this is different than the standard approval process, where you approve ERC-20 tokens for spending against the router directly
instead, for UniversalRouter ERC-20s are approved against an intermediary Permit2 contract
this adds an additional step in our approval flow, since we need to approve the UniversalRouter contract to spend the funds approved against Permit2
this is typically done as a (gasless) signature - but we implement this as a transaction to allow for batching by smart wallets
blockchain security recommended us only approve exact amounts to Permit2 (typically the approval is unlimited and only done once - because of the this constraint we need a transaction for each Permit2 approval, making the swap experience 3 separate transactions for EOAs)
What changed? Why?
Permit2
approval flow for V2 APIUniversalRouter
UniversalRouter
ERC-20s are approved against an intermediaryPermit2
contractUniversalRouter
contract to spend the funds approved againstPermit2
Permit2
(typically the approval is unlimited and only done once - because of the this constraint we need a transaction for eachPermit2
approval, making the swap experience 3 separate transactions for EOAs)read more: https://blog.uniswap.org/permit2-and-universal-router
Notes to reviewers
How has it been tested? using https://github.com/ilikesymmetry/onchainkit-demo