{"id":24572,"date":"2023-12-14T13:37:00","date_gmt":"2023-12-14T13:37:00","guid":{"rendered":"https:\/\/dexola.com\/blog\/?p=24572"},"modified":"2024-07-15T14:40:09","modified_gmt":"2024-07-15T14:40:09","slug":"token-approvals-and-revocation-of-permissions-decoding-defi-security","status":"publish","type":"post","link":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/","title":{"rendered":"Token Approvals and Revocation: How Can Developers Make dApps Safer?"},"content":{"rendered":"\n<p id=\"1806\">As we track major hacks like those at Poloniex, Huobi (HTX), and KyberSwap, where millions of dollars were stolen, it\u2019s important to note that smaller hacks occur daily, adding up to thousands each month. You can read about them on Twitter, in Discord, and in Telegram chats. These incidents often share a common thread \u2014 the victim unknowingly approved a token transfer and then forgot about it.<\/p>\n\n\n\n<p id=\"6fb5\">What is the approve function in ERC-20 and ERC-721 token standards? What hidden dangers do token approvals present? How do hackers exploit these vulnerabilities, and how can we mitigate these risks? We explained everything step by step.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"3fd3\">What is the Approve Function?<\/h2>\n\n\n\n<p>Looking for a definition of token approvals a.k.a. token allowances? Read right on. <\/p>\n\n\n\n<p id=\"097d\">The first thing you should know is that your wallet doesn\u2019t store your tokens. They are stored in their smart contracts. For instance, the LINK ERC-20 smart contract acts as a database, holding all the token owner addresses and their balances.<\/p>\n\n\n\n<p id=\"ffa2\">Transferring tokens to another address involves invoking the specific&nbsp;<strong>Transfer function<\/strong>&nbsp;in the token\u2019s smart contract. This updates its database by decreasing your balance by X amount and increasing the recipient\u2019s balance by the same amount.<\/p>\n\n\n\n<p id=\"ffdc\">Other smart contracts can\u2019t directly call the Transfer function on your behalf. When you want to provide liquidity or to swap LINK for USDT, the DEX contract will ask you for permission to initiate the token transfer via the&nbsp;<strong>Approval<\/strong>&nbsp;mechanism. Signing the approval request means you give a specific smart contract permission to spend a certain amount of your tokens at any time, indicating your consent.<\/p>\n\n\n\n<p id=\"1c5a\">So, what are token approvals? The\u00a0<strong>Approve function<\/strong>\u00a0is the backbone of automated decentralized finance, and, unfortunately, it\u2019s also at the center of countless draining incidents. While legitimate contracts use token approvals to function as intended, malicious ones trick users into approving the withdrawal of all valuable tokens and NFTs, effectively draining the wallet.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"9ba1\">How Approval Function-Based Hacks Operate<\/h2>\n\n\n\n<p id=\"b3fc\">Since 2020,&nbsp;<a href=\"https:\/\/dune.com\/scamsniffer\/inferno-drainer\" rel=\"noreferrer noopener\" target=\"_blank\">over 100,000<\/a>&nbsp;addresses have fallen victim to Inferno drainer attacks, costing a total of $71 million. Most of these attacks were using Approval to drain the funds.<\/p>\n\n\n\n<p id=\"748a\">Certain incidents have gained notoriety; for example, an NFT collector known as StockEd&nbsp;<a href=\"https:\/\/twitter.com\/robbyhammz\/status\/1687672153796235265\" rel=\"noreferrer noopener\" target=\"_blank\">lost $300,000<\/a>&nbsp;simply by clicking a malicious link, connecting their wallet, and signing an approval request.<\/p>\n\n\n\n<p id=\"7f52\">There are three common vectors for such attacks:<\/p>\n\n\n\n<ol>\n<li>To trick the victim into connecting their wallet and signing the approval transaction, which then allows the attackers to drain the wallet.<\/li>\n\n\n\n<li>To hack a DeFi project that collected many signed approval transactions, then drain the connected wallets.<\/li>\n\n\n\n<li>To launch a real protocol with safe smart contracts, then upgrade the contracts to add draining functions and steal funds from connected wallets.<\/li>\n<\/ol>\n\n\n\n<p id=\"ae3d\">The attackers are getting creative with hiding the approval transactions. For example, in StockEd\u2019s case, the drainer put the malicious transaction in Metamask\u2019s buffer and the victim signed it long after he connected the wallet to the scam website. In other cases, scammers purposely ignore ERCs designed to preview the proposed transaction in human-readable code instead of byte code, so the user can\u2019t understand what exactly he signs.<\/p>\n\n\n\n<p>This is why the importance of revoking token approvals is ultimate, and there are multiple ways to mitigate the risks of token approvals.