Content
@
0 reply
0 recast
2 reactions
Julie B.
@bbjubjub.eth
Help me I had a stupid idea but I cant explain why it's stupid: could tx.origin be used instead of explicit approvals for authorizing token transfers? Like iff you initiate a transaction your tokens are all unlocked
6 replies
2 recasts
5 reactions
Julie B.
@bbjubjub.eth
A friend gave me the response that there could be arbitrary hooks, for example in Uni pools but we both think that's a bit contrived
0 reply
0 recast
0 reaction
Julie B.
@bbjubjub.eth
speaking of https://x.com/k06a/status/1845086383821463659
0 reply
0 recast
0 reaction
xh3b4sd ↑
@xh3b4sd.eth
I think the explicit approval is to have a signature for the explicit intent of spending your tokens. Only because you are the origin of a tx does not tell the entire story of what should or should not happen with your tokens. I think this is also why only the direct peer is viewed as spender, because smart contracts may become token holders on your behalf when you "deposit" into them, which requires you to allow them to spend your tokens, even though you are the tx.origin.
2 replies
0 recast
1 reaction
0xmons
@xmon.eth
This seems pretty dangerous because arbitrary contract calls could drain you. Whereas rn you need to explicitly approve spenders
1 reply
0 recast
0 reaction
Dylan
@elffjs
I think it’s true that if my standard ERC20 token—let’s say I don’t use approvals or contexts—sits at 0xA and I send a transaction to 0xB then there’s no way I lose tokens. I think your proposal breaks this?
1 reply
0 recast
1 reaction
eni
@eni
how about relayer EOAs though?
1 reply
0 recast
0 reaction
