Uniswap implements Permit2 and Permit2Lib which are smart contracts that enable permit-style approvals and transfers using signatures for ERC20 tokens that do not support such functionality.
The most critical subjects covered in our audit are functional correctness, signature handling andfront-running. Security regarding front-running is improvable due to a possible attack vector on permitapprovals, see Race Condition on Approvals. Security regarding functional correctness and signaturehandling is high.The general subjects covered are specification correctness and uncommon language features. Securityregarding all the aforementioned subjects is high.
In summary, we find that the level of security of the codebase is high. Discovered issues do not render the contracts immediately unsafe, but enable potential human errors.
It is important to note that security audits are time-boxed and cannot uncover all vulnerabilities. They complement but don’t replace other vital measures to secure a project.