TokenPocket(English)
  • Introduction
  • 👥Blockchain Basics
    • What Is Blockchain?
    • What Is a Decentralized Wallet?
    • What Is the Private key, Mnemonic and Wallet Password
    • What s the Miner Fee?
    • What is DeFi ?
    • What is DEX ?
    • What is keystore
    • What is a cold wallet
    • What is a hot wallet
    • What is a watch wallet?
    • What is a multi-sig wallet?
    • What is a hardware wallet
    • What is an extension wallet?
    • What is a passphrase
  • 🔐Security Knowledge
    • Security Measure
      • Safe Usage Environment
      • Use the Passphrase feature to create a "Secret Wallet"
      • Safety Operating Guidelines
      • Hide small transaction records
      • TokenPocket Approval Detector Use Guide
      • Notes on using the third-party DApp.
      • Token Security Detection Function Use Guide
      • Keep your Recovery Phrase and Private Key safe!
      • Pay attention to the tokens and links marked as risky!
      • How to verify whether the wallet is genuine
      • How to verify the real TokenPocket on Google Play?
      • How to verify the real TokenPocket(TP Wallet) on App Store?
      • How to Identify the Authenticity of TokenPocket’s Website and APP?
      • MEV Protection Tutorial
      • About Approve
      • How to check/cancel Approve?
      • Loss Prevention
      • Theft Prevention
    • Common Fraud Cases
      • Fake Walmart/Amazon Platform Scams
      • Be aware of “0 USDT” transfer scam.
      • Be aware of "Phishing" address.
      • Prevent a new type of token transfer scam
      • Free Recovery Phrase Scam
      • Fake Airdrop/Giveaway Scam
      • Fake QR Code Scam
      • Phishing App Scam
      • Phishing Website Scam
      • Fake Token Scam
      • Fake Customer Service Scam
      • DApp Approval Scam
      • Quick identification of scammers' scams
  • 📨Wallet FAQ
    • BTC Wallet
      • BTC Multi-Sig Wallet Creation Tutorial
      • How to obtain a wallet public key?
      • What is a public key
      • Runes Use Guide
      • What is the Runes protocol?
      • How to obtain a wallet public key
      • What is Bitcoin ETF?
      • Quick Overview: Bitcoin Ecosystem Protocols
      • How to use BTC Acceleration
      • View and send Ordinals Inscriptions.
      • What is a Partially Signed Bitcoin Transaction (PSBT)
      • Why is the fee so high for bitcoin transfer?
      • Why does my usdt prompt an address error when I want to transfer to a bitcoin address?
      • Can usdt transfer to my bitcoin address?
      • How many bitcoin addresses can you create in the TokenPocket wallet?
      • Can I create multiple BTC addresses?
      • My bitcoin has been transferred out but the receiver said did not receive, what should I do?
      • Can the TP wallet automatically collect bitcoins?
      • How to choose the best miner's fee for bitcoin?
      • What are the advantages and disadvantages of the bitcoin lightning network?
      • What is the relationship between USDT on BTC and BTC?
      • What is the bitcoin lightning network?
      • Does a bitcoin address have to start with a number?
      • How many bits is the bitcoin address?
      • What is the smallest unit of bitcoin?
      • Will the miner's fee be deducted if the BTC transfer fails?
      • How to export the BTC private key of TokenPocket wallet?
      • What is BTC segwit?
      • Bitcoin transfer is slow, can it be accelerated?
      • How to import the BTC private key into the wallet?
      • How to set the miner fee of BTC?
      • How to transfer BTC to exchange by wallet?
      • How to delete BTC wallet?
      • What if you lose your password to your bitcoin wallet?
      • How to reset the password of bitcoin wallet?
      • What if the BTC private key is lost?
      • How to backup bitcoin private key?
      • The page you were looking for doesn't exist – TokenPocket Help Center
      • How to create a BTC wallet in TokenPocket?
      • How to change the name of bitcoin (BTC) wallet in TokenPocket wallet?
