It stems from an ethos among the crypto community "Don't trust. In light of the risks using unlimited / infinite token allowances, it is a best practice among DeFi and Ethereum users to review token allowances a few times a year and edit/revoke any infinite allowances back to 0. Once I give the infinite approval, they deduct those tokens from my wallet without me knowing.
For example, if I gave infinite approval to spend my USDC and DAI to a new DeFi application, the team behind this application could be bad actors looking to exploit unknowing users who gave infinite permission. If a user gives infinite approval to a smart contract address in a DeFi application and if that smart contract gets exploited or some bad actor somehow gains control of the address, they can sweep the specific tokens from any wallet that gave permission to spend their tokens. However, the downside of infinite token allowances is it presents an opportunity to exploit users.
You've probably experienced this requirement to give an "approval" or "allowance" when you traded a token like DAI or deposited DAI into a Zapper Pool. All DeFi applications on Ethereum and other EVM-compatible chains like Polygon, including the tools you interact with on Zapper, are designed with this ERC-20 standard in mind. The ERC-20 standard allows a user's wallet address to give an allowance to another address (ie a smart contract in a DeFi application) to be able to retrieve tokens from it. As a user, we commonly trade, transfer, or spend these ERC-20 tokens such as DAI or USDC or WBTC on decentralized exchanges (DEXs) like Uniswap or on DEX aggregators like Zapper Exchange. It is the technical standard used for all smart contracts on the Ethereum blockchain for fungible token implementations.
In Ethereum, the most popular token standard is known as ERC-20.
0 kommentar(er)
