Olivia
Online
DEX223
@Dex_223
$D223 is a decentralized exchange for ERC20 & ERC223 tokens focusing on security & maximizing chains support.
Tokens get listed via smart-contract.
Ethereum
Joined December 2023
17 Following
5.7K Followers
919 Posts
Pinned Tweet
1/ Dex223 is building the first multi-standard DEX on Ethereum
ERC-20 tokens make users lose millions of dollars to simple mistakes or approval scams. We enable everyone to use and trade tokens as if they were ERC-223
No approvals
No losses due to sending to wrong addresses
7/ Dex223 allows everyone to receive ERC-223 versions of any existing token by just switching the slider in the swap options
A simple action that would prevent the most common errors that result in disastrous losses every year
3/ We are introducing such process to upgrade tokens
ERC-20 adoption is not going away overnight so we are making it possible to "wrap" your existing ERC-20 tokens so that they become ERC-223
It is possible to unwrap them back to ERC-20 at any moment
6/ Every time you trade on any existing DEX, you hand it approval to spend your tokens first. DEX223 removes approvals step completely
2/ For years ERC-20 standard dominated the ecosystem. This is not because the standard is perfect, this is because there is no upgrading process in place
https://t.co/x6b39XUM76
1/ Ethereum needs a process for upgrading its standards🔄
In one of the rapidly evolving industries in the world, the very first token standard to gain adoption has gone unchanged for 10 years, not because it's flawless, but because no migrating process exists
1/ Dex223 is building the first multi-standard DEX on Ethereum
ERC-20 tokens make users lose millions of dollars to simple mistakes or approval scams. We enable everyone to use and trade tokens as if they were ERC-223
No approvals
No losses due to sending to wrong addresses
@devn_me Approvals are unnecessary. Every "revoke your approvals" guide exists because ERC-20 forces you to clean up after yourself indefinitely. ERC-223 works without approvals entirely, same as ETH transfers. Nothing to sign, nothing to revoke, nothing waiting to drain your wallet
@Cryptotarzan19 The problem is also ERC-20 itself. Approvals grant indefinite access to funds and have cost users billions. The transfer function lacks transaction handling, permanently locking over $100M in contracts with no recovery possible https://t.co/fRyhAbcEax
https://t.co/EfrFyzhSyB
1/ Ethereum needs better token standards🚨
ERC-20 standard is poorly designed and outdated but it’s still the MOST adopted one.
What are its problems and why is it designed the way it is? 👇
@vinibarbosabr @zacodil Agree that the approvals are terrible and it's high time to replace the ERC20 standard with a safe alternative.
ERC-223 removes approvals entirely, push transactions only, same as ETH transfers. ERC-7417 allows existing tokens to migrate from ERC-20 to ERC-223
Why "token approval" is the worst idea in DeFi.
ERC-20 got the token right and the hard part wrong. it standardized balances and transfers, but never a clean way for a contract to actually use your tokens. a plain transfer to a contract doesn't even tell it anything arrived. so they bolted on a hotfix: approve + transferFrom.
Look at what that hotfix forces on you. to let a contract spend your tokens, you either:
- approve it once for a huge or infinite amount, and now it can reach into your wallet whenever it wants, forever, until you remember to revoke. you're trusting a contract you probably never read.
- OR approve the exact amount right before every action, which means a second transaction and a second gas fee on every single operation.
Tust a stranger, or pay a tax on every move. those are the two choices, and the standard offers nothing better. so everyone picks door one and clicks "infinite," and the chain fills with wallets pointing loaded guns at themselves.
Not theoretical. the jaredfromsubway MEV bot just lost millions this way. nothing was hacked. it handed out approvals chasing fake trades, and someone used transferFrom to walk the funds out.
The worst part: a better design existed the whole time. transfer-and-call (ERC-223, ERC-1363) moves the exact amount and notifies the receiver in one transaction. no standing approval, no extra tx, no stranger holding a key to your account. it lost to ERC-20's head start, and now infinite approvals are load-bearing under all of DeFi. permit, permit2, account abstraction, every "fix" is a patch on a primitive that should never have shipped.
