Is there a way to revoke a single approval on ERC721

Hi! Thanks a ton for the awesome contracts. I use them a ton, like everyone else in the space. I was writing some tests for an NFT, and came across the following:

If you approve someone over all NFTs in an ERC721, you can revoke their approval by calling:

setApprovalForAll(THEIR_ADDRESS, false);

but if I’ve approved someone on one specific NFT, is there any way to revoke that approval (say, if their private key is compromised)? If there isn’t, shouldn’t there be?

(I feel like I must be missing something in the contract, but if I am, I’m really missing it :sweat_smile: )

I ended up going through OZ’s tests for ERC721, the expected method for revoking an approval seems to be approving the zero address since ERC721 has a max of one approved address per tokenId, see here for one of the tests I’m referencing.

This has made me wonder if maybe approvals in ERC721 should work differently. For example, ERC20 allows multiple addresses to be approved on one addresss’s balance. Why couldn’t/shouldn’t ERC721 follow the same approach? Implementation would seem easy enough - instead of allowances being mapping(uint256 => addresss), it could be something like mapping(address => address => tokenId => bool), which would prevent approvals from carrying over past a transfer - the only downside I see is that if an owner transfers an NFT and later gets it back, their old approvals will still be valid.
This would also necessitate a revokeApproval function (or similar) for removing an approval.

Thoughts?

I think this is difference between ERC721 Non-Fungible token to ERC20 Fungible token.

And I think if you want to clear the previous approvals, you can call approve() again as following:
approve(zeroAddress, tokenId)

I think I’d phrase this a bit differently - at least to me the primary difference between an ERC20 and ERC721 is that an ERC20 contract contains logic for one fungible token of which many tokens can exist (like the contract only has USDC, but there are many USDC), whereas a ERC721 contract has any number of NFTs, but only one of each. (Like if the contract had USDC, Dai, USDT, etc, but there was a total supply of 1 for each (and that 1 couldn’t be split up).

Why would it be an integral part of ERC721 not to allow multiple addresses to be approved on an NFT?

Yeah, just like you said, for Non-fungible tokens, the total supply is 1, so assume you have approved one ERC721 token to Alice, so then in which case are you willing to approve this token to Bob again, and at the same time, want to keep both Alice and Bob can transfer this token. I do not think out a possible scenario.