      • Is there a bitcoin browser in the TokenPocket wallet? How to use it?
      • When my TokenPocket wallet APP was disconnected, someone transferred BTC bitcoin to me. Can I receiv
      • Will I lose my bitcoin stored in my TokenPocket wallet? Will my wallet steal my BTC?
      • What coins are on the BTC network?
      • Can I mine BTC bitcoin with the TokenPocket wallet?
      • Will it give me interest if I deposit BTC in the TokenPocket wallet?
      • Where is the price of BTC in TokenPocket wallet displayed according to?
      • Guía de ususario para BTC — billetera TokenPocket [Traducción]
      • About RBF and CPFP
      • FAQs on Bitcoin Wallet
      • What’s the change address
      • What is OP_RETURN?
      • what is UTXO
      • What’s the path
      • What is an address type?
      • What is Taproot?
      • What's the SegWit
    • ETH Wallet
      • Staking Tutorial
      • What Is EIP-1559?
      • About Ethereum staking
      • About self-custodial staking
      • About Ethereum POS
      • ETH 2.0 Staking Vault Service Agreement
      • Eth2.0 Staking Vault Rules
      • Eth2.0 Staking Nodes List
      • How to retrieve the previous ETH wallet?
      • How to create ETH wallet?
      • TokenPocket Gas Station User Agreement
      • Transaction Pending Forever? Here is How You Make it Successful Faster!
      • FAQs on Ethereum
      • What is Token Transfer Approval, and What Risk Does it Involve?
      • How to Use Watch Mode in TokenPocket to Check the Balance in ETH 2.0 Depositing Contract
      • What is ETH Transaction Accelerator?
      • Manage the unpackaged transactions
      • What is Token Approval and How to Grant Token Approval?
      • What is Permit2
      • What is Permit
    • BSC Wallet
      • How to create BSC wallets in bulk
      • How to enable Gas-Free Stablecoin Transfers on the BNB Chain?
      • Beefy.finance Tutorial (BSC)
      • Equator Tutorial
      • Ellipsis Tutorial (BSC)
      • BakerySwap Tutorial (BSC)
      • How to Use DODO
      • Venus User Guide (BSC)
      • How to use PancakeSwap in TokenPocket Wallet
      • How to exchange Binance's BTCB to the wallet for using
      • Export "key" on Binance smart chain wallet
      • How to withdraw BNB to Binance Smart Chain
      • Binance Smart Chain (BSC) wallet registration
      • Master the authorization management authority of DApp (BSC)
    • TRON Wallet
      • How to Use TRON Network Fee Coupon
      • Using energy, lower costs
      • Using USDT as 'Network Fee', No TRX Required
      • How to Save on TRON Transaction Fees When Transferring USDT?
      • How to Create a Tron MultiSig Wallet
      • How to create a TRON wallet?
      • TokenPocket Energy Rental Service
      • How to create TRON wallets in bulk
      • How to Use TStake 2.0
      • How to acquire TRX tokens
      • Voting Considerations
      • What is Stake 2.0?
      • How to become a Super Representative (SR)?
      • How to claim voting rewards.
      • How to participate in voting.
      • About TRON Account Privilege Escalation
    • TON Wallet
      • Overview of TON Wallet
    • FTM Wallet
      • Use TokenPocket wallet to participate in the operations of FTM mainnet
    • Solana Wallet
      • What is Solana Memo
      • What are Solana transaction fees
      • Associated account of Solana
      • About Solana account permissions
    • Sui Wallet
      • Scallop (sui) User Guide
    • OKX Wallet
      • How to create the OKEx Chain Test wallet
      • The Usage Tutorial of OKExChain Test (OKEx)
      • Upgrade of OKExChain Wallet
      • Use OKEx old chain for upgrading to OKEx mainnet (EVM)
    • EOS Wallet
      • EOS Use Guide
      • Related News
      • What Society Says?
      • What Voice Team Says?
      • Apply for a free Voice Beta account
      • FAQs on Voice
      • What is Voice?
      • Register with the email/phone number.
    • Aptos Wallet
      • What is a permission change
