PancakeSwap Behind The Scenes – Reverse Engineering The “Approve” Function

Transcript [Music] hello guys it’s johny time and welcome to another decentralized finance tutorial today we’re gonna start something special something new we’re gonna start some kind of series of multiple episodes where we’re gonna take every single function on pancake swap every function that you are basically doing on the website and we will try to understand behind the scene behind the scenes what it actually is doing in the smart.

    Contract so every transaction that you are sending in day to day basis or maybe weekly basis if it’s transfer swap tokens allow depositing tokens prediction lottery every function will take it for every episode and will understand exactly what it does in order to make you make your knowledge and your education better in define this decentralizing.

    Changes and package swap in particular the first one this tutorial is gonna be about the allow function so this is the function where you every time.

    Click allow if it’s in order to swap tokens or to stake tokens or to enter into farming or provide liquidity or doesn’t matter the alarm function.

    Comes everywhere so we’ll understand today what is this allow function we’ll look at it and we’ll understand the importance of it for the security and what does it actually means but before we start before we start with the tutorial please make sure to subscribe to the.

    Channel and.

    Click the small bell notification button so every time i post this kind of videos and i will keep posting this kind of episodes you will get them as soon as possible and it will be you will be able to watch them and get more decentralized finance education so without further ado let’s jump jump the deep dive into the the approve the allow function on packet swap so i’m i’m i guess that you’re only familiar familiar with pancake soil but it’s swapping adding liquidity et.

    Cetera et.

    Cetera if not please.

    Check out my other videos i have plenty of them on pakistan and d5 in my.

    Channel i will put links in the description below so you.


    Cannot missed it but in this tutorial i’m assuming that you already know what is swap what is farms what are syrup etc etc lottery whatever so right now we are here on the swap interface on packet swap website so if you’re familiar with punk swap you see that every time the first time you are trying to swap a token that you never saw before you will actually have this kind of button enabled so you will not be able to swap it right after immediately but first you will need to a prerequisite will be to send before transaction to allow the smart.

    Contract to use to spend your tokens so now we need to understand why it happens and how it works basically so for this example right now let’s say i want to swap this a single.

    Cake token into busd tokens so the first thing i will need to do is.

    Click here enable.


    Cake what is happening actually right here is it will prompt a metamask a pop-up in order to send transactions as you.


    Can see here allow panic swap finance to spend your.


    Cake token so this is basically how metamask shows me and by sending this transaction i’m allowing one of the smart.

    Contracts we’ll see in a moment which kind of smart.


    Control it is to span and use the.

    Cake tokens that in my wallet your that’s exactly what it means so it means that this kind of smart.



    Can get all my tokens and do whatever he wants with my tokens actually not all my tokens but usually it’s just a specific amount of tokens for example in this.


    Case is 1.06 something something.

    Cakes so another thing that people does not know is actually that you.


    Click here edit permission and right here by default it will be unlimited so actually we are allowing the smart.


    Contract to use whenever any time that we have.

    Cakes in my wallet the smart.

    Contract is able to to span it and to do whatever he wants with it actually and this because it’s unlimited actually i.


    Change it to.


    Costume spend limit and write let’s say this spend limit um or whatever limit that i want and just limit the smart.

    Contact with a.

    Certain amount of limit so it will not be able to spend all my kicks but only a specific amount of.

    Cake tokens so by default it will be unlimited and it will give the smartphone permission to use allow it to use your.

    Cake tokens in that.


    Cake in other.


    Cases whatever token you’re going to swap to the other tokens to use the tokens and the smart.

    Contract needs this kind of permission in order to perform the swap because if you do not allow the smart.

    Contract to use to spend your tokens he basically.

    Cannot do the swap because you.


    Cannot send him he.

    Cannot send in your behalf your.

    Cake tokens transfer them.

    Call the transfer function which is another thing that we’ll discuss on another tutorial so i’m going to.


