Permit (EIP-2612) is a standard extension for the ERC-20 token interface that allows a token holder to approve a spender to use their tokens by signing an off-chain message, instead of sending an on-chain approve transaction. This signed permit message can then be submitted to the token contract by any party, enabling gasless meta-transactions for token approvals. The core innovation is separating the permission grant (the signature) from the permission execution (the contract call), which significantly improves user experience in decentralized applications (dApps) by removing upfront gas costs and reducing transaction steps.
LABS
Glossary
Permit (EIP-2612)
Permit is an Ethereum Improvement Proposal (EIP-2612) that allows a token holder to grant spending permission via a signed off-chain message, enabling gasless token approvals for ERC-20 tokens and compatible NFTs.
Chainscore © 2026
definition
ERC-20 EXTENSION
What is Permit (EIP-2612)?
An Ethereum Improvement Proposal that introduces a gasless token approval mechanism for ERC-20 tokens using off-chain signatures.
The standard introduces a new function, permit, which accepts the signature parameters: the owner's address, the spender's address, the allowance amount, a deadline, and the v, r, s components of an EIP-712 structured data signature. The contract verifies this signature against the EIP-712 domain separator to ensure it is valid and intended for this specific token contract. Crucially, it uses a nonce for each owner to prevent signature replay attacks, similar to how an account nonce prevents transaction replay. This mechanism allows a dApp to request a user's signature in a wallet interface and then relay the signed permit on their behalf.
The primary use case for Permit is enabling seamless interactions in decentralized finance (DeFi). For example, a user can sign a permit to approve a DEX router to spend their tokens for a swap, and the relayer (often the dApp itself) pays the gas to submit this approval on-chain. This eliminates the need for users to hold ETH to pay gas for an approval transaction before a swap, a common pain point known as the "approve-tax." It is foundational for account abstraction and smart contract wallets, allowing more complex gas sponsorship and batch transaction flows.
Implementing EIP-2612 requires careful security considerations. Developers must ensure their contracts correctly implement the EIP-712 DOMAIN_SEPARATOR to prevent cross-contract signature replay. The permit function must validate the signature's deadline and check the owner's nonce. For users, the security model shifts: signing a malicious permit message can lead to unintended token allowances, making it vital to only sign permits from trusted dApps. Widespread adoption has made it a critical standard for modern, user-friendly DeFi applications.
how-it-works
ERC-20 GASLESS APPROVAL
How Permit (EIP-2612) Works
Permit is an Ethereum Improvement Proposal (EIP-2612) that enables users to approve token transfers using off-chain signatures, eliminating the need for an initial on-chain transaction and its associated gas fees.
The Permit function, defined in EIP-2612, extends the ERC-20 token standard to allow for gasless token approvals. Instead of calling the standard approve function and paying gas, a user signs a structured message (a EIP-712 typed signature) containing the spender's address and an allowance amount. This signed permit is then submitted to the blockchain by a relayer (often the dApp itself), which pays the gas to execute the approval on the user's behalf. This mechanism separates the act of authorization from its execution.
At its core, Permit introduces a new function to the token contract: permit(address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s). The function parameters include the signed data and a deadline to prevent replay attacks. The contract verifies the signature against the owner's address and the EIP-712 domain separator, ensuring the signature is valid and unique to that specific token contract. Upon successful verification, it internally calls the standard _approve(owner, spender, value) function, updating the allowance mapping.
This pattern is fundamental to improving user experience (UX) in DeFi. A user can sign a single transaction bundle that includes both the permit and a subsequent action, like a swap on a DEX or a deposit into a lending protocol. From the user's perspective, this appears as one seamless, gasless interaction. Major tokens like USDC, DAI, and UNI have implemented EIP-2612, making it a standard feature for sophisticated DeFi integrations that prioritize seamless onboarding and batch transactions.
key-features
EIP-2612
Key Features of Permit
The Permit function enables gasless token approvals via off-chain signatures, a foundational primitive for improving user experience in DeFi.
01
Gasless Approvals
Permit eliminates the need for a user to send an on-chain approve transaction before interacting with a smart contract. Instead, users sign an EIP-712 structured message off-chain. A relayer (often the dApp) submits this signature along with the permit call, paying the gas fee. This enables meta-transactions for token approvals.
02
Signature-Based Authorization
The core mechanism uses a cryptographic signature from the token holder. The signed data includes:
- Spender address: The contract allowed to move tokens.
- Value: The approval amount.
- Deadline: A timestamp after which the permit is invalid.
- Nonce: A unique number per user to prevent replay attacks.
The contract verifies this signature against the holder's address using
ecrecover.
03
EIP-712 Structured Data
Permit uses EIP-712 for signing, which provides human-readable signatures. Users see a clear JSON structure in their wallet (like MetaMask) showing the exact terms: token, spender, value, and deadline. This improves security and transparency compared to signing raw hashes.
04
Nonce Management
Each token holder has a permit nonce that increments with each successful use. This prevents signature replay:
- A signature can only be used once for its specific nonce.
- If a permit is submitted with an old nonce, it will revert.