<\/p>\n\n\n\n<p><em>Read about the <a href=\"https:\/\/dexola.com\/blog\/ethereum-restaking-how-eigenlayer-transforms-the-defi-ecosystem\/\" title=\"\">Ethereum restaking<\/a> in our blog.<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"726f\">How Can Users Defend Their Funds?<\/h2>\n\n\n\n<p>Here you will find out how to revoke token approvals.<\/p>\n\n\n\n<p id=\"eb0d\"><strong>First, be careful with approval transactions.<\/strong>&nbsp;Always read the transaction you are ready to sign in your wallet. Metamask has become more secure with recent updates, including the introduction of malicious transaction detectors, but it\u2019s still wise to read and verify everything yourself.<\/p>\n\n\n\n<p id=\"3526\"><strong>Second, learn how to use your wallet.<\/strong>&nbsp;Popular wallets, such as Binance Web3 Wallet, enable users to view and revoke current approvals as a precaution.<\/p>\n\n\n\n<p id=\"ca62\"><strong>Third, there are specialized services to revoke approvals.<\/strong>\u00a0E.g. Revoke.cash is designed to view and manage current approvals. If you suspect that any protocols you use have been compromised, it\u2019s prudent to revoke token approval as a safety measure.<\/p>\n\n\n\n<p id=\"6ea7\"><strong>Fourth, you can manually edit transactions.&nbsp;<\/strong>If a dApp requests you to sign for unlimited approval, you have the option to modify the token quantity, permitting withdrawal of only the amount necessary for the transaction. Major protocols like Uniswap and Aave request limited approval, while new protocols are more likely to propose signing a dangerous unlimited one.<\/p>\n\n\n\n<p id=\"dfe5\"><strong>Fifth, you have to be careful with dApps that use upgradable contracts<\/strong>. Those are the contracts whose code can be changed by developers later. Malicious devs can implement the code that will exploit the unlimited allowances users gave them.<\/p>\n\n\n\n<p id=\"509e\"><strong>Sixth, create a separate wallet for working with fresh dApps to not put all of your holdings at risk.&nbsp;<\/strong>It\u2019s a safety measure that helps protect your primary holdings by isolating them from potential risks associated with untested or less secure platforms.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"114a\">How Can Developers Make their dApps Safer?<\/h2>\n\n\n\n<p id=\"c1f5\">There are two main and two secondary steps for defense.<\/p>\n\n\n\n<ol>\n<li><strong>Go for an independent security audit<\/strong>. Sometimes hackers can get unauthorized access to private functions and exploit granted approvals.<\/li>\n\n\n\n<li><strong>Implement the limited approvals<\/strong>. Ensure the contract asks only for the quantity of tokens it will use, rather than requesting unlimited approval. Even if the contract administrator key gets compromised, at least the users\u2019 losses will be limited.<\/li>\n\n\n\n<li><strong>A rarely used but existing feature is a separate button to revoke all previously signed approvals.<\/strong>&nbsp;Many users don\u2019t know that disconnecting their wallet from the dApp won\u2019t cancel the approvals, and the dedicated button might do the thing.<\/li>\n\n\n\n<li><strong>Freeze function \u2014 quite a radical method that goes against the decentralization and permissionless narrative.\u00a0<\/strong>Tether added the Freeze function to its USDT contracts, so they can freeze the stablecoins stolen from other protocols or transfered to the wrong addresses. The user can request a revoked transaction and Tether will burn the lost USDT and then refund the user with freshly minted stablecoins minus the fee. Despite its usefulness, this token revocation approach is far from the principles of decentralization and can potentially scare users away from a new DeFi protocol.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"a55b\">Conclusion<\/h2>\n\n\n\n<p id=\"181e\">Although approval attacks are quite common, they remain largely unknown to the general public. This is a kind of attack that is very hard to cope with in code, as the hackers create their wallet drainers or hijack protocols to exploit the approvals.<\/p>\n\n\n\n<p>Despite DeFi&#8217;s innovative tools and practices, navigating this space requires caution. The &#8220;approve&#8221; function, crucial for seamless token interactions, can be exploited by malicious actors if not understood. This article explored the &#8220;approve&#8221; function, its vulnerabilities, and user mitigation methods like transaction review and separate wallets for untested dApps.