    Click here.


    Confirm and send the transaction and in a moment we’ll see exactly and we’ll analyze what this kind of transaction is doing exactly we’ll see it on bsc scan we will be able to analyze it and reverse engineer it together so now the transaction has been done and i.

    Can see that the.

    Cake has been approved i basically approved the smart.

    Connect to use my token and now let’s take a look at the transaction so this is bc scan if you’re not familiar with it there is another tutorial where i explain what is bsc scan and how to use it but this is the view of a single transaction that’s been included in the block so you.

    Can see the transaction hash the status is success.

    Confirmations time step etc etc the important things that we need to look at is actually form form is my wallet address basically this is my wallet address because i was this one who initiated and sent the transaction and two actually you.

    Can see that the transaction has been sent to a smart.

    Contract that represents the.

    Cake token every token on binance smart.

    Chain is token of the type of bep20 bap20 this is exactly the same like erc20 on ethereum but just the same implementation on bannon’s margin so almost every token that you will swap or you will have in your wallet will be bap 20 token now you might ask ask why why why there is no different smart.

    Contract for every token and the answer is.

    Cuite simple there are two main reasons to do that the first reason which is the less important one is reuse of.

    Code if someone already implemented a smart.

    Contract that represents a token there is no need to rewrite the smart.

    Contract from scratch and build everything from scratch because we already have.

    Code that does the same functionality that we need which is basically transfer tokens.

    Checking how much balance every single wallet have approving other wallet to spend my tokens etc etc so this is the first reason the secondary reason is basically that all the tokens will have the same kind of further they all inherit the functions from the bap20 tokens and this is super super important because it makes it very easily to integrate the tokens in different platform this is the reason why we you.

    Can swap tokens you buy them on pocket swap and then later you.

    Can sell them on one inch and then later you.

    Can stake them on bakery finance because it’s all the same protocol it all based on the same an inheritance from the same smart.

    Contract of bep 20 token this is.

    Called bap 20.

    Compatible tokens which means that the.

    Cake token as well is bap 20 tokens so now let’s before we take a look at a smart.

    Contract let’s take a look here.

    Click here to see more and then befo let’s take a look at the transaction action first so here in the transaction action you.

    Can see approved.

    Cake token for trade on pack extra powder so this is some kind of summary this is a new feature on bsc scan where they summarized the functionality that basically happened through these transactions and they summarize it really really nice and they’re saying basically you approved the smart.

    Contract that’s.

    Called pancake swap router which is the smart.

    Contract that is responsible for all the swaps that you are doing is basically going through the smart the smart.


    Controller that.


    Called pancake slot router and we approve this smart.

    Contract to spend our.

    Cake tokens now if you want to get a bit more technical we’ll.

    Click here so right here in this button.

    Click to see more and now you.

    Can see actually the transaction the function.

    Call itself and you.


    Can see that we.

    Call the function name approved and we send it two parameters so even if you don’t have any experience with.

    Coding or anything you.


    Can still understand it because it’s.

    Cuite easy to understand so you.

    Can see that we basically send two parameters the first one is the spender this is a parameter with a type of address a wallet and then the second one is integer which is the amount so basically we.

    Call the pool function and tell it who are we willing to letting to spend our tokens and how many tokens we want to spend and now we.

    Can see here two arguments this is the two action this is the method this is basically every function has an id and then the argument number zero which is the spender and then argument number one which is the amount but this is not very intere easy to read because is it it’s in hex that’s extra decimal value so in order to see it in a more much easier way in more human readable way we’ll.

    Click here the.


    Code input data and one once we.

    Click the.

    Code input data now we.

    Can see that the spender the address this is the address and we.

    Can actually.

    Click it in order to jump into this kind of wallet or smart.


    Contract and the amount is unlimited right because we.

    Choose we.

    Chose unlimited on the metamask wallet so we.

    Can see actually that we allowed this some kind of address to spend our tokens.

