The approve method in ERC20 is susceptible to the Transaction Ordering Dependence (TOD) attack. A malicious spender can wait for the approver to change the allowance from x to y and include a transaction to spend x tokens. If the spender's transaction will be executed before the approver's transaction, then the spender will successfully transfer x tokens and will gain the ability to transfer another y tokens.

One possible solution to resolve this condition is to first reduce the spender's allowance to 0 and set the desired value afterwards. The recent standards also include increase and decrease approval methods to safely change the approval limit. These functions avoid the need to call the approve function twice and wait until ...