Glossary — Security & Compliance

What is Approval Hijacking?

1 min read Updated

Approval hijacking is an attack that exploits existing ERC-20 token approvals to drain funds — either by compromising the approved spender contract or by tricking the victim into granting approval to a malicious contract.

WHY IT MATTERS

When you approve a contract to spend your tokens, you're trusting that contract forever (or until you revoke). If that contract has an exploitable vulnerability, or if the admin key is compromised, the attacker can use the existing approval to drain your tokens without any further interaction.

The attack is particularly insidious because the victim doesn't need to take any action. They approved a legitimate contract months ago, forgot about it, and now an attacker is using that old approval to drain tokens. Infinite approvals are the primary enabler.

Agent wallets that interact with multiple DeFi protocols accumulate approvals rapidly. Each approval is a dormant vulnerability. If any approved contract is later compromised, all wallets with outstanding approvals are at risk.

HOW POLICYLAYER USES THIS

PolicyLayer restricts agent token approvals — preventing infinite approvals, limiting approved amounts to what's needed per transaction, and supporting automatic revocation after use. This minimizes the approval attack surface.

FREQUENTLY ASKED QUESTIONS

How do I check for existing approvals on my agent wallet?
Use Revoke.cash, Etherscan's token approval checker, or the Debank approval dashboard. These show all outstanding approvals, the approved amounts, and the spender contracts.
Should I revoke all unused approvals?
Yes, especially for inactive protocols. Each revocation costs a small gas fee, but it eliminates a potential attack vector. For agent wallets, build approval revocation into standard operating procedures.
Is Permit2 safer than standard approvals?
Yes. Permit2 adds built-in expiration to approvals, so old approvals automatically become invalid. It's a significant improvement over standard ERC-20 approvals that persist forever.

FURTHER READING

BUILD WITH POLICYLAYER

Non-custodial spending controls for AI agents. Setup in 5 minutes.

Get Started