LogcSig (delegated approval)

I have question related to LogicSig Implemented

generated LogicSig and signing the transaction with that logicSig , but how can that logicSig be used for the future transactions ?

You cannot check with logicsig the block number. Only if you make the appcall with logicsig and interact with the dApp.

There is no way to my knowledge that you can make a feature to run the app call / asset transfer or whatever in the future. You always need some offchain trigger that does that in the future.

But generally you can make the logicsig, place there some funds, and if some conditions are met in future anyone can sign the tx with that logicSig account and for example withdraw the funds.

for the next transaction How that same logicSig be used ?

you can sign many transactions with the same logic sig… logic sig program is even public onchain and everybody can see it

I have followed some steps for signing the next transactions with the same logicSig :
step 1- I have created the logicSig with the teal logic , and we got an escrow account.
step 2 - We are creating the logisSig for the delegated approval , So I have signed that LogicSig by the private key and public key of the User .
step 3 - we have signed the transaction with that LogicSig , and again we want to sign more transactions with same logicSig in this case we stuck as that logicSig is not able to sign the more transactions .

So my question is :
Is there any teal logic do I need to write to increase the number of attempt to sign the transactions by logicSig?
for reference you can check this find what logicSig we are using Algorand Transaction
any reference or code snippet can you provide for that ?

What is your end goal?

Nowadays, most dApps should use applications.
Escrow accounts can be created as application accounts.
This is much more flexible than using logicsigs.

There are a few rare cases where you want to use logicisgs but this is either very niche or very advanced.

Now, concretely for the logicSig
in Algorand Transaction,
the logicsig is for the TEAL program:

#pragma version 1
	intcblock 1
	intc_0 // 1

which approves all transactions!

This means anyone can re-use to make any transaction from the account. This is very dangerous.
As a proof, I’ve sent this transaction myself:
see the note!

Here is what I did:

  1. Recover the signed lsig:
$ curl -s https://testnet-idx.algonode.cloud/v2/transactions/UNEKKO5JP4QLBRDAAY3J3HRMRCVNAGRDHYBL2M7BBQQ5EZKQCTKA | jq
  "current-round": 25258013,
  "transaction": {
    "asset-transfer-transaction": {
      "amount": 2000000,
      "asset-id": 10458941,
      "close-amount": 0,
    "close-rewards": 0,
    "closing-amount": 0,
    "confirmed-round": 24799938,
    "fee": 1000,
    "first-valid": 24799931,
    "genesis-hash": "SGO1GKSzyE7IEPItTxCByw9x8FmnrCDexi9/cOUJOiI=",
    "genesis-id": "testnet-v1.0",
    "intra-round-offset": 30,
    "last-valid": 24800931,
    "receiver-rewards": 0,
    "round-time": 1665743600,
    "sender-rewards": 0,
    "signature": {
      "logicsig": {
        "args": [
        "logic": "ASABASI=",
        "signature": "PE/xkIakGgyvqOLXAmOk3tTwlD0KWEyozP8wTESRYqTZn/TiQCnazg0dnM6S0HNn5A0ZroVy1sr84eiVuAYrBg=="
    "tx-type": "axfer"
  1. create the file thelsig.json with the logic code and signature retrieved above
    "l:b64": "ASABASI=",
    "sig:b64": "PE/xkIakGgyvqOLXAmOk3tTwlD0KWEyozP8wTESRYqTZn/TiQCnazg0dnM6S0HNn5A0ZroVy1sr84eiVuAYrBg=="
  1. convert it to msgpack (I’m assuming you installed the Algorand developer tools)
$ msgpacktool -e <thelsig.json >thelsig.sig
  1. use goal to send a new transaction with this lsig, that is approved!
goal clerk send --from IDL6C73DAOICYQMOK6EGFFRVZTGINWRDDXSJS3SNMSNX2TGNHYCXBHIKHI --to IDL6C73DAOICYQMOK6EGFFRVZTGINWRDDXSJS3SNMSNX2TGNHYCXBHIKHI --amount 1 --note "this is a proof this lsig is insecure" --logic-sig thelsig.sig

