{"id":"https://openalex.org/W4284701118","doi":"https://doi.org/10.1145/3545948.3545963","title":"Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on Ethereum","display_name":"Penny Wise and Pound Foolish: Quantifying the Risk of Unlimited Approval of ERC20 Tokens on Ethereum","publication_year":2022,"publication_date":"2022-10-17","ids":{"openalex":"https://openalex.org/W4284701118","doi":"https://doi.org/10.1145/3545948.3545963"},"language":"en","primary_location":{"id":"doi:10.1145/3545948.3545963","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3545948.3545963","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["arxiv","crossref"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2207.01790","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5021044130","display_name":"Dabao Wang","orcid":"https://orcid.org/0000-0002-4199-4318"},"institutions":[{"id":"https://openalex.org/I56590836","display_name":"Monash University","ror":"https://ror.org/02bfwt286","country_code":"AU","type":"education","lineage":["https://openalex.org/I56590836"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Dabao Wang","raw_affiliation_strings":["Monash University, Australia"],"affiliations":[{"raw_affiliation_string":"Monash University, Australia","institution_ids":["https://openalex.org/I56590836"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100525989","display_name":"Hang Feng","orcid":null},"institutions":[{"id":"https://openalex.org/I76130692","display_name":"Zhejiang University","ror":"https://ror.org/00a2xv884","country_code":"CN","type":"education","lineage":["https://openalex.org/I76130692"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Hang Feng","raw_affiliation_strings":["Zhejiang University, China"],"affiliations":[{"raw_affiliation_string":"Zhejiang University, China","institution_ids":["https://openalex.org/I76130692"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5058809732","display_name":"Siwei Wu","orcid":"https://orcid.org/0000-0001-8751-014X"},"institutions":[{"id":"https://openalex.org/I76130692","display_name":"Zhejiang University","ror":"https://ror.org/00a2xv884","country_code":"CN","type":"education","lineage":["https://openalex.org/I76130692"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Siwei Wu","raw_affiliation_strings":["Zhejiang University, China"],"affiliations":[{"raw_affiliation_string":"Zhejiang University, China","institution_ids":["https://openalex.org/I76130692"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5088790914","display_name":"Yajin Zhou","orcid":"https://orcid.org/0000-0001-7610-4736"},"institutions":[{"id":"https://openalex.org/I76130692","display_name":"Zhejiang University","ror":"https://ror.org/00a2xv884","country_code":"CN","type":"education","lineage":["https://openalex.org/I76130692"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yajin Zhou","raw_affiliation_strings":["Zhejiang University, China"],"affiliations":[{"raw_affiliation_string":"Zhejiang University, China","institution_ids":["https://openalex.org/I76130692"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5065178474","display_name":"Lei Wu","orcid":"https://orcid.org/0000-0003-1675-5283"},"institutions":[{"id":"https://openalex.org/I76130692","display_name":"Zhejiang University","ror":"https://ror.org/00a2xv884","country_code":"CN","type":"education","lineage":["https://openalex.org/I76130692"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Lei Wu","raw_affiliation_strings":["Zhejiang University, China"],"affiliations":[{"raw_affiliation_string":"Zhejiang University, China","institution_ids":["https://openalex.org/I76130692"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5064553444","display_name":"Xingliang Yuan","orcid":"https://orcid.org/0000-0002-3701-4946"},"institutions":[{"id":"https://openalex.org/I56590836","display_name":"Monash University","ror":"https://ror.org/02bfwt286","country_code":"AU","type":"education","lineage":["https://openalex.org/I56590836"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Xingliang Yuan","raw_affiliation_strings":["Monash University, Australia"],"affiliations":[{"raw_affiliation_string":"Monash