    • Polkadot Wallet
      • What are Transaction Tips?
    • Multichain-wallet
      • What is a HD Wallet?
      • How to reset your password
      • what is Asset Collection?
      • Guide of Cold wallet
      • About sub-wallets
      • What's the Mnemonic Phrase
      • What‘s the private key
    • Multisig Wallet
      • What is a multi-sig wallet?
      • What is Owners?
      • What is Multisig nonce?
      • How to create a MultiSig Wallet?
      • How to import a MultiSig Wallet?
      • MultiSig Transfer Use Guide
    • AA Wallet
      • What is AA Wallet
      • AA Wallet Create and Import
      • How to use AA Wallet
      • Account Abstraction
  • 🔩wallet operation
    • TP Card
      • TP Card FAQs
      • TP Card Create/Import
      • TP Card(Fiat24) Register
      • TP Card Deposit Tutorial
      • TP Card Transfer Tutorial
      • TP Card Profile
      • TP Card Limit Manage
      • TP Card Info
      • TP Card Binding with Apple Pay
      • TP Card Binding with Google Pay
      • TP Card Binding with WeChat pay
      • TP Card Binding with Alipay
    • About NFT
      • NFT skin design competition tutorial
      • NFT Application Specification
      • How to set NFT Asset Card, Receive Background, and Avatar on TokenPocket?
      • NFT application description
    • About DApp
      • How to create DApp List?
      • How to collect DAPP and TIP-001 protocol?
    • How to Create a Wallet?
      • Sub-wallet creation tutorial.
      • BiHelix (RGB-LN) Use Guide
      • Mint Use Guide
      • Bitlayer Use Guide
      • X Layer Use Guide
      • Blast Use Guide
      • Merlin Use Guide
      • Kroma Use Guide
      • ZetaChain Use Guide
      • Taiko Testnet Use Guide
      • Blast Testnet Use Guide
      • Metis Use Guide
      • Manta Use Guide
      • BEVM Use Guide
      • IOST Use Guide( Activation Code Creation)
      • IOST Use Guide( Assist in creating)
      • ZKFair Use Guide
      • Scroll Use Guide
      • HAQQ Use Guide
      • Core Use Guide
      • ZetaChain Testnet Use Guide
      • Polygon zkEVM Use Guide
      • EOS EVM Use Guide
      • opBNB Use Guide
      • Linea Use Guide
      • Mantle Use Guide
      • Sui Use Guide
      • Pulse Chain Use Guide
      • zkSync Era∎ Use Guide
      • Core Blockchain Use Guide
      • Filecoin FVM Use Guide
      • Dogecoin Use Guide
      • Aptos Use Guide
      • FON Smart Chain Use Guide
      • EthereumPoW Use Guide
      • EthereumFair (ETF) Use Guide
      • Arbitrum Nova Use Guide
      • ETC Use Guide
      • HALO Use Guide
      • GateChain(GT) Use Guide
      • BitTorrent Use Guide
      • Conflux eSpace Use Guide
      • KCC Use Guide
      • Harmony Use Guide
      • Moonbeam Use Guide!
      • WAX Use Guide!
      • xDai Use Guide!
      • Solana Use Guide!
      • Avalanche Use Guide!
      • Fantom Use Guide!
      • Arbitrum Use Guide!
      • Klaytn Use Guide
      • Polygon (Matic) Use Guide
      • BSC Use Guide
      • How to create a TRON wallet?
      • Moonriver Use Guide
    • About Custom Network/Token
      • What is a custom network
      • How to Add Custom Network
      • About Custom Token
      • Design a link to promote your chain
    • How to Trade on DEX?
      • Orbiter Finance User Guide
      • Exchange of assets between the EOS mainnet and EOS-EVM
      • Birdeye User Guide
      • Exchange SOL assets using Transit Swap.
      • Orca User Guide
      • jito User Guide
      • Marginfi User Guide
      • Raydium Usage Guide
      • SushiSwap on OKChain Guide
      • JustSwap on Tron Gudie
      • PuddingSwap on HSC Guide
      • MDEX on HECO Guide
      • PancakeSwap on BSC Guide
      • Uniswap on Ethereum Guide
      • Transit Swap 2.0 Guide
    • About Protocol
      • About Nostr
      • The NostrAssets Usage Tutorial
    • TPtool
      • TokenPocket Nickname System
      • Easy Inscription User Guide
      • Magic Eden User Guide (Inscription)
      • EIP-4527
        • How to Use TokenPocket
