The first time you make a transaction on Lyra v2, you have to grant permission to the smart contracts to spend USDC tokens on your behalf.
Why are approvals needed?
The approval function is a security measure that separates the ability to hold tokens from the ability to spend them. Without the approval function, any smart contract you interact with would have direct access to all the tokens in your wallet, posing a significant security risk.
How do I approve on Lyra?
When you want to enter a trade on Lyra, after filling out the trade form you will be prompted with a button to enable spending for USDC. Your wallet of choice will ask if you want to give consent for the Lyra smart contracts to spend a specific amount of USDC. Once the transaction is confirmed, the transaction will be submitted to the blockchain and verified. Afterwards you are free to trade up until the amount you enabled.
What are the limits of an approval?
Once approval is given, the smart contract can execute transactions up to the approved amount by invoking the
transferFrom function. This function allows the contract to transfer approved tokens from your wallet to another address. By requiring approval, you retain control over how many tokens an application can move. This prevents malicious contracts from draining your wallet.
How should I stay vigilant to unwanted approvals?
Users should be cautious and double check the UI they are using to ensure it is the DAO's UI. It's often advised to approve only the amount you plan to use. If you no longer use a dApp or if you've given a high allowance, consider revoking the approval to mitigate risks.