Risks of whitelisting OpenSea Proxy addresses in NFT contract code

mow · February 21, 2022, 6:00pm

I came across this recent warning about overriding isApprovedForAll method in NFT contracts:

gist.github.com

https://gist.github.com/dievardump/483eb43bc6ed30b14f01e01842e3339b#warning-

README.md

# Warning !!!

Recent events have shown that the auto-approval for user proxies is **way too dangerous**.

Security of users' NFTs should come before the convenience of auto approving collection for trading.

This is why I decided to remove the files in this gist.

OpenSea's documentation still recommends to do the overriding to reduce friction in sales transactions on their platform:

What does everyone think about the risks?