<\/p>\n\n\n\n<p>The DeFi ecosystem evolution involves security innovations like independent audits and limited token approvals. However, striking a balance is key. The future of DeFi security likely involves innovative off-chain solutions and a more user-friendly experience. Stay informed and leverage Dexola&#8217;s resources to navigate DeFi securely.<\/p>\n\n\n\n<p id=\"1dd3\">At\u00a0<a href=\"https:\/\/dexola.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">Dexola<\/a>\u00a0we believe that with thorough audits, best practices of token approvals, and limited approval mechanisms, we can make DeFi safer. By continuously educating users about potential risks, we can increase awareness of unlimited approvals and leave hackers without their \u2018bread and butter.<\/p>\n\n\n\n<p id=\"1dd3\">Want to know how Dexola can help you with <a href=\"https:\/\/dexola.com\/smart-contracts-development\/\" title=\"\">smart contracts developers<\/a> hire and the <a href=\"https:\/\/dexola.com\/blog\/before-the-development-importance-of-the-technical-discovery-phase-in-web3\/\" title=\"\">technical discovery phase in Web3<\/a>? Contact us today. <\/p>\n","protected":false},"excerpt":{"rendered":"<p>As we track major hacks like those at Poloniex, Huobi (HTX), and KyberSwap, where millions of dollars were stolen, it\u2019s important to note that smaller hacks occur daily, adding up to thousands each month. You can read about them on Twitter, in Discord, and in Telegram chats. These incidents often share a common thread \u2014 [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":24574,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Token Approvals and Revocation: How Can Developers Make dApps Safer? - Dexola<\/title>\n<meta name=\"description\" content=\"What is the approve function in ERC-20 and ERC-721 token standards? What hidden dangers does it present? \ud83e\udd14 We at Dexola explained everything step by step.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Token Approvals and Revocation: How Can Developers Make dApps Safer?\" \/>\n<meta property=\"og:description\" content=\"What is the approve function in ERC-20 and ERC-721 token standards? What hidden dangers does it present? \ud83e\udd14 We at Dexola explained everything step by step.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Dexola\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-14T13:37:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-15T14:40:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/12\/0_vw4fAstLaJk2h3Q8-1.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Eugene Potemsky\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Token Approvals and Revocation: How Can Developers Make dApps Safer?\" \/>\n<meta name=\"twitter:description\" content=\"What is the approve function in ERC-20 and ERC-721 token standards? What hidden dangers does it present? \ud83e\udd14 We at Dexola explained everything step by step.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/12\/0_vw4fAstLaJk2h3Q8-1.webp\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Eugene Potemsky\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/\"},\"author\":{\"name\":\"Eugene Potemsky\",\"@id\":\"https:\/\/dexola.com\/blog\/#\/schema\/person\/ba97f83b477a3519001bae12042bbe86\"},\"headline\":\"Token Approvals and Revocation: How Can Developers Make dApps Safer?\",\"datePublished\":\"2023-12-14T13:37:00+00:00\",\"dateModified\":\"2024-07-15T14:40:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/\"},\"wordCount\":1256,\"publisher\":{\"@id\":\"https:\/\/dexola.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/06\/0_vw4fAstLaJk2h3Q8.webp\",\"keywords\":[\"Blockchain &amp; Smart Contracts\"],\"articleSection\":[\"Web3 Development\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/\",\"url\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/\",\"name\":\"Token Approvals and Revocation: How Can Developers Make dApps Safer? - Dexola\",\"isPartOf\":{\"@id\":\"https:\/\/dexola.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/06\/0_vw4fAstLaJk2h3Q8.webp\",\"datePublished\":\"2023-12-14T13:37:00+00:00\",\"dateModified\":\"2024-07-15T14:40:09+00:00\",\"description\":\"What is the approve function in ERC-20 and ERC-721 token standards? What hidden dangers does it present? \ud83e\udd14 We at Dexola explained everything step by step.\",\"breadcrumb\":{\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#primaryimage\",\"url\":\"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/06\/0_vw4fAstLaJk2h3Q8.webp\",\"contentUrl\":\"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/06\/0_vw4fAstLaJk2h3Q8.webp\",\"width\":1600,\"height\":900},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/dexola.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Token Approvals and Revocation: How Can Developers Make dApps Safer?