■ Description

Some tokens (e.g. UNICOMP) revert if the value passed to approve or transfer is larger than uint96.

Both of the above tokens have special case logic in approve that sets allowance to type(uint96).max if the approval amount is uint256(-1), which may cause issues with systems that expect the value passed to approve to be reflected in the allowances mapping.

■ Example

https://github.com/d-xo/weird-erc20/blob/main/src/Uint96.sol

■ How to protect against this attack?

If you approve the amount type(uint256).max , you should check the tokenAddress.

■ Resources

https://github.com/d-xo/weird-erc20#revert-on-large-approvals--transfers