After understanding the significant risks of blind signing, we need to master the weapons of active defense. Relying solely on wallet improvements and DApp self-discipline is not enough. As users, we must learn to manage our 'authorizations' and remain vigilant against different types of signature requests. This article will detail how to use professional tools for authorization management and explore other authorization variants beyond approve, building a solid defense line for users.
Part One: Authorization (Approval) - The Source of Risk
In the Ethereum ecosystem, before interacting with ERC20 tokens or ERC721/1155 NFTs, users typically need to perform an approve operation first. This is equivalent to giving a smart contract a 'check', authorizing it to withdraw a specific number of tokens or specific NFTs from your wallet in the future.
Infinite Approval: For convenience, many DApps request 'unlimited' authorization. This is equivalent to giving the contract a blank check. If the contract has vulnerabilities or is malicious itself, it can withdraw all assets of that token or NFT from your wallet at any time.
Authorization is a prerequisite for attacks: Reflecting on the OpenSea incident, the attacker was able to succeed because the user had already authorized the NFT to OpenSea's contract. While authorization itself is a necessary step, it also opens the door for potential attacks.
Part Two: Active Management of Authorization - Reclaim Your 'Checks'
Regularly checking and revoking unnecessary or untrusted authorizations is a crucial security habit. It's like regularly cleaning up checks you have issued but not cashed.
Professional Authorization Management Tools
Etherscan (and series of explorers): As the official blockchain explorer, Etherscan provides a native Token Approval Checker tool. You only need to enter your wallet address, and it will list all your authorization records for all ERC20 and ERC721 tokens. You can initiate transactions here to revoke or modify authorization limits directly. Other mainstream EVM chain explorers like BscScan and PolygonScan also offer similar functions.
Link: https://etherscan.io/tokenapprovalchecker
Revoke.cash: This is a very well-known and powerful third-party authorization management tool. It supports multiple blockchains, has a user-friendly interface, clearly displays each authorization's contract address, authorization limit, and asset value, and provides one-click revoke functionality.
Link: https://revoke.cash/
Wallets with Integrated Authorization Management: Some security-focused wallets, like Rabby Wallet, have integrated authorization check and cancellation functions directly into the wallet, providing great convenience for users.
Management Strategies
Regular Review: Develop a habit of checking authorizations monthly or quarterly.
Principle of Least Privilege: When interacting with new DApps, if possible, grant 'on-demand authorization' (i.e., authorize only as much as needed for the current transaction) rather than unlimited authorization.
Timely Revocation: For DApps that are no longer in use or NFT markets where transactions have been completed, revoke related authorizations in a timely manner.
Part Three: Identifying Variants of Signatures
Attackers' methods are constantly evolving. In addition to the standard approve, there are other functions and signature types that can achieve similar effects.
increaseAllowance / decreaseAllowance: These are functions used to adjust authorization limits in the ERC20 standard. Malicious DApps may trick you into signing a transaction for increaseAllowance, which on the surface appears to 'increase' authorization, but in reality opens authorization for a contract you do not trust.
permit (EIP-2612): This is a more advanced method of authorization that allows users to complete token authorization through an off-chain signature without initiating an on-chain approve transaction, saving gas fees. However, it also means that phishing attackers can induce you to sign a permit message, thereby completing the authorization without your knowledge. This also relies on the wallet's good support for EIP-712 to clearly present the details of the permit.
Other Custom Signatures: Many protocols have their own off-chain signature verification logic for various operations, such as order books, voting, login, etc.
Core Principle: Regardless of how the function name or type of signature request changes, its essence is seeking your 'permission'. You must always return to the golden standard of 'what you see is what you sign'. If you do not understand the specific meaning, involved assets, and counterparty of a signature request that pops up from the wallet, reject it.
This article focuses on users' practical defenses, emphasizing the importance of actively managing authorizations and introducing key tools like Etherscan and Revoke.cash. By understanding the essence of approve and its variants, users can more effectively guard against authorization-related risks. In the next article, we will explore a more covert and dangerous risk - 'counterintuitive' signature attacks, revealing cognitive traps in cross-chain operations.