DApp Approval Scam
When it comes to currency exchange in the DEX platform, the approval step will be used. Only after the first operation of “Approve“ can the swap be performed, and this is only one of the application scenarios.
Since the "Approve" operation essentially grants the exercise authority of part of your token to another address or smart contract address, scammers will use codes or links to maliciously let users perform "Approve" operations. For example, users may receive airdrop tokens attached memo and link, noted that the airdropped tokens can be exchanged for other tokens. If the user opens the link and executes the exchange, they will fall into the trap that maliciously approves Dapp. As a result, the user's assets will be transferred by the Dapp easily.
How to judge whether the approved operation is safe? 1. Whether the approved product is open source Open source code allows users to better know permissions of “approve”, that is, users will know the conditions to transfer assets.
2. Whether open sources for the approved product is audited Audited projects are more secure than unaudited projects.
3. Whether the approved products are of unknown sources Products of unknown origin must be vigilant, and it will be secure to use well-known products such as Uniswap.
How do I know which approved operations I have made and how to cancel them? Currently, there are some “approve” tools to check such as Etherscan, CoinTool, Approved, Approve.sh, etc. for users so that they can check their own approve status and cancel the approved operations.