        • How to Use MetaMask
    • Give encouragement and feedback to TP Wallet on the App Store.
  • 🛠️Wallet Management
    • Token Management
      • How to buy crypto in TokenPocket (Web version)
      • How to buy crypto in TokenPocket
      • How to Search Tokens?
      • How to Add Tokens?
      • How to Delete Tokens?
      • How to manage My NFT assets?
    • Wallet Management
      • How to Use the Private Wallet?
      • How to use Widgets?
      • How to hide the Wallet?
      • How to Create a Wallet?
      • How to Import a Wallet?
      • How to Manage My Wallet?
      • How to Switch My Wallet?
      • How to Sync a Wallet?
      • How to use Watch Wallet and Cold Wallet?
      • What is Nonce?
    • Blockchain Explorer Tutorial
      • What is Blockchain Explorer?
      • What is Transaction ID (Hash) ?
      • BSC Explorer Tutorial
        • Query transfer records on BSC explorer.
        • Query your assets on BSC explorer.
        • Query the token's information on BSC explorer.
      • TRON Explorer Tutorial
        • Query transfer records on TRON explorer.
        • Query your assets on TRON explorer.
        • Query the token's information on TRON explorer.
      • ETH Explorer Tutorial
        • Query transfer records on ETH explorer.
        • Query your assets on ETH explorer.
        • Query the token's information on ETH explorer.
  • 👾Transfer Tutorial
    • About Safe Transfer
    • Transfer FAQ
      • What if the assets cannot be recovered through guided self-help operation
      • Why can’t I transfer my assets to the contract address?
      • Why can't transfer tokens between different chains?
      • Why did I not receive my funds from the wallet to the exchange?
      • Why did I not receive my funds from the exchange to the wallet?
      • Why does the transfer always keep pending status?
      • Why can't I get my funds back when the transfer was failed?
      • How to Accelerate My Transaction?
      • How to Add Memo When Transferring?
      • How to Cancel My Transaction?
      • How to Transfer Assets to the Wallet/Exchange?
      • How to Receive My Assets ?
    • TokenPocket Multi-chain Token Batch sender
  • 👨‍💻DEVELOPER
    • How to Submit DApps?
    • How to Submit Tokens?
    • How to submit NFT?
    • How to Submit a Token Logo?
    • How to Submit a NFT Logo
    • How to submit public chain?
  • 💻EXTENSION WALLET
    • FAQ
      • Basis introduction
      • Installation Tutorial
      • Use Tutorial
        • How to import/create a wallet in TP Extension Wallet?
        • How to create/import a MultiSig wallet in TP Extension Wallet?
        • How to connect with TP Extension Wallet?
        • How to SWAP on TP Extension Wallet?
        • How to connect to KeyPal?
        • How to connect to Ledger?
        • How to connect to Trezor?
    • Extension Update
      • Version update log(Jan 9, 2024)
      • Version update log(Dec 27, 2023)
      • Version update log(Nov 25, 2023)
      • Version update log(Aug 9, 2023)
      • Version update log(Jun 22, 2023)
      • Version update log(Jun 5, 2023)
      • Version update log(Jun 2, 2023)
      • Version update log(May 19, 2023)
      • Version update log(Mar 5, 2023)
      • Version update log (Mar 1, 2023)
      • Version update log (Nov 4, 2022)
      • Version update log(Aug 26, 2022)
      • Version update log (Jul 13, 2022)
      • Version update log (Jun 8, 2022)
      • Version update log(May 20, 2022)
      • TokenPocket Brand Upgrade
    • Privacy Policy
    • Term Of Use
  • 🪧announcement
    • Announcement
      • 🆕Oct 16th, Ordinals Data Maintenance Notice
      • Oct 11th, TokenPocket Official Website Maintenance Notice
      • Oct 7th, BNB Chain's maintenance has been completed.
      • Oct 7th, BNB Chain is being maintained.
      • Sept 15th. The Merge is over!
      • Sept 12th. About the Ethereum Merge.
      • Aug 31st, Arbitrum will launch the Nitro technical upgrade.
