What is an approval?
Approvals refer to allowing a third-party DEX (decentralized exchange) or DApp to control your assets without your permission.
Why the need for approvals?
Approval operations exist widely in blockchain networks such as ETH, BSC, HECO, Polygon, Tron and other chains which have address formats compatible with Ethereum (i.e. EVM compatible public chains).
Normal transfers do not require approval. Generally, approval is required only for smart contract interactions where the contract needs to be approved. When scanning the QR code for transfers, be careful if the following interface appears. This operation is not a transfer, but an approval operation.
Both DApps and DEX use smart contracts to execute transactions. Users can invest in DApps or trade on DEX only after giving approval for smart contracts.
A user expects to deposit USDT into Aave to earn interest.
The user firstly needs to approve the Aave smart contract to withdraw USDT from the user's wallet, and then call the contract to deposit a specified amount of USDT into the lending contract.
What to do before the final approval?
1. Confirm the category
The user needs to confirm which kind of allowance the Dapp applies for. If the DApp applies for approval in a way that raises concern, the user must reject it.
2. Control the approved amount of a token
In order to avoid repeated approval by users, DApp developers generally set the maximum amount of tokens to be approved for smart contracts by default. If there is a bug in the smart contract, there is a risk that the user's tokens will be lost. This is the problem caused by "Over-Approval of DApps".
In summary, when DApp and DEX apply for token approval, users need to know the detailed information and control the approved amount to reduce risks if necessary. Huobi Wallet allows users to change the approved amount to ensure asset security.
Huobi Wallet has launched a series of measures to ensure the security of users' assets (Click here for details). Huobi Wallet would also like to remind users not to participate in unknown DApps, especially those without audit reports, and do not trust any projects promoted by the community. Also, periodically review and cancel approvals to reduce the risk of asset loss.
How to manage approval?
Huobi Wallet allows users to manage approvals directly. On the 「Wallet」 page, click 【Auth Manager】 to see all approved assets. Click the drop-down menu to view details, including risk exposure, approved amount and contract address. Users can cancel the token approval of a DApp that is no longer used at any time on this interface, and cancel approval with just one click to ensure asset security.
How does Huobi Wallet deal with over-approval of DApps?
Huobi Wallet Community：
Please sign in to leave a comment.