In order to avoid users to approve repeatedly, dApp developers usually set the maximum number of approved tokens to smart contracts by default. If there is a vulnerability in the smart contract or the contract administrator is evil, the user's tokens will be at risk. So when a dApp applies for token approval, users need to understand the approval information and control the number of approved tokens to reduce the risk if necessary.