To approve once or approve all?

[libert19]

If you ever used ethereum dexes like uniswap/1inch or yield farming dapps, you would be aware that you have to make two transactions.

The first transaction is to Approve spending or depositing a certain amount of a specific token.

The second step is where you actually make a trade or deposit tokens into a liquidity pool or farm.

Now, In first approve transaction, there are two types — 'approve once' and 'approval all'.

In both cases, you are giving permission to smart contract to manage funds on your behalf.

Difference being, in first one, you are giving permission for exact amount. For example, , if you are approving 100 usdc, that's the only amount smart contract will have permission for.

While, In second, it will have access to all your funds, now and in future — you can revoke this, we'll get there in a bit.

Unlimited allowances offers a superior user experience as the user just needs to approve it once, and not repeat the process for subsequent deposits. In simple words, it saves you from insane gas fees.

However, the downside of infinite token allowances is it presents an opportunity to exploit users. If a user gives infinite approval to a smart contract address in a DeFi application and if that smart contract gets exploited or some bad actor somehow gains control of the address, they can sweep the specific tokens from any wallet that gave permission to spend their tokens. Hardware wallets doesn't save you from this either.

How unlimited allowance can fuck you up: https://twitter.com/amanusk_/status/1313070958794727430

So Is single allowance is better?

Security-wise yes, but paying hundreds of dollars for approval transactions might not be a sound decision either. It's a choice between lesser of two evils.

If you drift towards unlimited allowances part, do check your outstanding allowances periodically, and revoke those that you're not actively using any more (approvals don't expire). Here are some websites you can use;

1) https://tac.dappstar.io/

2) https://approved.zone/

3) https://ethallowance.com/

4) https://debank.com/approve

5) https://revoke.cash/

Each Revoke transaction will set the spending limit for that smart contract address back to 0, protecting your wallet and tokens. Do keep in mind that Revoke transactions also cost gas.

[UserU]

Having farmed tokens, I rather see how much I'd be paying rather per transaction than leaving on all auto-approval. Usually BSC shouldn't be much of a problem with the low(er) fees.

After all, paying a little extra is better than potentially losing all.

[libert19]

Having farmed tokens, I rather see how much I'd be paying rather per transaction than leaving on all auto-approval. Usually BSC shouldn't be much of a problem with the low(er) fees.

After all, paying a little extra is better than potentially losing all.

True, bsc/polygon and on similar chains it's wise to approve once, fees are peanuts anyway.

[ZaraCB]

Trading on decentralized exchanges seems risky to me all the time. Because there are many fake websites of DEX. However, when trading in DEX, I think it is better to select Approved once.  Because we can have many types of assets in our wallet. However, you can use the new wallet to trade on DEX for the safty of your asset.

[libert19]

A 'new' scam using the same trick: https://mobile.twitter.com/mdudas/status/1437027902156070917

[mexite]

The high gas fee on Ethereum is actually the major reason why a user will use the "approve all" rather than "approve once"when trading on e DEX like Uniswap. The risk is high considering how DeFi dApps are exploited every now and then. Glad that there are countermeasures to put this in check and revoke any access granted to the smart contracts.

Thanks for the heads up.

[libert19]

Badger finance users were exploited similar way: https://rekt.news/badger-rekt/

Twitter thread outlining safe practices: https://mobile.twitter.com/CryptoCatVC/status/1466380960648380419

[jrrsparkles]

Badger finance users were exploited similar way: https://rekt.news/badger-rekt/

Twitter thread outlining safe practices: https://mobile.twitter.com/CryptoCatVC/status/1466380960648380419

Every Metamask user should be very careful even after you created this still someone is losing their funds its a pathetic scene. Atleast they managed to revoke st the right time and saved their tokens from further loss hope this will serve as a lesson for every Dex user in future.