We didn't get the safe option. we got the convenient one, and we've been paying for it since
ERC-20 is the first standard that emerged in early days of Ethereum and unsurprisingly it is far from perfect.
The main problem here is the absence of an upgrading procedure that would allow a better standard to replace it. @Dexaran pointed out all the above mentioned problems 9 yeras ago during ERC-20 finalization https://t.co/S8e9GF0Dwf
Unfortunately 9 years passed and the first standard that dominated Ethereum ecosystem is still the most widely used one despite all its well-known problems and existing alternatives.
We are currently working on establishing a process that would allow a switch from one standard to another, ERC-7417 allows tokens to migrate from ERC-20 to ERC-223 and our Dex is a reference implementation demonstrating how a DAPP could behave in this scenario
The approval mechanism grants indefinite access to funds, so any contract or bot that accumulates them becomes a target worth engineering attacks around.
ERC-223 removes approvals entirely. No dangling permissions means no trust-decay trap to engineer in the first place https://t.co/l56UUMIRiu
1/ ERC-20 approvals are the worst thing a token standard could have ⚠️
They are responsible for the majority of funds losses occurring in the Ethereum ecosystem
@coinbase B20 inherits security problems of ERC-20 and will lead to a loss of millions of dollars of your customers funds https://t.co/fRyhAbcEax
ERC-20's lack of transaction handling is a security flaw that damages Ethereum ecosystem for years
B20 inherits the same security flaws
Permit2 doesn't solve the approval problem. One signature now grants standing access across multiple assets at once, which means a single compromise has a wider blast radius, not a smaller one.
ERC-223 works without approvals entirely, removing that risk altogether https://t.co/l56UUMIRiu
1/ ERC-20 approvals are the worst thing a token standard could have ⚠️
They are responsible for the majority of funds losses occurring in the Ethereum ecosystem
@term_labs Permit still keeps the approvals model alive. The risk stay, permissions sit there until revoked, and a compromised contract can still drain funds. A standard without approvals removes that risk entirely
https://t.co/dYIGUofV4u
1/ ERC-20 approvals are the worst thing a token standard could have ⚠️
They are responsible for the majority of funds losses occurring in the Ethereum ecosystem
This is another case of approve/transferFrom complexity creating an attack surface. A zero-value transferFrom call bypassing the allowance check is exactly the kind of edge case that exists because ERC-20's pull-based model has so many corner cases to get right.
ERC-223 removes this entire class of bugs by removing approve and transferFrom altogether, push transactions only
@routescan_io Revoking approvals is good practice, but it fights the consequences rather than the cause. Every swap creates new ones, so the cleanup never ends. The real fix is a standard that doesn't require approvals at all. ERC-223 transfers work exactly that way
https://t.co/qcwJfO3NPO
1/ Approval revoking will not save ERC-20
There is no possibility of building secure infrastructure around an insecure token without fixing the root of its problems
7/ Imagine a vault which requires you to visit it once in a few days and tell it "yes I still want my funds to be kept safe" and pay fee every time you do so
Fail to do that once = the vault unlocks
Thats how approval revoking looks from the security perspective
1/ Approval revoking will not save ERC-20
There is no possibility of building secure infrastructure around an insecure token without fixing the root of its problems
6/ The purpose of security is to make sure users will not lose their funds
Token storing must be safe by default. If a user puts their funds in a vault - they stay there
Last Seen Users on Sotwe
Hyd Men
Seen from India
Wataru
Seen from Turkey
Hatice35
Seen from Turkey
Black Rose
Seen from Australia
Family Inc Fantasy
Seen from Nigeria
Ruay Kui168
Seen from Thailand
abrahambanaologist 🔞
Seen from Canada
คนในความลับ
Seen from United States
KONTEN BIKIN NIKMAT
Seen from Singapore
nick_exhib | slave | exhib
Seen from Singapore
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.2M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.4M followers
Taylor Swift
@taylorswift13
81.3M followers
Lady Gaga
@ladygaga
72.8M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.6M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.3M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.5M followers