Execution

Permit2 SignatureTransfer.

Permit2 lets a token holder sign a single, expiring authorization that any third party can use to pull a bounded amount of a token. Tenzro implements the protocol-level primitive in tenzro-vm::permit2, with the witness path bound to ERC-7683 cross-chain orders for end-to-end gasless flows.

STATUS: Testnet
CRATE: tenzro-vm::permit2
STABILITY: Stable
TYPE: Component

Canonical verifying contract

0x0000000000000000000000000000000000001023

domain_name: "Permit2"
EIP-712 domain: name + chain_id + verifying_contract

Typed data

TokenPermissions { token, amount }
PermitTransferFrom { permitted, spender, nonce, deadline }
PermitWitnessTransferFrom {
  permitted, spender, nonce, deadline,
  witness (32 bytes), witness_type_name, witness_type_string
}

Nonce bitmap

Per-owner 256-bit-per-word bitmap, identical to the Uniswap layout. The high 248 bits of the nonce are the word position; the low 8 bits are the bit position. Owners can sign multiple permits in parallel without serializing through a counter.

RPCs

tenzro_permit2DomainSeparator
tenzro_permit2Digest {
  token, amount, spender, nonce, deadline,
  witness?, witness_type_name?, witness_type_string?
}
tenzro_permit2VerifyAndConsume { ..digest_params, owner, signature }
tenzro_permit2NonceUsed { owner, nonce }

Witness for ERC-7683

When an ERC-7683 origin opener wants gasless transfer of inputs, the witness is the order id and the type-string is the Tenzro 7683 order shape. The single signature that authorizes the Permit2 pull also signs the cross-chain intent — relayer-friendly, replay-safe.

← All docs