University, Australia","institution_ids":["https://openalex.org/I56590836"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5021044130"],"corresponding_institution_ids":["https://openalex.org/I56590836"],"apc_list":null,"apc_paid":null,"fwci":5.4107,"has_fulltext":false,"cited_by_count":17,"citation_normalized_percentile":{"value":0.95946575,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"99","last_page":"114"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10270","display_name":"Blockchain Technology Applications and Security","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/pound","display_name":"Pound (networking)","score":0.7108557224273682},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5515022277832031},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.08366921544075012}],"concepts":[{"id":"https://openalex.org/C2781350852","wikidata":"https://www.wikidata.org/wiki/Q288469","display_name":"Pound (networking)","level":2,"score":0.7108557224273682},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5515022277832031},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.08366921544075012}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3545948.3545963","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3545948.3545963","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 25th International Symposium on Research in Attacks, Intrusions and Defenses","raw_type":"proceedings-article"},{"id":"pmh:oai:arXiv.org:2207.01790","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2207.01790","pdf_url":"https://arxiv.org/pdf/2207.01790","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2207.01790","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2207.01790","pdf_url":"https://arxiv.org/pdf/2207.01790","source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G6153124291","display_name":null,"funder_award_id":"National Natural Science Foundation of China","funder_id":"https://openalex.org/F4320321001","funder_display_name":"National Natural Science Foundation of China"}],"funders":[{"id":"https://openalex.org/F4320321001","display_name":"National Natural Science Foundation of China","ror":"https://ror.org/01h0zpd94"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":15,"referenced_works":["https://openalex.org/W2539190473","https://openalex.org/W2805052744","https://openalex.org/W2846896781","https://openalex.org/W2898569715","https://openalex.org/W2969328927","https://openalex.org/W2987160260","https://openalex.org/W3012561668","https://openalex.org/W3016124762","https://openalex.org/W3046493130","https://openalex.org/W3095431539","https://openalex.org/W3098450669","https://openalex.org/W3133932565","https://openalex.org/W3155854917","https://openalex.org/W3164964584","https://openalex.org/W4200529292"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W2334014428","https://openalex.org/W1518256087","https://openalex.org/W2006894878","https://openalex.org/W2469051251","https://openalex.org/W2496350017","https://openalex.org/W2074091228","https://openalex.org/W2068873304"],"abstract_inverted_index":{"The":[0],"prosperity":[1],"of":[2,21,31,60,80],"decentralized":[3,16],"finance":[4],"motivates":[5],"many":[6,33],"investors":[7],"to":[8,56,64,75,94,116],"profit":[9],"via":[10],"trading":[11],"their":[12,102],"crypto":[13],"assets":[14],"on":[15,40,78],"applications":[17],"(DApps":[18],"for":[19],"short)":[20],"the":[22,48,51,58,69,81,85,96],"Ethereum":[23],"ecosystem.":[24,49],"Apart":[25],"from":[26],"Ether":[27],"(the":[28],"native":[29],"cryptocurrency":[30],"Ethereum),":[32],"ERC20":[34],"(a":[35],"widely":[36],"used":[37,55],"token":[38],"standard":[39],"Ethereum)":[41],"tokens":[42,63,74],"obtain":[43],"vast":[44],"market":[45],"value":[46],"in":[47,107],"Specifically,":[50],"approval":[52,88],"mechanism":[53,112],"is":[54,89],"delegate":[57],"privilege":[59],"spending":[61],"users\u2019":[62,118],"DApps.":[65],"By":[66],"doing":[67],"so,":[68],"DApps":[70,93],"can":[71,113],"transfer":[72],"these":[73],"arbitrary":[76],"receivers":[77],"behalf":[79],"users.":[82,103],"To":[83],"increase":[84],"usability,":[86],"unlimited":[87],"commonly":[90],"adopted":[91],"by":[92],"reduce":[95],"required":[97],"interaction":[98],"between":[99],"them":[100],"and":[101],"However,":[104],"as":[105],"shown":[106],"existing":[108],"security":[109],"incidents,":[110],"this":[111],"be":[114],"abused":[115],"steal":[117],"tokens.":[119]},"counts_by_year":[{"year":2025,"cited_by_count":7},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":5},{"year":2022,"cited_by_count":1}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2022-07-08T00:00:00"}