Razvan Gabriel on Warpcast

Content pfp

https://opensea.io/collection/dev-21

0 reply

0 recast

2 reactions

Razvan Gabriel pfp

Picture this: you're building the next big thing on @ethereum Your app allows users to __ ERC20 tokens. Cats, dogs, penguins, the US dollar, you name it, anything that's a token, users can __. They click the button. Something breaks. Let's explore the dark side of ERC20s👇🧵

1 reply

1 recast

0 reaction

Razvan Gabriel pfp

After endless hours of debugging txs and reports, I’ve compiled a list of common pitfalls involving ERC20s. Prevent them and users will be forever grateful. → Details, string v bytes32 → The 96 bits allowance → Balance “go up” → Blacklists → Admin rights Let's dive in!

1 reply

0 recast

0 reaction

Razvan Gabriel pfp

Fancy a long-form option you can bookmark and enjoy later? Head over to the @sablier blog to get the full piece. https://blog.sablier.com/the-dark-side-of-erc20s/ Or keep reading for some not-so-easy to spot pitfalls with ERC20 tokens.

1 reply

1 recast

0 reaction

Razvan Gabriel pfp

➡️ Token details, string vs bytes32 Most ERC20s return name/symbol as strings. To optimize gas, devs may choose to represent these in bytes32. The switch can cause failing queries, or worst, failing infra when indexers like @graphprotocol or @envio stop parsing events ✋

1 reply

0 recast

0 reaction

Razvan Gabriel pfp

Solution? Don't expect to always get strings. Query for token details in both formats, at once or in sequence. If the call expecting a string result fails, revert to the bytes32 version (and manually convert to strings afterwards).

1 reply

0 recast

0 reaction

Razvan Gabriel pfp

➡️ The 96 bits allowance Infinite allowances are an anti-pattern. But, in the spirit of shipping fast, they're at times overlooked. Passing in generic max values can cause approval txs for tokens like COMP to fail.

1 reply

0 recast

0 reaction

Razvan Gabriel pfp

The solution? Implement granular allowances or handle max values for these special tokens. For example, an allowance of 10^25 should fit just fine for COMP, while for most tokens, you're free to go even higher.

1 reply

0 recast

0 reaction

Razvan Gabriel pfp

➡️ Token balance “go up” Mechanisms like rebasing tokens or Aave yield tokens rely on dynamic balances. Failing to account for this can cause things to break, or in case of yield, the surplus is lost forever. Solution? Warn users or implement smart wrappers like ERC4626.

1 reply

0 recast

0 reaction