To better understand this article, you should first familiarize yourself with basic concepts like authorization. For a comprehensive overview, read this article "What is Authorization?"
Introduction to Permit2 Authorization
Permit2 is an authorization standard released by Uniswap last year. It aims to improve the traditional ERC20 token authorization experience by offering reduced gas fees, enhanced security, and easier management. In this article, we will explore the advantages and risks of Permit2 by comparing traditional authorization, Permit authorization, and Permit2 authorization.
Traditional Authorization VS Permit2 Authorization
1. Approve Mode
Traditional authorization commonly uses the Approve method and requires users to perform two separate actions: authorization and execution. Based on the ERC20 standard, the Approve method allows users to set the maximum amount of tokens that can be transferred. A third-party application can then move tokens up to this limit after receiving user approval. Both actions are on-chain and consume gas.
- Poor User Experience: Each DApp and token requires separate authorization, leading to a cumbersome, gas-consuming process.
- Security Risks: To avoid multiple authorizations, DApps often ask users to grant the maximum transfer permissions, which can expose users to risks if the protocol is exploited.
2. Permit Authorization
To address these issues, developers introduced Permit signatures. This approach involves off-chain signing and execution, saving gas fees and time. Importantly, users can set the authorization limit and duration in one go.
A common use-case is in DEXs like 1inch, which has a Fusion feature allowing users to sign a message that specifies the sale price and quantity of tokens. This allows token delegation to 1inch without any gas fees.
However, Permit signatures require the token contract to implement a Permit function. Many existing tokens have un-upgradable smart contracts and thus cannot support Permit.
Permit2 involves three steps:
- Authorization for the Permit2 contract: Users authorize the Permit2 contract (only needed for the first time), which then directly manages the tokens.
- Off-chain signature: Users sign off-chain and pass it to the smart contract.
- Execution: After verifying the signature, the smart contract triggers a transferFrom to complete the transaction.
Notably, users only need to authorize the Permit2 contract once. Subsequent interactions with other smart contracts that have integrated Permit2 do not require repeated authorizations.
Advantages and Risks
- Compatible with any ERC20 token, regardless of native support.
- Unified token authorization management within the Permit2 contract.
- Control over the timing and limits of authorization.
- No need for repeated authorizations for each interaction.
- Signature Risk: Compared to traditional Approve methods, Permit2 relies heavily on signatures, exposing uninformed users to phishing attacks.
- Signature Display Issues: Some wallets may not support or fully display signature information.
- Phishing Risk with Older Tokens: Older tokens that didn't support Permit can now be authorized via Permit2, adding phishing risks.
- Variable Authorization Duration: Permit2 allows custom authorization durations, but the actual safety depends on the DApp settings.
To mitigate new risks, wallets should not only parse Permit signature information but also clearly display the originating website through Logo and URL to help users assess the credibility of the site. imToken 2.13.0 version already supports this feature.
Users should never interact with unknown sources and always operate within official DApps. Set authorization limits carefully and regularly check your authorizations.