Permit2
Permit2 is a token approval contract that acts as a shared allowance manager. Instead of approving each DEX contract individually, users approve tokens to Permit2 once, then grant fine-grained permissions to specific spenders (like the Universal Router).Why Permit2?
Traditional ERC-20 approvals have several problems:| Problem | Permit2 Solution |
|---|---|
| Unlimited approvals to every dApp | Single approval to Permit2, then scoped sub-permissions |
| No expiration on approvals | Sub-permissions have configurable expiration |
| Each new dApp needs a new approval tx | Permit2 already approved, only a sub-permission needed |
| Revocation requires per-dApp transactions | Revoke Permit2 approval to cut off all dApps at once |
How It Works
Step 1: Approve Token to Permit2
Standard ERC-20approve(). Only needs to happen once per token.
Step 2: Grant Permission via Permit2
CallPermit2.approve() to let the Universal Router spend your token through Permit2:
Step 3: Swap Execution
When the Universal Router executes a swap, it pulls tokens from the user via Permit2 — no further user interaction required.Checking Allowances
Query existing permissions:amountis less than the swap inputexpirationis in the past
Security Benefits
- Scoped permissions: Each spender gets its own allowance with its own expiration
- Single revocation point: Revoking the ERC-20 approval to Permit2 disables all downstream spenders
- Nonce tracking: Prevents replay attacks
- Expiration: Permissions automatically become invalid after the set time