Are infinite token approvals putting your users at risk? Outstanding allowances on upgradable smart contracts expose $6.5 billion for the top 20 tokens on Ethereum, according to smart contract security firm Dedaub.

Still today, it’s laborious and gas-expensive to manage allowances, requiring users to constantly audit approvals with tools like revoke.cash or risk losing their tokens. Over $405 million has been stolen in approval exploits since 2020.

In order to protect users and keep funds safe, we need to fundamentally reconsider the app allowance model by avoiding the infinite approval pattern altogether.

‍

‍

As part of 0x v2, our completely redesigned smart contracts fully eliminate allowance risk by baking in protection at the ground level using the latest innovations in limited token approvals, including Permit2.

In this article, we will explore the dark side of token approvals and take a look at how 0x v2 protects your users and reputation, enabling the most secure trading experience in DeFi.

The dark side of token approvals

When a user goes to trade on a new app, they immediately have to approve tokens to trade. Users have to consider whether the app is safe, whether or not they will get drained, and if they should switch to a different wallet. All of these concerns add a layer of friction to user trading flows.

If you are building in crypto, you know how scary hacks can be. The canonical ERC20 token approval method that we have all come to know is a major roadblock. Reducing the risk of being onchain is key to onboarding new users.

Infinite approvals give apps access to entire token balances for an indefinite period and can lead to unsuspecting users having their balances drained in the event of an exploit, a risk you don’t want to have to worry about when building your app. There is news of a major exploit in the space on a near-daily basis.

The risk is in the billions. The dollar value that has been approved and backed by actual balances to upgradeable contacts in DeFi is $6.5B for the top 20 tokens on Ethereum and $7.5B for the top 500 tokens, according to leading smart contract auditing firm Dedaub.

‍

‍

A security vulnerability can strike at any time and affect even the best of teams. Bugs will slip by the watchful review of even the best auditors. In order to protect users, we need to avoid the infinite approval pattern altogether.

Secure approvals with Permit2

Originally developed by Uniswap based on the work of 0x alumnus Lawrence Forman, Permit2 is a token approval method that can be used to safely share and manage token approvals across different smart contracts.

Permit2 has two parts. The most commonly used, AllowanceTransfer, reduces the burden on users of managing token approvals by approving contracts for a specific period of time and value. The other half, SignatureTransfer, enables approvals that are not just time and value bound, but also single-use, which reduces allowance risk to virtually zero.

‍

‍

How does it work? Permit2 features:

• Permits for any ERC20 token, including tokens that don’t support the native permit method.
• Time-bound approvals, which remove risk associated with approvals for indefinite periods of time.
• Signature-based approvals can be used for single-use transactions.

You don’t need to trust us

0x v2’s completely redesigned settlement contracts, known as 0x Settler, utilize Permit2 to perform swaps without a passive allowance - meaning Settler does not hold any allowance, nor does it hold token balances between swaps.

Single-use approvals with Permit2

We believe Permit2 is critical for secure swap applications, but not just any usage of Permit2. Time-bound infinite approvals, while significantly better than the never-expiring infinite approval, still expose users to risk.

‍In order to fully eliminate the risk that passive allowances could be exploited, 0x Settler utilizes single-use signatures for every transaction.

‍

‍

Single-use approvals prevent user funds from being stolen even if the smart contracts were compromised, so you don’t have to trust us.

For wallets that currently send a limited approval transaction alongside the swap to bypass infinite approvals, Permit2 provides the same security in a more gas efficient way. 

Ready to get serious?

0x’s next-gen pricing engine is in open beta! v2 offers the most seamless swap experience at the best all-in prices with optimal trade execution, powerful new monetization features, and enhanced security.

Book a v2 onboarding call to get started.

We’ll be sharing more details about our redesigned router, aggregation capabilities, and smart contracts over the next few weeks.