Content
@
0 reply
0 recast
2 reactions
0xrusowsky
@0xrusowsky.eth
let's say that you are building a contract with the following properties: - never holds funds. all tokens are spent/sent back within the same tx. - interacts with aave pool (for flashloans)+ uniswap router as a dev, would you feel comfortable granting infinite approval to the aave/uni dependencies? why?
4 replies
0 recast
4 reactions
Jem
@jem
Is Permit2 an option? Infinite approval to Permit2 + expiring signatures.
1 reply
0 recast
0 reaction
Mikko
@moo
There is zero reason for infinite approvals, including this one.
1 reply
0 recast
1 reaction
storming0x.eth
@storming0x
Uni probably safe , aave depends on details of what’s going on with the interactions. Agree it’s a trade off and not good practice to blanket max approve your dependencies without considering risks. Is good you are considering options.
0 reply
0 recast
1 reaction
ruvaag
@ruvaag
yes, if it makes a real difference. would recommend users to never infinite approve instead. since uni routers are immutable and aave pools have timelocks, most risks are known beforehand. i don't see a huge issue.
0 reply
0 recast
1 reaction