diff --git a/46.md b/46.md
index 4de51ce5..7d73794a 100644
--- a/46.md
+++ b/46.md
@@ -115,6 +115,8 @@ Each of the following are methods that the _client_ sends to the _remote-signer_
 
 The `delegate` method MUST provide a comma-separated list of allowed permissions and return a bunker url representing a fresh session. The bunker MUST NOT allow this session to request additional permissions, returning an error message for any requests that are not allowed by the initial `perms` string.
 
+Signers MUST revoke delegated sessions when the parent session is invalidated. Signers MUST NOT allow delegated sessions to create nested delegated sessions.
+
 ## Response Events `kind:24133`
 
 ```json