Critical problems of ERC20 token standard

Dexaran
Dexaran
Jun 16, 2017 · 2 min read

I want to publish it here because my original article was deleted from Ethereum reddit.

https://www.reddit.com/r/ethereum/comments/6h17aw/critical_problem_of_erc20_tokens/

This is a description of issues of ERC20 token standard, which is used for almost all Ethereum ICOs. ERC20 tokens have two critical issues that are causing money losses for token users.

1. Lack of transaction handling.

There are two ways of performing a transaction in ERC20 tokens:

1. `transfer` function.

2. `approve` + `transferFrom` mechanism.

Event handling is a standard practice in programming (Ethereum transaction should be considered an event): https://en.wikipedia.org/wiki/Event_(computing)

Unfortunately, ERC20 token standard lacks event (transaction) handling/emitting mechanism.

The `transfer` function will not notify the recipient that the transaction happened. The recipient will not be able to recognize the incoming transaction! I wrote this illustration of the process that is leading to unhandled transactions and, as a result, stuck tokens and lost funds for users.

Token balance is just a variable inside token contract.

Transaction of a token is a change of the internal variables of the contract (the `balance` of the sender is decreased and the `balance` of the recipient is increased).

As a result, if the recipient is a contract, users must transfer their tokens using the approve +transferFrom mechanism. If the recipient is an externally owned account address then users must transfer their tokens via the transfer function. If a user will make a mistake and choose a wrong function then the tokens will get stuck inside contract (contract will not recognize a transaction). There will be no way to extract stuck tokens and the user will just lose his funds represented by this token.

Reliance on an assumption that no one will ever make a mistake was a mistake on its own. Some users are constantly using a wrong function to deposit tokens into contract and it is leading to huge financial losses for Ethereum users.

2. approve + transferFrom mechanism is potentially insecure. Re-approval attack.

`approve` + `transferFrom` mechanism allows double spents.

A possible attack is described here.

My previous articles regarding the problem.

article #1

article #2

article #3

article #4

article #5

article #6

article #7

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store