Skip to main content

What is a Permit2 message and how is it used?

  • A Permit2 message is an off-chain signed message (not a transaction).
  • Permit2 signatures are time-limited and (optionally) amount-limited (see the permitAmount field in the request).
Before executing a swap through the Uniswap Trading API, the swapper must grant the Permit2 contract permission to access their tokens. All swaps performed through the Uniswap Trading API use Permit2 to ensure a consistent and secure experience for the swapper. If the Permit2 signature is missing or incorrect, the swap will fail.

What do I need to do when using Permit2?

If a Permit2 message is included in the /quote response, you must require the swapper to sign it and include the resulting signature in your /swap request.
  • You do not interact with Permit2 contracts directly. Once provided with signed calldata, Permit2 is given permissions and instructions to pull the required number of tokens from a swapper’s wallet and spend them to achieve the swap on behalf of the swapper.
  • You do not need to construct Permit2 messages. The API handles the Permit2 message and swap calldata. You just need to handle signing the Permit2 message.
  • You do not need to understand Permit2 logic. You can control the Permit2 amount limit through the /quote request and we handle setting a reasonable time limit depending on the way the swap will execute (AMM or UniswapX).

How the Permit2 Flow Works in Practice

The Trading API abstracts the Permit2 process into a simple, three-step workflow:
  1. Call /quote
The quote response may contain a Permit2 message if the swapper needs to authorize Permit2 to spend tokens through the Universal Router.
  1. Prompt the user to sign the Permit2 message
The user signs the message, resulting in an EIP-712-style signature. This is an off-chain signature. The signature only needs to be returned to us via the API.
  1. Call /swap with the signed Permit2 data
The structure of the swap request is defined in the API documentation. There are no additional steps. Everything needed for Permit2 comes directly from the /quote response.

Checking Permit2 Approvals

The /check_approval endpoint verifies whether a token has been approved for spending by Permit2.
  • The endpoint returns transaction calldata only if approval is required.
  • Once approved, a token typically remains valid indefinitely and does not need to be reapproved.
    • In rare cases, a token approval must be revoked and then reapproved. The API will identify this scenario and provide both revoke and approval calldata for the swapper to sign.
    • As a best practice, call /check_approval before a swapper performs a swap to ensure they have a valid approval.

Signature Validity

Permit2 signatures may expire over time. If a user signs a Permit2 message from an earlier /quote response and later initiates a swap using a new quote, the old signature may no longer be valid, especially for quotes that route through UniswapX which use shorter expiration windows. To ensure a successful swap:
  • Always use the Permit2 signature from the /quote response which you are submitting to the /swap endpoint.
  • Do not reuse Permit2 signatures from earlier quotes.

Common Permit2 Misunderstandings and Troubleshooting Steps

1. Skipping the Permit2 signature step Don’t assume the classic ERC-20 “approve then swap” flow applies. In the classic flow, a swapper’s wallet directly allows the router to access their wallet. Permit2 provides time- and (optionally) amount-limited access to a swapper’s wallet, protecting them from compromised routing contracts. When the /quote response contains a Permit2 message, the user must sign it and you must forward that signature in your /swap request. Skipping this step leads to a failed swap. 2. Reusing a Permit2 signature from a previous quote A Permit2 signature returned in /quote applies only to that specific quote. If you fetch a new quote, you must also use the new Permit2 message. Reusing an older signature is a frequent cause of failures. 3. Waiting too long between quoting, signing, and swapping A common issue is a large delay between:
  • requesting /quote
  • prompting the user to sign
  • submitting /swap
Permit2 messages are tied to the timing of the quote. If too much time passes, the signature may no longer be usable. The best practice is to call /quote again when a user swaps to get the freshest quote possible and then to /swap shortly after the user signs the Permit2 message from that latest quote. 4. Assuming Permit2 is always required (or never required) Permit2 is only required when the Uniswap Trading API includes a Permit2 message in the quote. If the /quote response doesn’t contain one, you don’t need to prompt the user or include a permit2 signature in /swap. 5. Incorrectly packaging the Permit2 signature in /swap Common mistakes include:
  • forgetting to include the signature
  • putting the signature in the wrong field
  • using a signature from a different quote
  • altering the Permit2 payload
The Uniswap Trading API expects the signature exactly as returned, passed into /swap without modification. Click here to read a more detailed explanation on how Permit2 works.