The fake Uniswap that drained everything
November 2024. A holder in Los Angeles searches "uniswap" on Google. The top sponsored ad is uniswap-app.org — looks identical to the real app.uniswap.org. He connects his wallet to swap ETH for USDC. The site requests a PermitBatch signature for "gasless token approval." He signs.
The Permit2 batch signed included USDC, USDT, DAI, WBTC, and four other tokens — every ERC-20 in his wallet. Total drained over the next eight minutes: $312,000.
Why Permit2 is uniquely dangerous when phished
Permit2 is Uniswap's universal approval contract. One contract address holds approval rights across hundreds of integrated dApps. Sign a malicious PermitBatch and you grant a single attacker address the right to drain every token in the list, in one signature. There is no per-token review — the wallet shows a typed-data prompt with a list of token symbols and a single "Sign" button.
The four-step verification before any Uniswap signature
- The URL is
app.uniswap.org. Notuniswap-app.org, notuniswap.exchange, notuniswap.fi. Bookmark the real one and never use search. - The signature shows a spender address. Open MetaMask's "Show full" view. The legitimate Permit2 spender on Ethereum mainnet is
0x000000000022D473030F116dDEE9F6B43aC78BA3. If the spender is anything else, reject. - The token list matches what you are swapping. A swap of ETH for USDC should request a permit for at most USDC, not for eight tokens.
- The expiration deadline is short. Real Permit2 expirations from Uniswap default to 30 days. A deadline of "year 2099" is the drainer's "until I get around to it" signature.
If you signed
You have minutes. Open the wallet, send every token in the Permit list to a fresh wallet you control, in descending order of dollar value. Skip the small ones — gas matters. Then, after the dust settles, run revoke.cash against Permit2 and revoke every active permit.
The bookmark rule
I do not use Google to navigate to any DeFi protocol. Bookmark on first visit, verified through Twitter cross-check, and never deviate. Search engines are an attack vector now, not a tool.