// GLOSSARY -- BLOCKCHAIN & CRYPTO FUNDAMENTALS

What is Permit2?

1 min read Updated

Permit2 is a token approval protocol by Uniswap that provides a unified, more secure allowance system for ERC-20 tokens — featuring built-in expiration, signature-based approvals (no on-chain transaction needed), and batch operations.

WHY IT MATTERS

Standard ERC-20 approvals have problems: they never expire, they require an on-chain transaction to set, and each protocol needs its own approval. Permit2 solves all three.

With Permit2, you approve the Permit2 contract once per token. Then, you grant sub-approvals to individual protocols using off-chain signatures — no gas cost. These sub-approvals have built-in expiration (they automatically become invalid after a set time) and amount limits.

For agent wallets, Permit2 is a significant security improvement. Instead of agents granting unlimited, permanent approvals to every DeFi protocol, they use time-limited, amount-scoped Permit2 signatures. If a protocol is compromised, the damage window is limited by the permit's expiration.

HOW POLICYLAYER USES THIS

PolicyLayer can leverage Permit2 for granular agent token permissions — setting specific amounts, expiration times, and approved spenders for each permit. This provides tighter control than standard ERC-20 approvals.

FREQUENTLY ASKED QUESTIONS

How does Permit2 improve security?
Built-in expiration means approvals automatically expire. Amount limits prevent draining more than approved. Signature-based permits can be revoked by not signing new ones. This dramatically reduces the approval attack surface.
Is Permit2 widely adopted?
Yes. Uniswap, 1inch, and many major DeFi protocols support Permit2. It's becoming the standard for token approvals in modern DeFi.
Does Permit2 work with all tokens?
Permit2 works with any ERC-20 token — you just need an initial approval to the Permit2 contract. Some tokens with non-standard implementations may need special handling.

FURTHER READING

Enforce policies on every tool call

Intercept is the open-source MCP proxy that enforces YAML policies on AI agent tool calls. No code changes needed.

npx -y @policylayer/intercept
github.com/policylayer/intercept →
// GET IN TOUCH

Have a question or want to learn more? Send us a message.

Message sent.

We'll get back to you soon.