
+    #[test(creator = @0xcafe)]
+    fun signer_address_roundtrip(
+        creator: &signer
+    ) acquires PermissionStorage, GrantedPermissionHandles {
+        let aptos_framework = create_signer(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let handle = create_permissioned_handle(creator);
+        let perm_signer = signer_from_permissioned_handle(&handle);
+        assert!(signer::address_of(&perm_signer) == signer::address_of(creator), 1);
+        assert!(
+            permission_address(&perm_signer)
+                == handle.permissions_storage_addr,
+            1
+        );
+        assert!(exists<PermissionStorage>(handle.permissions_storage_addr), 1);
+
+        destroy_permissioned_handle(handle);
+
+        let handle = create_storable_permissioned_handle(creator, 60);
+        let perm_signer = signer_from_storable_permissioned_handle(&handle);
+        assert!(signer::address_of(&perm_signer) == signer::address_of(creator), 1);
+        assert!(
+            permission_address(&perm_signer)
+                == handle.permissions_storage_addr,
+            1
+        );
+        assert!(exists<PermissionStorage>(handle.permissions_storage_addr), 1);
+
+        destroy_storable_permissioned_handle(handle);
+    }
+}
diff --git a/aptos-move/framework/aptos-framework/tests/permissioned_signer_tests.move b/aptos-move/framework/aptos-framework/tests/permissioned_signer_tests.move
new file mode 100644
index 0000000000000..ed0fe04e1e837
--- /dev/null
+++ b/aptos-move/framework/aptos-framework/tests/permissioned_signer_tests.move
@@ -0,0 +1,322 @@
+#[test_only]
+module aptos_framework::permissioned_signer_tests {
+    use aptos_framework::account::create_signer_for_test;
+    use aptos_framework::permissioned_signer;
+    use aptos_framework::timestamp;
+    use std::option;
+    use std::signer;
+
+    struct OnePermission has copy, drop, store {}
+
+    struct AddressPermission has copy, drop, store {
+        addr: address
+    }
+
+    #[test(creator = @0xcafe)]
+    fun test_permission_e2e(creator: &signer) {
+        let aptos_framework = create_signer_for_test(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let perm_handle = permissioned_signer::create_permissioned_handle(creator);
+        let perm_signer = permissioned_signer::signer_from_permissioned_handle(&perm_handle);
+
+        assert!(permissioned_signer::is_permissioned_signer(&perm_signer), 1);
+        assert!(!permissioned_signer::is_permissioned_signer(creator), 1);
+        assert!(signer::address_of(&perm_signer) == signer::address_of(creator), 1);
+
+        permissioned_signer::authorize(creator, &perm_signer, 100, OnePermission {});
+        assert!(
+            permissioned_signer::capacity(&perm_signer, OnePermission {})
+                == option::some(100),
+            1
+        );
+
+        assert!(
+            permissioned_signer::check_permission_consume(
+                &perm_signer, 10, OnePermission {}
+            ),
+            1
+        );
+        assert!(
+            permissioned_signer::capacity(&perm_signer, OnePermission {})
+                == option::some(90),
+            1
+        );
+
+        permissioned_signer::authorize(
+            creator,
+            &perm_signer,
+            5,
+            AddressPermission { addr: @0x1 }
+        );
+
+        assert!(
+            permissioned_signer::capacity(&perm_signer, AddressPermission { addr: @0x1 })
+                == option::some(5),
+            1
+        );
+        assert!(
+            permissioned_signer::capacity(&perm_signer, AddressPermission { addr: @0x2 })
+                == option::none(),
+            1
+        );
+
+        // Not enough capacity, check permission should return false
+        assert!(
+            !permissioned_signer::check_permission_consume(
+                &perm_signer, 10, AddressPermission { addr: @0x1 }
+            ),
+            1
+        );
+
+        assert!(
+            permissioned_signer::check_permission_consume(
+                &perm_signer, 5, AddressPermission { addr: @0x1 }
+            ),
+            1
+        );
+
+        // Remaining capacity is 0, should be viewed as non-exist.