    Cake tokens and.

    Can you guys guess what kind of who is the spender who is the spanner that we actually allowed to spend the.

    Cake tokens and the spender if you let’s see if you were right is actually the pancake swap router smart.

    Contract which is the smart.

    Contractor that’s responsible for every swap that you are doing on packet swap let’s verify it and now open this kind of wallet address in a new tab and now you.

    Can actually see here that this is a.

    Contract and the.


    Cuarterback means banking swap router of v2 this is a version two of the router of the packet swap platform and this is the pancake swap router and that’s exactly how we expected now let’s take a look at the.

    Contract of the.

    Cake token because remember we.

    Call the function approve the function exist on the.


    Cake token smart.


    Contract and we are basically telling the.

    Cake token smart.

    Contract listen we want to let the pancake swap router smart.

    Contract to use our.

    Cake to spend our.

    Cake tokens so now let’s take a look at the pool function so i’m gonna open here the pancake swap.

    Cake token and don’t worry i will put all the links in the description below so you.

    Can do the reverse engineering by yourself and learn by yourself and i actually recommend you to look at it by yourself in order to learn and understand more how it works so you.

    Can see here that right now we jumped into the packet swap.

    Cake token which is the smart.

    Contract where we.

    Call the function approve now we’re going to go into the.

    Contract tab and we’re going to open the.

    Code here so you.

    Can actually go and scroll down and look for the function but there is actually easier way you.

    Can outline.

    Click here the outline button and look for all a summarize of all the functions so we’ll scroll down a bit and you.

    Can see that this is ibep20 because the.

    Cake token is is inherited is basically inheritance doing inheritance for this kind of smart.

    Contacts of web 20 address a lot of imports of different smart.

    Contracts but this is the.

    Contracts that interesting for us is.

    Cake token so we’re gonna.

    Click here and automatically it will jump into the smart.

    Contract or maybe to the function so you.

    Can see here that the.


    Cake token is bep 20.

    this is inheritance which means that the.

    Cake token is type of bam 20 and he’s going to implement it he needs to implement all the functions that are in back 20 which is the a native token in binance merchant to preserve the same protocol for all the tokens so now we.

    Can see all the function there is function.

    Called mint to mint tokens delegates etc etc but we are interested in the approve function and actually the pull function will not be here because it’s already implemented on the bap 20 smart.

    Contract the.

    Cake token does not need to implement it itself because it’s already implemented for every token on the balance margin so we’ll go up a bit to bap 20 and right here we go into app allowance approve this is the function that we are looking for so right now this is the function function improve and you.

    Can see that it gets these two arguments spender and amount all right so here is the pool function and right now you.

    Can see this is an internal function basically there are two functions one is external and one one is internal the external is available to everyone to.

    Call from the external world and the internal is only available to be.

    Called within the smart.

    Contract but it’s too technical so we’re not gonna jump into this but we’re gonna just gonna see this approve function and understand what it is so basically excuse me so you.

    Can see right here that the pull function gets the owner the spender and the amount the owner is being sent from the public function but this is basically the wallet who sent the transaction which is my wallet and you.

    Can see that right here that there are two required lines here to.

    Check that actually the owner is an existing address and if not that transaction will be reverted and also the spender is existing address and now what will happen is basically there is an uh some kind of um not array but a mapping object here and we are allowing here the we basically there is an object that we.

    Call the owner we we select basically the.

    Cell with the owner and then the spender and then we equal the amount so there is a kind of mapping object that maps every owner what kind of spenders he letting to use the tokens so let’s say there is an it like if you’re familiar with python it’s like dictionaries in javascript also dictionaries and here it’s.

    Called mapping so you have an object this object.

    Called allowances and now we have a lot of addresses one of the addresses is my wallet and once you get into my wallet you have an a lot of addresses which are all the addresses that i allowed to spend this kind of.

    Cake token all right and and of.

