On January 1, a person on Reddit named 4cademy, who calls themself as an investor in cryptocurrencies, provided some advice to the r/CryptoCurrency forum in which they warned of the risks associated with unchecked smart contracts.
The investors claim that over the course of the last two years, they have authorized a large number of smart contracts while transferring their assets. The post added:
“Today I thought it was time to check my approved smart contracts and you should too. Nearly all my approvals were for unlimited amounts. Due to the fact that I am not doing much DeFi right now I revoked all my approvals just to be better safe than sorry.”
4cademy advised users to at the very least review their own approvals and consider revoking them if necessary. The reason for this is because someone may have inadvertently accepted a malevolent contract that is only waiting for a specific amount of dollars to steal, or a hacker could identify a hole in a good-behaving contract that could be exploited. Both of these scenarios are quite likely, says the investor.
An additional piece of advice was provided by the Reddit user who suggested using a variety of digital wallets for a variety of functions, such as having one wallet that only interacts with smart contracts and another wallet that does not engage with smart contracts and is used just for the purpose of retaining funds.
Users who commented on the post indicated that one could also plan a recurring interval to withdraw all permissions for smart contracts. For example, one user proposed that this might be done on the first of every month or even at the beginning of every week.