USDT and Approvals

The probably most reported pattern-matching issue:

"Approve will not work for USDT on Mainnet"

Today we will dissect this issue, explain the rationale behind it and uncover the solution.

The USDT Approval Issue

For the non-technical reader: Approving a token means giving another account or contract permission to transfer up to a certain amount of tokens from your account, which is essential for interacting with DeFi protocols. With most ERC-20 tokens, you can set this approval amount to whatever you like, and update it as needed.

Want to increase your approval? Just approve a higher amount. It's that simple. Or at least, it should be.

USDT, however, breaks from this convention in a weird way. If you have an existing approval and wish to change it, you can't directly adjust it to a new amount.

Instead, you must first reset your approval to zero before setting it to the new desired amount:

For instance, if you've approved a contract to spend 100 USDT on your behalf and only 10 USDT have been spent, you can't directly reapprove to increase the limit back to 100 USDT. You must first approve 0 USDT, effectively revoking all approvals, and then approve the new amount.

This might seem like a minor inconvenience at first glance, but it has significant implications for DeFi protocols and their users. Many DeFi applications are designed with the assumption that token approvals can be freely adjusted. This assumption falls apart with USDT, and can lead to stuck tokens, simply because of insufficient approvals and the revert of the approval call.

The Solution: A Smart Approach to Approvals

Recognizing this challenge, a workaround was developed: the safeIncreaseAllowance method. This approach cleverly combines the approval reset and the setting of a new approval into a single operation. First, it checks the current allowance and, if necessary, resets it to zero. Then, it immediately sets the allowance to the sum of the old allowance (if any) and the desired increase.

This method streamlines the process, making it compatible with USDT's peculiar approval requirements while maintaining a seamless user experience for interacting with DeFi protocols.

The USDT approval issue is a fascinating example of how even small deviations from standard practices can have wide-ranging effects on protocols and is a prime-example why security audits are mandatory.