Allow transferFrom(this, ...) by default

[rainbreak]

Users / contracts should always be able to use transferFrom from themselves, without setting approval or trust first.

Then transfer can just be defined as

function transfer(address guy, uint wad) {
    transferFrom(msg.sender, guy, wad);
}

The following illustrates some nuances of this change:

// example of default-self-approval causing problems
contract UserVault is DSAuth {
    DSToken token;

    function allow(uint amount) auth {
        token.approve(this, amount);
    }
    // previously, this would be limited by the approval set by `allow`,
    // but with default-self-approval any amount can be withdrawn
    function withdraw(uint amount) {
        token.transferFrom(this, msg.sender, amount);
    }
}

// how to properly implement this in default-self-approve world
contract SaneUserVault is DSAuth {
    DSToken token;
    uint allowed;

    function allow(uint amount) auth {
        allowed = amount;
    }
    function withdraw(uint amount) {
        require(amount <= allowed);
        allowed = sub(allowed, amount);      // sub is overflow safe
        token.transfer(msg.sender, amount);
    }
}

[nmushegian]

brilliant

[nmushegian]

can i pull this

[rainbreak]

@nmushegian yeah go ahead