Approve `type(uint256).max` Not Working with Some Tokens
Description
In ERC-20 tokens, the approve function allows an account to delegate the spending of its tokens to another address, typically a smart contract. A common practice is to approve type(uint256).max to grant unlimited allowance to the spender, reducing the need for repeated approval transactions.
However, not all ERC-20 tokens support this approach due to unique implementations and security constraints. Some token contracts impose restrictions that prevent approvals of excessively high values.
Impact
Some ERC-20 tokens have built-in restrictions that can cause approve(type(uint256).max) to fail. Possible reasons include:
Anti-whale mechanisms: Some tokens limit maximum transaction or approval amounts to prevent excessive token movement.
Overflow protection: Certain contracts include checks that reject excessively large values to avoid unexpected behavior.
Custom logic: Some tokens require approval values to be set within a specific range or follow specific conditions.
As a result, attempting to approve type(uint256).max may lead to unexpected transaction failures, causing usability issues and potential disruptions in integrations.
Recommendation
While approving type(uint256).max can seem convenient to avoid multiple transactions, it may not be practical or safe with certain ERC-20 tokens due to their specific implementations. Users and developers should consider the implications of using very high allowances and adopt more conservative strategies to manage token approvals efficiently and securely. Understanding the behavior of specific token contracts and adjusting practices accordingly is crucial for ensuring compatibility and avoiding transaction failures.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.