‘Sirius’ token Launches on Bittrex, Unlocks Liquidity Baking on Tezos

I believe I grasp how an on-chain Multi-Signature transfer works from MultiSigWallet → OtherWallet. I get that for a 2 of 2 Multi-Signature Wallet both Owner 1 and Owner 2 would need to individually sign the hash of the same transaction data for the transfer to occur.

I know that the implementation of on-chain transfers for Multi-Signature wallets becomes slightly more complicated when transferring ERC20 tokens instead of ETH. My understanding of BitGo’s implementation of WalletSimple.sol, is that their method of sendMultiSigToken basically confirms that a required number of wallet owners have signed and then it invokes the token’s transfer(address recipient, uint256 amount) → bool method as specified in OpenZeppelin’s ERC20 contract specification.

So far so good.

My confusion is around what actions a Multi-Signature wallet must now guard against when using the ERC20 approve(address spender, uint256 amount) → bool combined with the ERC20 transferFrom(address sender, address recipient, uint256 amount) → bool methods instead of the aforementioned transfer(...) method.

With transfer(...) it makes sense that you need to ensure that you have the appropriate number of signatures before executing a call to transfer(...). But what happens with the use of approve(...) and transferFrom(...)? My best guess is that now the multi-sig wallet is trying to ensure that both Owner 1 and Owner 2 have signed the same transaction data associated with executing a call to approve(...)? That is, both parties need to sign approve(...) calls just like they would need to sign transfer(...) calls.

My understanding is that once a statement like caller.approve(spender, amount) executes, spender is free to spend the approved amount without any additional signatures from either Owner 1 or Owner 2 so therefore approve(...) needs to be guarded and not transferFrom(...)?

Any clarification or comments on this would be greatly appreciated!