RIP-001 — Permissioned Pull Standard (Overview)

What it defines

RIP-001 defines permissioned pull as a financial authorization profile for Authorization Objects: permission is created explicitly (with scope and duration), and may be exercised later by a counterparty under constraints. Execution is downstream of an already authorized state.

Why it exists

Push-based execution makes authority implicit and difficult to reason about over time.
Automation and agents amplify latent permissions into systemic risk.
Revocation and expiry must be enforceable primitives, not approximations.

Conceptual model

At minimum, an Authorization Object (AO) should support:

intentional creation
explicit scope (what action is permitted)
time bounds (validAfter / validBefore)
revocation prior to execution
inspectability independent of execution

Specification

Specification (canonical):

Canonical link

https://github.com/recurmj/recur-standard/blob/main/docs/RIP-001.md

Related work

Ethereum-specific proposals such as ERC-8102 and ERC-8103 can be viewed as instantiations of the permissioned pull model defined in RIP-001.