- Nonces are tracked separately from the standard ERC-20 allowance, ensuring the two approval systems don't interfere.
05
Deadline Enforcement
Every permit includes a deadline (Unix timestamp). The transaction will revert if submitted after this time. This protects users from old, potentially malicious signatures being executed unexpectedly. It's a critical safety feature for a mechanism that separates signature creation from transaction execution.
06
Integration with ERC-20 Allowance
A successful permit call directly updates the token contract's standard allowance mapping. After execution, the allowance(owner, spender) returns the permitted amount, making it fully compatible with existing contracts that read allowances. The spender can then use transferFrom as with a traditional approval.
code-example
EIP-2612 IMPLEMENTATION
Code Example: The Permit Function
A practical walkthrough of the `permit` function, the core mechanism of EIP-2612 that enables gasless token approvals via off-chain signatures.
The permit function is a public method added to an ERC-20 token contract that allows a token holder (the owner) to approve a spender to transfer tokens on their behalf by submitting a cryptographically signed message, rather than sending an on-chain approve transaction. Its signature is typically permit(address owner, address spender, uint256 value, uint256 deadline, uint8 v, bytes32 r, bytes32 s). The function parameters include the approval amount (value), an expiration timestamp (deadline), and the ECDSA signature components (v, r, s) which are recovered to verify the owner's intent.
The core logic within the permit function performs several critical checks. First, it recovers the signer's address from the provided signature using ecrecover and verifies it matches the owner parameter. It then validates that the current block timestamp is less than the deadline. Crucially, it also checks a mapping of used nonces (per-owner counters) to prevent signature replay attacks. If all checks pass, the function calls the internal _approve(owner, spender, value) to update the standard ERC-20 allowance mapping, granting the spender permission to transfer up to the specified value of tokens.
For a user to create a valid signature, they must construct and sign the EIP-712 typed structured data. This involves hashing a domain separator (unique to the token contract) together with a Permit struct containing the owner, spender, value, nonce, and deadline. The resulting digest is what the user signs with their private key. This off-chain signature can then be submitted to the blockchain by any party (often a relayer or the spender themselves), who pays the gas fee for the permit transaction, enabling the gasless approval user experience.
A common implementation pattern adds an internal _useNonce function that increments and returns the current nonce for an owner, ensuring each signature is unique. The contract must also define the immutable DOMAIN_SEPARATOR in its constructor, calculated according to EIP-712 using the chain ID, contract address, and token name. This separation of signature creation and submission decouples authorization from execution, forming the basis for meta-transactions and more sophisticated gas abstraction systems in DeFi.
ecosystem-usage
PERMIT (EIP-2612)
Ecosystem Usage & Adoption
EIP-2612 introduced a gasless approval mechanism for ERC-20 tokens, enabling users to sign off-chain messages to grant spending allowances, which is now a foundational standard for DeFi UX.
02
DeFi & DEX Integration
Major protocols leverage permits for seamless swapping and liquidity provisioning.
- Uniswap V3/V4: Uses permits for single-transaction swaps and adding liquidity.
- Aave: Enables gasless supply and borrowing of assets.
- 1inch Aggregator: Allows signature-based approvals for its aggregation router. This integration is critical for meta-transactions and account abstraction flows.
03
Wallet & SDK Support
Widespread wallet and developer tool adoption is essential for the standard's utility.
- Wallets: MetaMask, Rainbow, and Coinbase Wallet natively support EIP-712 signing for permits.
- SDKs: Libraries like ethers.js, viem, and web3.js provide built-in methods for creating and verifying permit signatures, standardizing implementation.
04
Security Considerations
While convenient, permits introduce new security vectors that users and developers must manage.
- Deadline Enforcement: Contracts must rigorously check the
deadlineto prevent replay of expired signatures. - Replay Protection: The
noncefor each token holder prevents signature reuse. - Phishing Risks: Users must carefully verify the EIP-712 domain and signing data to avoid malicious spoofing.
06
The Path to Account Abstraction
Permits are a precursor to ERC-4337 (Account Abstraction). They demonstrate the power of signature-based authorization decoupled from gas payment. In an AA future, permits can be bundled into a UserOperation, allowing sponsored transactions and more complex session keys for automated DeFi interactions.
examples
EIP-2612
Real-World Use Cases
EIP-2612 permits enable gasless token approvals by allowing users to sign off-chain messages, which are then submitted by a third party. This unlocks several key user experience and operational improvements.
02
Batch Transactions & Composability
Permits enable complex, multi-step DeFi operations in a single transaction, improving composability and reducing gas costs. A user can sign a single permit that allows a smart contract to execute a sequence of actions atomically.
- Use Case: Deposit into a lending market and borrow against the collateral in one click.
- Use Case: Approve and provide liquidity to a Uniswap V3 position in a single bundle.
- Mechanism: The signed EIP-712 structured data is passed as a parameter to a function that executes the entire bundle.
04
Improved Security for Smart Wallets
Account Abstraction (ERC-4337) wallets and smart contract wallets integrate permits to enhance security models. Since the wallet itself holds the assets, traditional approve is impossible. Permits allow the wallet to verify an off-chain signature from its authorized signer and then grant allowance to a specific spender.
