Many thanks @abcoathup!
Here's a link for the slides of "Shaky ERC20 Allowances".
The gist of it is that approve(spender, MAX_UINT)
is NOT safe and developers should consider using one of these alternatives:
- ERC-777 (non-backwards compatible)
- ERC-1155 (non-backwards compatible)
- Approve & Transfer (backwards compatible, slightly worse UX)