Why Do We Need WETH?
6 minutes
Mar 9th, 2023 - 11:24 am
Perhaps one of the more confusing topics for our students is why exactly we need Wrapped ETH (wETH) and how it differs from ETH. One of the first things we like to disambiguate for students is how tokens actually work. Token standards, marketplaces, and wallet software obfuscate what is actually happening under the hood when you interact with a token. Even applications like Revoke.Cash confuse folks, and they are constantly asking questions like “why can't we revoke all these approvals at once?”. I hope to answer some of these questions and more in this article!
Image taken from the now defunct weth.io illustrating the wrapping/unwrapping process.
What Is Wrapped Ethereum (wETH)?
Wrapped Ethereum is the ERC-20 compatible version of ETH that uses a non-upgradeable contract with five basic functions: Approve, Transfer, TransferFrom, Deposit & Withdraw. Every token on the Ethereum network is just a smart contract that may or may not conform to a set of standards. It is important to note that when you interact with a token in your wallet, you are only able to do with it what the contract of that token allows. Therefore, whenever you spend, move, or give permission to one of your tokens, it must happen on the contract itself. This is why we are insistent that folks use Bookmarks in their wallet for contracts of tokens in their wallet, as it will alert you if someone is trying to interact with a particular token contract in your wallet! For more information on this, check out our article: All About Approvals.
| Function Name | Description |
| Approve | Allows contract addresses or other EOA addresses to utilize the wETH in your wallet as if it were owned by the approved address. This is commonly used by marketplaces to allow users to bid, etc. |
| Transfer | When you are moving tokens from your own wallet to another, calling transfer is the recommended action. |
| TransferFrom | TransferFrom can utilize the Approval method from above. If a wallet has an Approval to use tokens in your wallet, the TransferFrom method is called to facilitate the Transfer action. The difference is explained in a little bit more detail in this article. You can also call this method when transferring tokens, and oftentimes marketplaces will prompt you for this method as well, even when not doing a bulk transfer. |
| Deposit | The Deposit function Deposits ETH into the Wrapped Ethereum contract, and mints the depositor an equal amount of wETH. |
| Withdraw | The Withdraw function Withdraws wETH from the Wrapped Ethereum contract, and returns the ETH that was in the contract. |
Wrapping ETH into wETH gives ETH ERC-20 compatibility, which makes ETH interoperable with other ERC-20 tokens on the Ethereum network, and allows them to be exchanged seamlessly, and treated with the same methods in popular DeFi protocols like Uniswap, GMX, or Aave. The term “wrapping” is a bit of a misnomer, which really just refers to exchanging your ETH for wETH (or vice versa) via this contract to have a token that can be used more seamlessly across DeFi platforms, and for making bids/offers on NFT Marketplaces such as Opensea.
Image taken from the now defunct weth.io illustrating the frictionless exchange of tokens and WETH in Smart Contracts.
Unfortunately, we can't do this with ETH itself, since it existed before the ERC-20 standard was created. We call ETH the “Prototoken of the Ethereum Network” in that regard. There was a proposal to make ETH ERC-20 compatible (which in turn would make wETH unnecessary), but with the UI/UX challenges of wallets we have today, and the proliferation of wallet-draining scams, we're glad that hasn't happened yet! More on this later…
ERC-20s and Looking at Etherscan
As we linked above, whenever we interact with a token, we are simply interacting with the smart contract that controls it. Pop open etherscan and look at some of the methods available on some of your favorite ERC-20 tokens. Anything interesting that you notice about them?
1) Apecoin: Notice this has a couple of methods the wETH contract doesn't have. A lot of ERC-20 tokens have a method called “Increase Allowance”. This is functionally the same as Approve for ERC-20 contracts and has been at the helm of many hacks & scams in DeFi, including the infamous BadgerDAO hack that bamboozled our founder in 2021. because even over a year later, Metamask still surfaces the Increase Allowance method like this (screenshot below) which makes it difficult for users to understand what is happening. We talk more about this in our All About Approvals Article.
