# Execution

<figure><img src="https://1487321251-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FjrIe0oInIEt65tHqWn2w%2Fuploads%2Fgit-blob-d0d5d2088202e77aa24cc8b8649e1a974a0ce6d7%2Fimage.png?alt=media" alt=""><figcaption></figcaption></figure>

{% hint style="danger" %}
**Router V3 is still undergoing an audit.** Use at your own discretion. Funds stored in the router (including vault deposits) might be lost.
{% endhint %}

Tycho Execution provides tools for **encoding and executing swaps** against Tycho Router and protocol executors. It is divided into two main components:

* **Encoding**: A Rust crate that encodes swaps and generates calldata for execution.
* **Executing**: Solidity contracts for executing trades on-chain.

The source code for **Tycho Execution** is available [here](https://github.com/propeller-heads/tycho-execution). For a practical example of its usage, please refer to our [Quickstart](https://docs.propellerheads.xyz/tycho/readme).

## Token transfers

You can transfer tokens in one of three ways with Tycho Execution:

* Permit2
* Standard ERC20 Approvals
* Using Vault funds

See how to change between these options when encoding [here](https://docs.propellerheads.xyz/tycho/for-solvers/encoding#usertransfertype).

### Permit2

Tycho Execution supports **Permit2** for token approvals. Before executing a swap via our router, you must approve the **Permit2 contract** for the specified token and amount. This ensures the router has the necessary permissions to execute trades on your behalf.

Permit2 handling is **not** part of the encoding step. You are responsible for creating and signing the permit yourself. The `Permit2` utility struct is publicly exported from the encoding crate, so you can use it to build the `PermitSingle` and obtain the data needed for signing.

For more details on Permit2 and how to use it, see the [**Permit2 official documentation**](https://docs.uniswap.org/contracts/permit2/overview).

### **Standard ERC20 Approvals**

Tycho also supports traditional ERC20 approvals. In this model, you explicitly call `approve` on the token contract to grant the router permission to transfer tokens on your behalf. This is widely supported and may be preferred in environments where Permit2 is not yet available.

### Using the Vault

The TychoRouter includes a built-in vault ([ERC6909](https://eips.ethereum.org/EIPS/eip-6909)) that lets you deposit, hold, and withdraw tokens directly in the router contract. The vault tracks per-user balances, so your tokens are only accessible by you.

The router draws from your deposited balance instead of performing a `transferFrom` on your wallet. This saves gas (no approval or external transfer needed) and lets you use fees, proceeds from previous trades, or pre-positioned liquidity directly.

Fees earned through the fee-taking system are automatically credited to the fee receiver's vault balance, making them immediately available for future swaps or withdrawals.

More on the Vault [here](https://docs.propellerheads.xyz/tycho/for-solvers/execution/vault).

## Security and Audits

The Tycho Router V2 has been audited by [Maximilian Krüger](https://snd.github.io/). Past audits are [here](https://github.com/propeller-heads/tycho-execution/tree/0454514f4f6ccff55dcaa8e3abbb4ac494d89eba/docs/audits).

{% hint style="danger" %}
**Router V3 is still undergoing an audit.** Use at your own discretion. Funds stored in the router (including vault deposits) might be lost.
{% endhint %}

If you discover potential security issues or have suggestions for improvements, please reach out through our official channels.