      • Aug 29th, TokenPocket wallet is being maintained and upgraded.
      • Aug 4th, 2022. The Polygon(Matic) is being maintained and upgraded.
      • Jul 20th, 2022. The BSC and IOST had been maintained and upgraded.
      • Jul 12th, 2022. The TRON will be maintained and upgraded.
      • Jul 11th, 2022. The klaytn had been maintained and upgraded.
      • Jun 1st, 2022. The Optimism node will be maintained and upgraded.
      • Jun 1st, 2022. The Heco chain will be upgraded.
      • May 20th, 2022. The Polygon(Matic) chain will be upgraded.
      • May 18th, 2022. TokenPocket technical service will be maintained and updated!
      • Feb 24th, 2022. iOS New version will adjust some services.
      • Jan 27th, 2022. The service upgrade of TRON.
      • Jan 25th, 2022. Klaytn node is being maintained.
      • Dec 2nd, 2021. EOS node is being maintained.
    • App Update
      • 🆕Version Update Logs (All)
      • Version Update (Jul 6th, 2023)
      • Version Update (Jul 2nd, 2023)
      • Version Update (Jun 16th, 2023)
      • Version Update (Jun 9th, 2023)
      • Version Update (Jun 7th, 2023)
      • Version Update (Jun 3rd, 2023)
      • Version Update (May 25th, 2023)
      • Version Update (May 23th, 2023)
      • Version Update (May 5th, 2023)
      • Version Update (Apr 27th, 2023)
      • Version Update (Apr 14th, 2023)
      • Version Update (Apr 11th, 2023)
      • Version Update (Apr 6th, 2023)
      • Version Update (Apr 4th, 2023)
      • Version Update (Mar 18th, 2023)
      • Version Update (Mar 11th, 2023)
      • Version Update (Mar 7th, 2023)
      • Version Update (Mar 3rd, 2023)
      • Version Update (Feb 19th, 2023)
      • Version Update (Feb 18th, 2023)
      • Version Update (Feb 17th, 2023)
      • Version Update (Jan 18th, 2023)
      • Version Update (Jan 12th, 2023)
      • Version Update (Jan 9th, 2023)
      • Version Update (Dec 15th, 2022)
      • Version Update (Dec 7th, 2022)
      • Version Update (Dec 5th, 2022)
      • Version Update (Oct 29th, 2022)
      • Version Update (Oct 28th, 2022)
      • Version Update (Oct 14th, 2022)
      • Version Update (Sep 9th, 2022)
      • Version Update (Aug 29th, 2022)
      • Version Update (Aug 18th, 2022)
      • Version Update (Aug 1th, 2022)
      • Version Update (Jul 28th, 2022)
      • Version Update (Jul 11th, 2022)
      • Version Update (Jul 2nd, 2022)
      • Version Update (Jun 30th, 2022)
      • Version Update (Jun 28th, 2022)
      • Version Update (Jun 13th, 2022)
      • Version Update (Jun 8th, 2022)
      • Version Update (May 29th, 2022)
      • Version Update (May 25th, 2022)
      • Version update log(Apr 29th, 2022)
      • Version update log(Apr 13th, 2022)
      • Version update log(Apr 2nd, 2022)
      • Version update log(Mar 11th, 2022)
      • Version update log(Feb 25th, 2022)
      • Version update log(Feb 11th, 2022)
      • Version update log(January 27th, 2022)
      • Version update log (January 17th, 2022)
      • Version update log (December 31st, 2021)
      • Version update log (November 26th, 2021)
      • Version update log (November 5th, 2021)
      • Version update log (October 14th, 2021)
      • Version update log (September 29th, 2021)
      • Version update log (September 18th, 2021)
      • Version update log (September 3rd, 2021)
      • Version update log (August 5th, 2021)
      • Version update log (July 28th, 2021)
      • Version update log (July 7th, 2021)
      • Version update log (June 11th, 2021)
      • Version update log (March 18th, 2021)
      • Version Update (Oct. 30th, 2020)
    • TokenPocket Product Policy Adjustment Instructions
  • 📩Contact Us
    • Join us
    • Contact Us
    • Judicial Assistance Policy
Powered by GitBook
On this page
  • About Permit2
  • Traditional approval model
  • Permit (EIP-2612) mode
  • Permit2 Approval Model
  • Advantages of the Permit2 protocol:
  • Possible Risks of Permit2
  • Possible risks of the Permit2 protocol:
  1. Wallet FAQ
  2. ETH Wallet