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/dexola.com\/blog\/#website\",\"url\":\"https:\/\/dexola.com\/blog\/\",\"name\":\"Dexola\",\"description\":\"Blog\",\"publisher\":{\"@id\":\"https:\/\/dexola.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/dexola.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/dexola.com\/blog\/#organization\",\"name\":\"Dexola\",\"url\":\"https:\/\/dexola.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/dexola.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/11\/logo-white.svg\",\"contentUrl\":\"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/11\/logo-white.svg\",\"width\":65,\"height\":14,\"caption\":\"Dexola\"},\"image\":{\"@id\":\"https:\/\/dexola.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/dexola.com\/blog\/#\/schema\/person\/ba97f83b477a3519001bae12042bbe86\",\"name\":\"Eugene Potemsky\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/dexola.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d0556e13bd158a13f4a9bbad65878594?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d0556e13bd158a13f4a9bbad65878594?s=96&d=mm&r=g\",\"caption\":\"Eugene Potemsky\"},\"description\":\"CTO\/Co-founder at Dexola As the CTO and co-founder of Dexola, I lead a team of over 30 highly qualified developers delivering cutting-edge solutions for blockchain, DeFi, and AI projects. Dexola is the result of a strategic partnership with Trinetix Inc., an enterprise-level outsourcing company. With over 15 years of experience in software engineering, data science, and business analysis, my mission is to empower clients with innovative and secure solutions. I am passionate about exploring new possibilities and challenges in this rapidly evolving field of Web3. Key Areas of Expertise: - Web3 Solutions: Leading the development of next-generation decentralized applications and platforms. - AI and Machine Learning: Expanding artificial intelligence to strengthen blockchain and Web3 projects. - Business Strategy: Combining technical expertise with strategic insights to drive business growth and innovation. My dedication to advancing technology and my ability to lead and inspire people help our clients achieve their ambitious goals. My work continues to push the boundaries of what's possible, setting new standards for innovation and security in the industry.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/eugene-potemskyi\/\"],\"url\":\"https:\/\/dexola.com\/blog\/author\/eugene\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Token Approvals and Revocation: How Can Developers Make dApps Safer? - Dexola","description":"What is the approve function in ERC-20 and ERC-721 token standards? What hidden dangers does it present? \ud83e\udd14 We at Dexola explained everything step by step.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/","og_locale":"en_US","og_type":"article","og_title":"Token Approvals and Revocation: How Can Developers Make dApps Safer?","og_description":"What is the approve function in ERC-20 and ERC-721 token standards? What hidden dangers does it present? \ud83e\udd14 We at Dexola explained everything step by step.","og_url":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/","og_site_name":"Dexola","article_published_time":"2023-12-14T13:37:00+00:00","article_modified_time":"2024-07-15T14:40:09+00:00","og_image":[{"width":1600,"height":900,"url":"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/12\/0_vw4fAstLaJk2h3Q8-1.webp","type":"image\/webp"}],"author":"Eugene Potemsky","twitter_card":"summary_large_image","twitter_title":"Token Approvals and Revocation: How Can Developers Make dApps Safer?","twitter_description":"What is the approve function in ERC-20 and ERC-721 token standards? What hidden dangers does it present? \ud83e\udd14 We at Dexola explained everything step by step.","twitter_image":"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/12\/0_vw4fAstLaJk2h3Q8-1.webp","twitter_misc":{"Written by":"Eugene Potemsky","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#article","isPartOf":{"@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/"},"author":{"name":"Eugene Potemsky","@id":"https:\/\/dexola.com\/blog\/#\/schema\/person\/ba97f83b477a3519001bae12042bbe86"},"headline":"Token Approvals and Revocation: How Can Developers Make dApps Safer?","datePublished":"2023-12-14T13:37:00+00:00","dateModified":"2024-07-15T14:40:09+00:00","mainEntityOfPage":{"@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/"},"wordCount":1256,"publisher":{"@id":"https:\/\/dexola.com\/blog\/#organization"},"image":{"@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#primaryimage"},"thumbnailUrl":"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/06\/0_vw4fAstLaJk2h3Q8.webp","keywords":["Blockchain &amp; Smart Contracts"],"articleSection":["Web3 Development"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/","url":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/","name":"Token Approvals and Revocation: How Can Developers Make dApps Safer? - Dexola","isPartOf":{"@id":"https:\/\/dexola.