    Course there will be the amount so it will be object of allowance then it will be wallets that allow other wallets to spend the.

    Cake token then for my wallet it will be all the spanners that i approved and then for that it will be matched the amount of rick tokens that i allow to every spender to spend and you.

    Can see right here there is an emit.

    Command which actually flags and fires an event into the blockchains in order to for funded application to so they.

    Can know that actually something happened on the blockchain and this is an event that shows that actually someone approved other spender to spend the.

    Cake tokens so this is the pull function at a glance and i wanted to uh to explain it to you because this is super important function because you have to understand that right now the smart.


    Can do whatever he wants with all your.

    Cake tokens this is super important and what you want to do next is.

    Check all the spenders that you allow that maybe you allow to another defy app which is scam eventually the scam and now the smart.

    Contract still is able to spend your tokens this is super super dangerous and you want to make sure that you don’t allow to too many addresses to spend your tokens so in order to.

    Check it you.

    Can go to this kind of website which is.

    Called app and wreck an and basically this website you.


    Connect your wallet and it will show you all the allowance that basically in the past you allowed other spender to other spenders to spend tokens in all the history and actually to revoke it best revoke it back and remove the access to spend the tokens so right now this is the most recent function that i.

    Called basically the most recent transaction that i allowed the pancake swap router to spend my.

    Cake tokens and you.

    Can see right now all the history this is the muke from the previous tutorial about the bakery swap and masterchef from previous tutorials that i just show you examples but this is the recent transaction you.

    Can see actually here the block number this is the most recent transaction that we just did now so if we go back to the pancakes for platform and we see that right now the enable button is grayed out and the swap button is uh highlighted because now we allow the.

    Contract to spend our tokens and the user interface is aware of this fact so now we are going to revoke the access of the smart on.

    Contract to spend our tokens and we’re going to remove the allowance so we’re going to.

    Click here revoke and it will prompt another meta mask pop-up in order to send a transaction and we’re gonna send the transaction and then of.

    Course analyze it on the blockchain so the transaction has been sent we will refresh the page here of my wallet to see the transaction and this is the transaction so let’s get into the transaction it’s the same method right so we.

    Call from the same wallet to the same.

    Contract to the.

    Cake to.


    Contract and now let’s get into the transaction details revoked.

    Cake from trade of pakistan router will remove the access and this is the exact same transaction just this time the amount will be zero you see this is the only difference so basically we.

    Call the same function again the pool function but this time with amount zero and we’re removing the access from the pancreas operator smart.

    Contracts from using our.

    Cake tokens and sending them through and and now if you will go back to the pancake store platform and we’ll refresh this page we’ll see that now the swap token will be grayed out and the enable token will be activated let’s.

    Confirm it.

    Code and there you go guys so now enable kick you.

    Can see here that i need to enable the token again because i revoked the access using this kind of a website and sending an allow transaction with zero amount so this was the first tutorial and first um guide about the pumpkin swap back end parking spot behind the scene we learned what is the allowance function what is allow what happens when you allow tokens doesn’t matter if it’s in the swap function or the farms or the adding liquidity this is all the same all the smart.

    Contracts need to use your token so first you need to allow them to spend your token so we understand how it is we looked at the smart.

    Contracts and we reverse engineered it in order to understand better and i hope you guys liked it please let me know if you have any.

    Cuestions in the.

    Comments below i always like to talk with you and discuss with you and i learn even more from your.

    Comments or if you have any suggestions what interests you what kind of other videos you want me to make behind the scenes maybe other things other platform other functionalities i will be more than happy to listen and again please make sure to subscribe to the.

    Channel and.

    Click the bell notification button and please.

    Consider smashing this like button so this video will get to as many people as we.

    Can and they.

    Can learn more about defy and pocket swap in particular thank you so much once again for watching my videos and i will see you

Notify of
0 Comentários
Inline Feedbacks
View all comments