What is Permit2

PreviousWhat is Token Approval and How to Grant Token Approval?NextWhat is Permit

Last updated 1 year ago

About Permit2

Uniswap has just released a new token approval standard, Permit2, which differs from the traditional ERC20 and EIP-2612. Permit2 allows users to avoid the need for a chain-level “approve” operation before interacting with different DApps, allowing the DApp protocol to first acquire your token approval. According to the description, the new Permit2 protocol has the advantages of saving gas, allowing for batch operations of approval/transfers and being more flexible than traditional ERC20 approval, and supporting one-stop approval management.

Uniswap initially conceived Permit2 and Universal Router to improve its own product, optimize gas costs, simplify the user transaction process, and enhance security. During the conceptual process, Uniswap felt that other applications could greatly benefit from integrating these contracts. Uniswap itself is dedicated to building public infrastructure, so it designed these contracts to be available for use by the entire developer ecosystem, including extensive documentation and SDKs.

To illustrate how revolutionary Permit2 is, let’s review the previous solutions by taking the example of a contract that needs to move tokens held by Alice.

Traditional approval model

The traditional way of execution is shown in the following diagram.

  1. Alice calls the approve() function on the ERC20 to grant the contract a controlling limit.

  2. Alice calls an interaction function on the contract, which in turn calls transferFrom() on the ERC20 token contract to move her tokens. It is evident that this model is feasible (as it is widely existent) and can ultimately be very flexible, as the protocol can continually access the user’s tokens for an extended period of time.

The approval contract is granted the approval to control the maximum amount of tokens by default, without any time limitations. Each DApp requires a one-time approval for the first execution, which poses significant risks.

But it faces two well-known real-world problems:

  1. Poor user experience: Users must grant approval for each new protocol they intend to use on each token, which is almost always a separate transaction (for example, executing a token approval in Uniswap, but still having to reapprove if using Transit).

  2. Poor security: Contracts usually require an unlimited approval limit, and approval must be executed every time a swap or other contract is used. This means that if the protocol is exploited, every user who has approved the protocol to consume their tokens could have all of their approved tokens transferred. (For example, we often encounter token usage approval, such as approval to operate DeFi, approval to exchange, and approval for first-time use of different DApps)

Permit (EIP-2612) mode

EIP-2612 iterates on token approval. Users can interact with the application contract by attaching an approval signature (Permit) information in their transaction, without having to pre-approve.

Let’s take a look at the methods enabled by the EIP-2612 extension of ERC20, which is usually like this:

  1. Alice signs a “permit” message off-chain, indicating that she wishes to grant a contract the right to use an (EIP-2612) token.

  2. Alice submits the signed message as part of her interaction with the said contract.

  3. The contract calls the “permit()” method on the token, which uses the signature approval information and signature to grant the contract permission.

  4. The contract now has permission, so it can call transferFrom() on the token, transferring tokens held by Alice.

Due to the requirement of EIP-2612 (Permit) to have the related methods written inside the ERC20 token contract, existing deployed ERC20 contracts cannot be supported.