+        assert!(
+            !permissioned_signer::check_permission_exists(
+                &perm_signer, AddressPermission { addr: @0x1 }
+            ),
+            1
+        );
+
+        permissioned_signer::revoke_permission(&perm_signer, OnePermission {});
+        assert!(
+            permissioned_signer::capacity(&perm_signer, OnePermission {})
+                == option::none(),
+            1
+        );
+
+        permissioned_signer::destroy_permissioned_handle(perm_handle);
+    }
+
+    #[test(creator = @0xcafe)]
+    fun test_storable_permission_e2e(creator: &signer) {
+        let aptos_framework = create_signer_for_test(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let perm_handle =
+            permissioned_signer::create_storable_permissioned_handle(creator, 60);
+        let perm_signer =
+            permissioned_signer::signer_from_storable_permissioned_handle(&perm_handle);
+
+        assert!(permissioned_signer::is_permissioned_signer(&perm_signer), 1);
+        assert!(!permissioned_signer::is_permissioned_signer(creator), 1);
+        assert!(signer::address_of(&perm_signer) == signer::address_of(creator), 1);
+
+        permissioned_signer::authorize(creator, &perm_signer, 100, OnePermission {});
+        assert!(
+            permissioned_signer::capacity(&perm_signer, OnePermission {})
+                == option::some(100),
+            1
+        );
+
+        assert!(
+            permissioned_signer::check_permission_consume(
+                &perm_signer, 10, OnePermission {}
+            ),
+            1
+        );
+        assert!(
+            permissioned_signer::capacity(&perm_signer, OnePermission {})
+                == option::some(90),
+            1
+        );
+
+        permissioned_signer::authorize(
+            creator,
+            &perm_signer,
+            5,
+            AddressPermission { addr: @0x1 }
+        );
+
+        assert!(
+            permissioned_signer::capacity(&perm_signer, AddressPermission { addr: @0x1 })
+                == option::some(5),
+            1
+        );
+        assert!(
+            permissioned_signer::capacity(&perm_signer, AddressPermission { addr: @0x2 })
+                == option::none(),
+            1
+        );
+
+        // Not enough capacity, check permission should return false
+        assert!(
+            !permissioned_signer::check_permission_consume(
+                &perm_signer, 10, AddressPermission { addr: @0x1 }
+            ),
+            1
+        );
+
+        permissioned_signer::revoke_permission(&perm_signer, OnePermission {});
+        assert!(
+            permissioned_signer::capacity(&perm_signer, OnePermission {})
+                == option::none(),
+            1
+        );
+
+        permissioned_signer::destroy_storable_permissioned_handle(perm_handle);
+    }
+
+    #[test(creator = @0xcafe)]
+    #[expected_failure(
+        abort_code = 0x50005, location = aptos_framework::permissioned_signer
+    )]
+    fun test_permission_expiration(creator: &signer) {
+        let aptos_framework = create_signer_for_test(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let perm_handle =
+            permissioned_signer::create_storable_permissioned_handle(creator, 60);
+        let _perm_signer =
+            permissioned_signer::signer_from_storable_permissioned_handle(&perm_handle);
+
+        timestamp::fast_forward_seconds(60);
+        let _perm_signer =
+            permissioned_signer::signer_from_storable_permissioned_handle(&perm_handle);
+
+        permissioned_signer::destroy_storable_permissioned_handle(perm_handle);
+    }
+
+    // invalid authorization
+    // 1. master signer is a permissioned signer
+    // 2. permissioned signer is a master signer
+    // 3. permissioned and main signer address mismatch
+    #[test(creator = @0xcafe)]
+    #[expected_failure(
+        abort_code = 0x50002, location = aptos_framework::permissioned_signer
+    )]
+    fun test_auth_1(creator: &signer) {
+        let aptos_framework = create_signer_for_test(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let perm_handle = permissioned_signer::create_permissioned_handle(creator);
+        let perm_signer = permissioned_signer::signer_from_permissioned_handle(&perm_handle);
+
+        permissioned_signer::authorize(
+            &perm_signer,
+            &perm_signer,
+            100,
+            OnePermission {}
+        );
+        permissioned_signer::destroy_permissioned_handle(perm_handle);
+    }
+
+    #[test(creator = @0xcafe)]
+    #[expected_failure(
