IERC3009 - Caplane

Caplane settles payment with EIP-3009 transferWithAuthorization: the consumer signs a transfer authorization off-chain, and the broker submits it on-chain inside brokerCapability. The binding sets the authorization nonce to the orderHash, so the token’s own signature check enforces the order. This page is the token surface the broker depends on, and the domain you sign under. TestUSDC implements the full EIP-3009; real USDC (Circle’s FiatTokenV2) does too.

transferWithAuthorization

function transferWithAuthorization(
    address from,
    address to,
    uint256 value,
    uint256 validAfter,
    uint256 validBefore,
    bytes32 nonce,
    uint8 v,
    bytes32 r,
    bytes32 s
) external;

Parameter	Meaning in Caplane
`from`	The `order.consumer` (payer and signer).
`to`	The broker (which then distributes funds).
`value`	The `order.amount`.
`validAfter` / `validBefore`	The signed authorization window (unix seconds).
`nonce`	The `orderHash`, `keccak256(abi.encode(order))`. This is the binding.
`v` / `r` / `s`	The consumer’s signature over the typed data below.

The token verifies the signature over (from, to, value, validAfter, validBefore, nonce). Because the nonce is the order hash, changing any signed order field changes the hash, the signature no longer recovers from, and the transfer reverts. See the binding.

authorizationState

function authorizationState(address authorizer, bytes32 nonce) external view returns (bool);

Returns true once a nonce has been used. Nonces are not sequential; an unspent authorization returns false. After a settlement the orderHash nonce is spent, which prevents replay.

The typed data

The consumer signs this EIP-712 struct (the nonce is bytes32, set to the orderHash):

TransferWithAuthorization(
  address from,
  address to,
  uint256 value,
  uint256 validAfter,
  uint256 validBefore,
  bytes32 nonce
)

The EIP-712 domain

The signer and the token must agree on the domain EIP712Domain(string name, string version, uint256 chainId, address verifyingContract). The name, version, and verifyingContract are the same on both testnets; the chainId differs, so the domain separator differs.

Field	Value
`name`	`Test USD Coin`
`version`	`2`
`verifyingContract`	`0x125959541Bb486058E7e3b55E49b3B04e49fBa5E`

The chainId differs per network, so the domain separator differs; the per-chain separators are on Deployments. The SDK builds this domain with domainFromRegistry(registry); never hard-code it.

​transferWithAuthorization

​authorizationState

​The typed data

​The EIP-712 domain

​See also

transferWithAuthorization

authorizationState

The typed data

The EIP-712 domain

See also