- Mechanism: The user signs the permit, the bundler includes it in a UserOperation, and the wallet's
validateUserOpmethod verifies the signature and sets the allowance. - Benefit: Maintains self-custody while enabling gasless experiences and batched actions.
05
Cross-Chain & Layer 2 Bridging
Permits streamline the bridging process between Layer 1 and Layer 2 networks or across different chains. A user signs a permit on the source chain, and the signature is relayed to a bridge or messaging protocol, which mints a representative token on the destination chain after verifying the signature's validity.
- Benefit: Avoids the need for two separate transactions (approve, then bridge) on the source chain, reducing cost and time.
- Architecture: Relies on signature verification via precompiles or off-chain verifiers on the destination chain.
security-considerations
PERMIT (EIP-2612)
Security Considerations
While EIP-2612's permit function enables gasless token approvals, it introduces new security vectors that developers and users must understand.
01
Signature Replay Attacks
A signed permit message is valid until its deadline. Key risks include:
- Cross-chain replays: A signature for Chain A could be maliciously submitted on Chain B if the same token contract exists on both.
- Contract upgrades: A new contract version that doesn't invalidate old signatures could be vulnerable.
- Mitigation: Always include the
chainId, token contractaddress, and a user-specificnoncein the signed data to bind the signature to a specific domain.
02
Phishing & User Misunderstanding
Users sign off-chain messages, not on-chain transactions, which can be confusing. Threats include:
- Spoofed interfaces: Malicious dApps can trick users into signing a
permitfor excessive allowances or to the wrong spender. - Hidden deadlines: A very long deadline (
type(uint256).max) creates a permanent allowance if signed. - Best Practice: Wallets should clearly display the spender address, allowance amount, deadline, and domain details before signing.
03
Frontrunning & Approval Racing
The standard permit flow is susceptible to MEV extraction and race conditions.
- Allowance theft: A malicious actor can frontrun the user's actual transaction, seeing the signed
permitin the mempool, and submit it first to set themselves as the spender. - Mitigation: Use EIP-2612 with EIP-712 signatures, which include a nonce. While the signature can still be frontrun, the nonce prevents replay after the user's legitimate transaction is mined.
04
Domain Separator & Chain Security
The EIP-712 domain separator is critical for preventing cross-domain signature replay. It includes:
nameandversionof the contractchainIdof the originating blockchainverifyingContractaddress- A compromised or incorrectly computed separator (e.g., using
block.chainidincorrectly) invalidates all security. Contracts must useDOMAIN_SEPARATOR()correctly and ensure it's immutable after construction.
05
Nonce Management & Re-orgs
Each account has a permit nonce that increments after each successful use. Issues arise from:
- Transaction ordering dependence: If two permits with the same nonce are signed, only the first one executed will succeed.
- Blockchain re-orgs: A reorg could invalidate a permit transaction, but the nonce has been consumed, requiring a new signature.
- Design Consideration: Applications should not assume a signed permit is permanently valid and should handle
IERC20Permitrevert reasons gracefully.
ERC-20 TOKEN APPROVAL METHODS
Permit vs. Traditional Approve
A technical comparison of the off-chain signature-based Permit pattern (EIP-2612) and the on-chain transaction-based approve method for ERC-20 token allowances.
| Feature | Traditional Approve | Permit (EIP-2612) |
|---|---|---|
User Action Flow | Two transactions: 1) approve(), 2) transferFrom() | One transaction: 1) transferFrom() with signature |
Gas Cost for User | ~45,000 gas for approve() + transferFrom() gas | ~0 gas for signing + ~55,000 gas for transferFrom() |
Transaction Count | 2 | 1 |
UX for First Interaction | Requires wallet pop-up for approval | No wallet pop-up; uses off-chain signature |
Smart Contract Support | Universal for all ERC-20 tokens | Requires token to implement EIP-2612 |
Replay Protection | Uses transaction nonce | Uses a per-user, per-contract nonce (permit nonce) |
Deadline Enforcement | No | Yes, signature expires at a set block timestamp |
Batch Operations | Inefficient, requires multiple approvals | Efficient, single signature can permit multiple actions |
EIP-2612
Frequently Asked Questions (FAQ)
EIP-2612, or the Permit function, is a standard that enables gasless token approvals. This FAQ addresses common developer questions about its mechanics, use cases, and implementation.
EIP-2612 is an Ethereum Improvement Proposal that introduces a permit function, enabling users to approve token transfers using off-chain signatures instead of on-chain transactions. It works by having a user sign a structured message containing approval details (owner, spender, value, deadline, nonce). This signed permit can then be submitted to the token contract by any party, paying the gas fee themselves, to execute the approval on the user's behalf. This mechanism separates the act of authorization from the gas-paying transaction, enabling gasless UX and meta-transactions.
ENQUIRY
Get In Touch
today.
Our experts will offer a free quote and a 30min call to discuss your project.
NDA Protected
Confidentiality24h Response
Time to ValueDirectly to Engineering Team
No Sales Fluff10+
Protocols Shipped
$20M+
TVL Overall