The RebelFi Connect Protocol (RCP)

Overview

RebelFi Connect is a permissioned protocol that enables third-party on-chain applications to securely interact with RebelFi accounts on the Solana blockchain. The protocol implements a delegated authorization model where applications can perform specific actions without having direct access to user funds. This is, in fact, the way that we ourselves (RebelFi) interact with accounts, and how we build automations while still remaining non-custodial.

Key Concepts

Authorized Keys

• Each third-party application (including RebelFi) receives a unique authorization key

• Keys are granted specific permissions defined by the account owner

• Permissions are enforced through on-chain validation

• Multiple applications can have different permission sets for the same account

Two-Phase Transactions

To ensure security while maintaining DeFi yield generation, transactions follow a two-phase process:

1. Authorization Phase

   • Application creates an on-chain transfer authorization

   • Authorization specifies recipient wallet and amount

   • Transaction is signed by the account owner

   • Authorization is stored in the account state

2. Execution Phase

   • Authorized application triggers the execution

   • RebelFi account validates the authorization

   • Funds are withdrawn from DeFi protocols (via Lulo)

   • Transfer is executed to the pre-authorized recipient

Security Considerations

Permission Scoping

• Applications can only perform actions within their granted permission scope

• Permissions are immutable once set (require new authorization for changes)

• Account owners can revoke permissions at any time

Fund Safety

• No direct access to funds by third-party applications

• All transfers must be pre-authorized by the account owner

• Execution phase can only transfer to pre-authorized recipients

Integration Process

1. Application Registration

   • Register application with RebelFi

   • Receive unique application identifier

   • Generate application keypair

2. User Authorization

   • Request permission from user

   • Define required permission scope

   • User approves and sets permissions

3. Implementation

   • Integrate protocol SDK

   • Implement two-phase transaction flow

   • Handle authorization states

Future Extensions

The protocol is designed to support future capabilities including:

• Scheduled transactions

• Conditional transfers

• Multi-signature authorizations

• Cross-chain interactions

• Smart contract integrations

Integration Requests

If you're interested in building capabilities on top of the RebelFi account, please get in touch with us: [email protected]