Manage Approvals
This guide helps managing token approvals across different chains
Token approvals are a critical security component when interacting with DeFi protocols, particularly for cross-chain swaps and bridges. These permissions allow protocols to move tokens on your behalf, but they can pose security risks if not managed properly.
According to our research on bridge aggregators, proper approval management is essential for safe cross-chain transactions. Many bridge and bridge aggregator vulnerabilities stem from inadequate approval management, as highlighted in our recent research on cross-chain security and privacy.
This guide covers obtaining and managing ERC20 token approvals using the Approvals API.
Get Approvals
To retrieve existing token approvals, use our TypeScript SDK or a simple cURL command like the one below:
curl --request GET 'https://svc.blockdaemon.com/defi/v1/approvals?chainIDs=eip155:1&accountAddresses=0xf271AAFC62634e6Dc9A276ac0f6145C4fDbE2Ced' \
--header "Authorization: Bearer $API_KEY" \
--header 'Content-Type: application/json' | jq
Required parameters
| Parameter | Description |
|---|---|
chainIDs | List of CAIP-2 chain identifiers (e.g., eip155:1,eip155:10) |
accountAddresses | List of account addresses to query approvals for |
Optional parameters
| Parameter | Description |
|---|---|
spenderAddresses | List of spender addresses to filter approvals by |
tokenAddresses | List of token contract addresses to filter approvals by |
The response includes
- List of approvals with token details (symbol, name, decimals)
- Approved amount and its USD value
- Value at risk calculations per approval
- Portfolio summary with:
- Total approved sum per account
- Total value at risk per account
- Chain-level aggregated sums
Example response
{
"approvals": [
{
"amountUSD": "5.01",
"chainId": "eip155:1",
"spenderAddress": "0xce16f69375520ab01377ce7b88f5ba8c48f8d666",
"token": {
"symbol": "USDT",
"name": "Tether USD",
"decimals": 6,
"priceUSD": 1.001
},
"valueAtRisk": "10621173",
"valueAtRiskUSD": "10.63"
}
],
"portfolioViewSum": {
"sums": {
"accounts": [{
"address": "0xf271AAFC62634e6Dc9A276ac0f6145C4fDbE2Ced",
"approvedSum": "82.89",
"valueAtRiskSum": "151.9"
}]
}
}
}
You can also get approvals programmatically using the TypeScript SDK:
const routeParameters = {
fromChain: "eip155:1",
// example address, replace by yours
fromAddress: "0xf271AAFC62634e6Dc9A276ac0f6145C4fDbE2Ced",
// the target token you want to authorize
toToken: "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48",
};
// address that gets authorization to spend your tokens
const getAllApprovalsRequest: GetAllApprovalsRequest = {
chainIDs: [routeParameters.fromChain],
accountAddresses: [routeParameters.fromAddress],
};
try {
const allApprovals = await approvalsAPI.getAllApprovals(
getAllApprovalsRequest,
);
logger.info("Got all approvals");
logger.debug(JSON.stringify(allApprovals, null, 2));
process.exit(0);
} catch (error) {
logger.error(`Failure at ${scriptName}`);
await handleApiError(error, logger);
process.exit(1);
}
}
Manage Approvals
You can modify approvals (create, increase, decrease, or remove them) using the Approvals API.
Send a POST request to create or modify an approval. Make sure to replace theaccountAddress, tokenAddressand spenderAddress with the respective addresses:
curl --request POST "https://svc.blockdaemon.com/defi/v1/approval" \
--header "Authorization: Bearer $API_KEY" \
--header "Content-Type: application/json" \
--data '{
"chainID": "eip155:10",
"accountAddress": "0xf271AAFC62634e6Dc9A276ac0f6145C4fDbE2Ced",
"tokenAddress": "0x350a791Bfc2C21F9Ed5d10980Dad2e2638ffa7f6",
"spenderAddress": "0x797651C1Cec524ec6CF3B8Dd4755bF69Dd26051A",
"toApprovedAmount": "1000000"
}' | jq
The request returns an encoded transaction that creates, increases, or decreases the token approval. Set toApprovedAmount to "0" to remove an approval (alternatively, use the Delete Token Approval endpoint).
The encoded transaction needs to be signed by the client and sent to the blockchain. You can track the transaction status using our Status endpoint.
Additional endpoints:
- Get Token Approval - Retrieve a single token approval on one chain
- Modify Token Approval - API reference for modifying approvals
Get Token Approval vs Get All Approval
The
/approvalendpoint supports both GET and POST operations:
- GET retrieves a single token approval with detailed metadata, requiring chainID, accountAddress, tokenAddress and spenderAddress parameters
- POST modifies an existing approval by updating the approved amount
Use
/approvalfor managing specific token approvals.The
/approvalsendpoint (GET only) retrieves multiple approvals across chains and accounts, with aggregated portfolio sums. It only requires chainIDs and accountAddresses, with optional filtering by tokens and spenders.Use
/approvalsfor portfolio-wide approval analytics.
Modify Approvals with the SDK
Using TypeScript
const modifyApprovalRequest: ModifyTokenApprovalRequest = {
tokenApprovalModification: {
chainID: "eip155:10",
accountAddress: process.env.SENDER_ADDRESS,
tokenAddress: "0x0b2c639c533813f4aa9d7837caf62653d097ff85",
spenderAddress: "0x2222222222222222222222222222222222222222",
toApprovedAmount: "1000000", // Desired approval amount
},
};
try {
const approval = await accountAPI.modifyTokenApproval(modifyApprovalRequest);
console.log("New approval:", approval);
} catch (error) {
console.error("Failed to modify approval:", error);
}
// Delete an approval by setting amount to zero
const deleteApprovalRequest: ModifyTokenApprovalRequest = {
tokenApprovalModification: {
chainID: "eip155:10",
accountAddress: process.env.SENDER_ADDRESS,
tokenAddress: "0x0b2c639c533813f4aa9d7837caf62653d097ff85",
spenderAddress: "0x2222222222222222222222222222222222222222",
toApprovedAmount: "0", // Set to zero to delete the approval
},
};
Using cURL
curl -X POST "https://svc.blockdaemon.com/defi/v1/approval" \
-H "Authorization: Bearer $API_KEY" \
-H "Content-Type: application/json" \
-d '{
"chainID": "eip155:10",
"accountAddress": "0xf271AAFC62634e6Dc9A276ac0f6145C4fDbE2Ced",
"tokenAddress": "0xda10009cbd5d07dd0cecc66161fc93d7c9000da1",
"spenderAddress": "0xB0D502E938ed5f4df2E681fE6E419ff29631d62b",
"toApprovedAmount": "1000000000000000000"
}'
Programatically
You may execute the example script from the defi-examplesrepo to create a transaction payload that modifies a token approval: npm exec src/main/scripts/make-approvals
Additional Resources
For more details on retrieving, signing, and sending approval transactions, refer to our DeFi examples repository.
- The
handleTokenApprovalfunction demonstrates how to obtain and sign approvals.- The
checkTransactionStatusfunction shows how to verify the approval transaction status.
👋 Need Help?
Contact us through email or our support page for any issues, bugs, or assistance you may need.
Updated 24 days ago