+        abort_code = 0x50002, location = aptos_framework::permissioned_signer
+    )]
+    fun test_auth_2(creator: &signer) {
+        permissioned_signer::authorize(creator, creator, 100, OnePermission {});
+    }
+
+    #[test(creator = @0xcafe, creator2 = @0xbeef)]
+    #[expected_failure(
+        abort_code = 0x50002, location = aptos_framework::permissioned_signer
+    )]
+    fun test_auth_3(creator: &signer, creator2: &signer) {
+        let aptos_framework = create_signer_for_test(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let perm_handle = permissioned_signer::create_permissioned_handle(creator);
+        let perm_signer = permissioned_signer::signer_from_permissioned_handle(&perm_handle);
+
+        permissioned_signer::authorize(creator2, &perm_signer, 100, OnePermission {});
+        permissioned_signer::destroy_permissioned_handle(perm_handle);
+    }
+
+    // Accessing capacity on a master signer
+    #[test(creator = @0xcafe)]
+    fun test_invalid_capacity(creator: &signer) {
+        assert!(
+            permissioned_signer::capacity(creator, OnePermission {})
+                == option::some(
+                    115792089237316195423570985008687907853269984665640564039457584007913129639935
+                ),
+            1
+        );
+    }
+
+    // creating permission using a permissioned signer
+    #[test(creator = @0xcafe)]
+    #[expected_failure(
+        abort_code = 0x50001, location = aptos_framework::permissioned_signer
+    )]
+    fun test_invalid_creation(creator: &signer) {
+        let aptos_framework = create_signer_for_test(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let perm_handle = permissioned_signer::create_permissioned_handle(creator);
+        let perm_signer = permissioned_signer::signer_from_permissioned_handle(&perm_handle);
+
+        let perm_handle_2 = permissioned_signer::create_permissioned_handle(&perm_signer);
+        permissioned_signer::destroy_permissioned_handle(perm_handle);
+        permissioned_signer::destroy_permissioned_handle(perm_handle_2);
+    }
+
+    #[test(creator = @0xcafe)]
+    fun test_permission_revokation_success(creator: &signer) {
+        let aptos_framework = create_signer_for_test(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let perm_handle =
+            permissioned_signer::create_storable_permissioned_handle(creator, 60);
+        let _perm_signer =
+            permissioned_signer::signer_from_storable_permissioned_handle(&perm_handle);
+
+        permissioned_signer::revoke_permission_storage_address(
+            creator, permissioned_signer::permissions_storage_address(&perm_handle)
+        );
+
+        permissioned_signer::destroy_storable_permissioned_handle(perm_handle);
+    }
+
+    #[test(creator = @0xcafe)]
+    #[expected_failure(
+        abort_code = 0x50007, location = aptos_framework::permissioned_signer
+    )]
+    fun test_permission_revokation_and_access(creator: &signer) {
+        let aptos_framework = create_signer_for_test(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let perm_handle =
+            permissioned_signer::create_storable_permissioned_handle(creator, 60);
+        let _perm_signer =
+            permissioned_signer::signer_from_storable_permissioned_handle(&perm_handle);
+
+        permissioned_signer::revoke_permission_storage_address(
+            creator, permissioned_signer::permissions_storage_address(&perm_handle)
+        );
+        let _perm_signer =
+            permissioned_signer::signer_from_storable_permissioned_handle(&perm_handle);
+
+        permissioned_signer::destroy_storable_permissioned_handle(perm_handle);
+    }
+
+    #[test(creator1 = @0xcafe, creator2 = @0xbafe)]
+    #[expected_failure(
+        abort_code = 0x50008, location = aptos_framework::permissioned_signer
+    )]
+    fun test_permission_revoke_other(creator1: &signer, creator2: &signer) {
+        let aptos_framework = create_signer_for_test(@0x1);
+        timestamp::set_time_has_started_for_testing(&aptos_framework);
+
+        let perm_handle_1 =
+            permissioned_signer::create_storable_permissioned_handle(creator1, 60);
+
+        let perm_handle_2 =
+            permissioned_signer::create_storable_permissioned_handle(creator2, 60);
+
+        permissioned_signer::revoke_permission_storage_address(
+            creator1, permissioned_signer::permissions_storage_address(&perm_handle_2)
+        );
+
+        permissioned_signer::destroy_storable_permissioned_handle(perm_handle_1);
+        permissioned_signer::destroy_storable_permissioned_handle(perm_handle_2);
+    }
+}