My End Goal Is ,

In my Use case I have to pay in a recurring manner kind of monthly billing of something , In such case we are exploring about the delegated approval where we can Sign the LogicSig once by the User’s private key and public key provided , after signing that logicSig we can do more future transactions without any intervention of the User. (Custodial wallet )

after that my next step goal is :
We will Use the non custodial wallet apps like perawallet for signing the logicSig once by the user and after that we will try to use his logicSig for more transactions on behalf of him for future transactions / monthly billing . .

Any suggestion ?

You can in theory do that by having a logicsig allowing payments every certain time.
As you have seen above delegated logicsigs can be re-used as many times as you want as long as the logic TEAL program approves it. (And it can be used by anyone, not just the creator of the logicsig, unless there is some logic requiring such creator for example to sign something.)
So you essentially need the logicsig to only allow payments once every x rounds and use a lease.
See Leased Transactions: Securing Advanced Smart Contract Design | Algorand Developer Portal for lease, PyTeal Examples — PyTeal documentation for the smart signature code (not audited and requires code around), and Periodic payment smart signature can be used multiple times within the same block · Issue #143 · algorand/pyteal · GitHub for a comment

Nowadays, I would actually recommend a more flexible design of having the logicsig only allows transaction if approved by a smart contract (aka application). This is a more complex design but more flexible. In particular, if you need transaction to be allowed every month, you may need to use an application for that (you may think PyTeal Package — PyTeal documentation would work but it’s not completely clear how to make it work properly with lease as you have no easy way to know what is the first block proposed in December 2022 for example - remember also that timestamping on blockchain cannot be perfect and is only best-effort).

However, three main caveats:

  1. you can never prevent the user from emptying the account and the payment to fail.
  2. see below regarding logicsig signature limitations: most likely you will have a very hard time to get most wallets adopting this due to very high risks for the end user.
  3. this is definitely a much more complex project than a classical smart contract dApp. While it’s possible to achieve (modulo the limitations above), you will be mostly on your own designing it, since documentation of logicsigs is mostly “reference” documentation for people with very strong understanding of Algorand, rather than more approachable tutorials (as logicsigs are now only used by “experts” - as opposed to normal smart contracts which is the normal way of coding on Algorand).

If you still are interested, I would recommend you reading all the sections in “Get Started” to have first an understanding of normal smart contracts and basics of Algorand: What is a blockchain? - Algorand Developer Portal

Then you can learn in detail smart contracts and logicsigs there: Introduction - Algorand Developer Portal and all associated section. Logicsigs are also called smart signatures.

If you need more detailed guidance, I would recommend to try Discord: Algorand
Discord is much better than forum if you need a lot of back-and-forth.

Currently only MyAlgoWallet allows signing logicsigs are those are very very dangerous. If there is a bug or if the app is malicious, all funds can be stolen. Compare with normal applications where you see explicitly when you send funds to the applications. You cannot lose more than what you sent.

1- Can we secure logicSig by putting the receiver’s wallet address as receiver of monthly billing will be always same in my use case
2- Is there any way to secure logicSig from unwanted transactions by teal logic ?
3- Can we set future transactions limit and maximum cost of that transaction into the logicSig by teal logic , like for monthly billing that logicSig should only work for single transaction in a month ?
4- in above example you have used goal for transaction with the thelsig.sig , can we do same operation with the algoSDK ?

Thanks in advance

LogicSig is arbitrary code. You can secure them. See the examples linked above.

For a single transaction every x rounds (x being a parameter you choose), this is easy.
For a single transaction every month, this most likely requires a complex code linking it to an application (aka smart contract).
This is possible but requires more work.

Yes, everything done with goal can be done with AlgoSDK (except potentially participation in consensus).

I would strongly recommend switching to Discord these questions as they require a lot of back-and-forth.

Thanks for your responses ! I have created an account on discord and I will query there . Thanks