2) USDC: You'll notice this contract is what we call a “Proxy” contract. We go into this in more detail in our 102 class and in our “All About Proxy Contracts” article, so feel free to check them out. Just take note that they are contracts that can be “upgraded” and have the logic of their contract executed outside of the primary contract.
3) Check out Coingecko and click on some coin names you do or don't recognize. You'll see on the top under the Info heading that if it is an ERC-20 token, it will have a contract with an etherscan link right there! Poke around and explore!
But Why Can't We Just Use ETH?
One challenge I like to posit to our students is “If you wanted to go directly to the ”ETH Contract" to manipulate ETH in Etherscan, where would you go?" This contract of course does not exist, and everything ETH can do is built into the core code of Ethereum itself. ETH is limited in what it can do. You can Transfer it, use it to pay for gas, and add it as a cost for a method (think Mint, for example). Beyond that, you can't do anything too complicated with it.
This graphic was taken by the now defunct weth.io demonstrating ERC-20 Incompatibility of ETH
If we didn't have Wrapped Ethereum (wETH), then how would NFT marketplaces work? Well, for one thing, you couldn't have bids open on multiple platforms with the same amount of ETH. Anyone who has ever done any offers on Blur knows exactly what I'm talking about! On that platform you have to deposit ETH into their platform, which effectively “locks” you into that ecosystem. The benefit of wETH is that I can make offers on multiple NFT marketplaces at once, and only have the money debited from my wallet once an offer gets accepted on said marketplace.
The big key is that you can't make an Approval on ETH, so none of these offers are possible to make in the same way. You would have to lock up that money, which is effectively the system that Superrare and Foundation use for their bidding/auction mechanism. The benefit to this method for the platform is that they know that offers can't be invalidated last minute by Revoking access of your wETH to the platform, eliminating the possibility of fake bids. But for the average user, being able to make bids by simply doing a signature off-chain is way more preferable from a cost-savings perspective than sending ETH every time. No locked-up money, and once the approval is made, no more paying gas!
Security Benefits of Having ETH <> wETH?
Having wETH represents a huge usability and security hurdle for web3 and for the ethereum blockchain in general. In the beginning of our free 102 courses at Boring Security, we always ask the following question: "Can anyone tell me what the &*$% is wETH and why we need it?". We get a bevy of answers ranging from “because marketplaces use it” to “its cheaper to use” to “i dunno bro, u tell me”. Very rarely does a student get the correct answer before we explain it. Keep in mind these students are usually relatively experienced NFT users & buyers. This represents a huge challenge to the ecosystem.
That said, knowing how to utilize approvals, signatures, and multiple wallets effectively can help you protect your wETH and other tokens such as NFTs, apecoin, etc. Also, it is important to note that ETH CANNOT be taken from your wallet unless you are a) toying with advanced wallet settings and sign a deprecated signature type, b) you lose your seed phrase, or c) you pay ETH as part of a tx cost (for a method like “Mint/Redeem[common scam]/Security Update[common scam]”). So how do we use wETH properly? Well:
1) Only approve a small amount of wETH to the marketplace that you are using. You can edit the amount of wETH you can use with the linked article. Doing infinite amounts is bad practice!
2) Keep most of your funds in ETH, as they cannot be pulled from your wallet with Approvals and ETH is safe as long as your seed phrase is safe!
3) Revoke.Cash and Approvals.xyz are good to check periodically for not just wETH, but for all your tokens. Both services will update your approved amounts that remain (so if you originally approved 5wEth to a platform, spent 3wEth, it will show 2wEth approved) whereas the etherscan token approval checker does not do this.
4) Understand how signatures work. It is possible to sign away wETH without even knowing it if you are not careful with what and where you sign messages. Learn more about this in our Safe Signing 101 article.
Want More Info on wETH?
This article by Cointelegraph explains how to acquire it, as well as explains it as well.
An Opensea article that explains wETH with in depth screenshots on how to use and acquire it on their marketplace.
Have any questions or want to learn more about web3 security and stay up to date on the most current security information, scams, and tactics? Join us in our discord at https://discord.gg/boringsecurity .
