Trent Alan Last updated: January 17, 2024 22:52 EST | 1 min read 
Uniswap introduced the Permit2 security upgrade to address vulnerabilities allowing hackers infinite token access and withdrawals. Image by vladimka, Adobe Stock.Decentralized exchange Uniswap has unveiled a new security tool called Permit2 today to give users more control over their digital assets and prevent hackers from exploiting vulnerabilities.
Permit2 addresses the “infinite token allowance” flaw that has put user funds at risk, according to a statement from Uniswap Labs. This vulnerability stems from the common practice in crypto of users granting smart contracts permission to access tokens so they can interact with decentralized apps.
While useful, the unlimited token allowance can be abused by hackers to infinitely drain wallets undetected. Uniswap’s upgrade hopes to seal this vulnerability before the launch of Uniswap v4.
Empowering Users, Curbing Hackers
A key feature of Permit2 is enabling users to set time limits on token approvals, so third parties can only access funds for a specific period. This gives users more oversight.
Recent exploits have continued to show that infinite token allowances put user funds at risk.
Permit2 is a free, public good built to prevent these exploits, enabling:
+ Time-bound token allowances
+ Reusable token approvals
+ Gas savings across appsHow to integrate Permit2…
— Uniswap Labs