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#primaryimage"},"image":{"@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#primaryimage"},"thumbnailUrl":"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/06\/0_vw4fAstLaJk2h3Q8.webp","datePublished":"2023-12-14T13:37:00+00:00","dateModified":"2024-07-15T14:40:09+00:00","description":"What is the approve function in ERC-20 and ERC-721 token standards? What hidden dangers does it present? \ud83e\udd14 We at Dexola explained everything step by step.","breadcrumb":{"@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#primaryimage","url":"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/06\/0_vw4fAstLaJk2h3Q8.webp","contentUrl":"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2024\/06\/0_vw4fAstLaJk2h3Q8.webp","width":1600,"height":900},{"@type":"BreadcrumbList","@id":"https:\/\/dexola.com\/blog\/token-approvals-and-revocation-of-permissions-decoding-defi-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/dexola.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Token Approvals and Revocation: How Can Developers Make dApps Safer?"}]},{"@type":"WebSite","@id":"https:\/\/dexola.com\/blog\/#website","url":"https:\/\/dexola.com\/blog\/","name":"Dexola","description":"Blog","publisher":{"@id":"https:\/\/dexola.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/dexola.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/dexola.com\/blog\/#organization","name":"Dexola","url":"https:\/\/dexola.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dexola.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/11\/logo-white.svg","contentUrl":"https:\/\/dexola.com\/blog\/wp-content\/uploads\/sites\/2\/2023\/11\/logo-white.svg","width":65,"height":14,"caption":"Dexola"},"image":{"@id":"https:\/\/dexola.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/dexola.com\/blog\/#\/schema\/person\/ba97f83b477a3519001bae12042bbe86","name":"Eugene Potemsky","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/dexola.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d0556e13bd158a13f4a9bbad65878594?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d0556e13bd158a13f4a9bbad65878594?s=96&d=mm&r=g","caption":"Eugene Potemsky"},"description":"CTO\/Co-founder at Dexola As the CTO and co-founder of Dexola, I lead a team of over 30 highly qualified developers delivering cutting-edge solutions for blockchain, DeFi, and AI projects. Dexola is the result of a strategic partnership with Trinetix Inc., an enterprise-level outsourcing company. With over 15 years of experience in software engineering, data science, and business analysis, my mission is to empower clients with innovative and secure solutions. I am passionate about exploring new possibilities and challenges in this rapidly evolving field of Web3. Key Areas of Expertise: - Web3 Solutions: Leading the development of next-generation decentralized applications and platforms. - AI and Machine Learning: Expanding artificial intelligence to strengthen blockchain and Web3 projects. - Business Strategy: Combining technical expertise with strategic insights to drive business growth and innovation. My dedication to advancing technology and my ability to lead and inspire people help our clients achieve their ambitious goals. My work continues to push the boundaries of what's possible, setting new standards for innovation and security in the industry.","sameAs":["https:\/\/www.linkedin.com\/in\/eugene-potemskyi\/"],"url":"https:\/\/dexola.com\/blog\/author\/eugene\/"}]}},"acf":[],"_links":{"self":[{"href":"https:\/\/dexola.com\/blog\/wp-json\/wp\/v2\/posts\/24572"}],"collection":[{"href":"https:\/\/dexola.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dexola.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dexola.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/dexola.com\/blog\/wp-json\/wp\/v2\/comments?post=24572"}],"version-history":[{"count":3,"href":"https:\/\/dexola.com\/blog\/wp-json\/wp\/v2\/posts\/24572\/revisions"}],"predecessor-version":[{"id":24657,"href":"https:\/\/dexola.com\/blog\/wp-json\/wp\/v2\/posts\/24572\/revisions\/24657"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/dexola.com\/blog\/wp-json\/wp\/v2\/media\/24574"}],"wp:attachment":[{"href":"https:\/\/dexola.com\/blog\/wp-json\/wp\/v2\/media?parent=24572"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}