When you interact with a Decentralized Exchange (DEX) like Uniswap to swap tokens, you must first click an **Approve** button. This transaction grants the Uniswap smart contract permission to pull a specific amount of tokens from your wallet.
### The Unlimited Approval Risk
To save users from paying transaction fees for every single trade, many Web3 frontends prompt you to sign an **Unlimited Approval** (granting permission to transfer up to 1.15 x 10^77 tokens).
* **The Vector:** The dApp itself might be safe today. However, if a hacker finds a vulnerability in that dApp’s smart contract later, they can use your dormant unlimited approval to withdraw all USDC or USDT from your wallet without your signature.
* **The Solution:** Always set a **Custom Spending Limit** in your wallet app matching only the exact amount you want to swap. Regularly audit and revoke approvals using tools like Revoke.cash.