This resolves two problems with the typical ERC20 approval method:

  1. The user does not need to submit an additional approve() transaction on-chain.

  2. Since one on-chain operation is omitted, a typically more reasonable approval amount can be chosen instead of unlimited, and more importantly, an expiration time can be set when signing the approval message.

While EIP-2612 makes token approval more secure, tokens released before EIP-2612 do not support signature approval and not all newer tokens have adopted this feature. Therefore, the protocol is not widely used.

Permit2 Approval Model

Permit2 combines both models, extending the user experience and security advantages of EIP-2612 to also cover standard ERC20 tokens.

  1. Alice calls approve() on an ERC20, in a typical way, giving Permit2 contract limitless approval.

  2. Alice signs a Permit2 message off-chain, indicating that the protocol contract is allowed to transfer tokens on her behalf.

  3. Alice calls an interaction function on the protocol contract, passing in the signed Permit2 message as an argument.

  4. The protocol contract calls permitTransferFrom() on the Permit2 contract, and Permit2 contract uses its approval (granted in 1) to call "transferFrom()" on the ERC20 contract, transferring tokens held by Alice.

By granting approval to Permit2, DApps that use the Permit2 protocol only need to perform a 712 local signature once, eliminating the need for additional chain-level approval and reducing Gas fees, while increasing usability and security. The approval is time-limited, for example, if granted for a month, then after the month expires, it only requires one 712 signature to be used again.By granting approval to Permit2, DApps that use the Permit2 protocol only need to perform a 712 local signature once, eliminating the need for additional chain-level approval and reducing Gas fees, while increasing usability and security. The approval is time-limited, for example, if granted for a month, then after the month expires, it only requires one 712 signature to be used again.

The protocol will not directly call the transferFrom() on the ERC20 token to execute the transfer but instead will call the standard Permit2 contract's permitTransferFrom(). Permit2 sits between the protocol and the ERC20 token, tracking and validating the permit2 message, and then ultimately using its approval to execute the transferFrom directly () call on the ERC20. This indirectness allows Permit2 to extend the benefits similar to EIP-2612 to every existing ERC20 token.

Advantages of the Permit2 protocol:

  1. Unified token management

  2. Controllable approval time

  3. No need to send a transaction for approval every time

Possible Risks of Permit2

Permit2 is derived from EIP 2612 and is an extension of the EIP 20 protocol, so ultimately, Permit2 is just a supplement to ERC20, not a replacement. After all, Permit2 doesn't inherit all existing ERC20 data, and the so-called one-stop management still requires calling the approve function of the ERC20 contract to complete some initial operations.

The complete process of Permit2 should be:

1. The user grants the maximum approval of ERC20 tokens to the Permit2 contract.

2. The user manages specific approvals through the permit function in the Permit2 contract.

3. Third-party protocols and users can transfer tokens through the Permit2 contract as an intermediary based on the approval information already available in Permit2.

Possible risks of the Permit2 protocol:

  1. Although it claims to solve the infinity approval problem, it only transfers the approval object from the interacting DApp to the Permit2 contract, and the security of the Permit2 contract requires higher standards for centralized management of approvals.

  2. Although the token approval has an expiration time, this time can still be unlimited, and Dapps still need to set reasonable expiration times.

  3. Because the permit function call process can be performed without sending a transaction, just providing a signature to a third party for forwarding, it can be more concealed if it is used for phishing. The cost of checking the signature message increases, and some third-party wallets may not decode and display the signature information, increasing the risk of user attack.

Advantages and risks exist at the same time, which requires us to have a certain discernment ability. Specifically, the wallet also needs to have prior prevention for the possible large-scale support of Permit2 in the future (TokenPocket does not yet support the parsing of Permit2, but will soon). For example, TokenPocket's current approval risk warning pop-up windows can display the risk content well, thus avoiding risks such as phishing or malicious approval from third parties.

Do not open unknown websites and execute them recklessly. Be sure to use regular DApps and control the amount of tokens granted to contracts as much as possible. Regularly use authorization check tools for inspection.

📨