Yes, blind signing is bad, and we should address it.
Yes, “balance after transaction” check is a good solution, but it’s still blind signing, because the function args require comprehensive display from wallets, especially with hard wallets.
I believe this contract should be callled “router” instead of “proxy”. Because it holds token approval and spent them the same way DeFi peripheral router contracts do. The exactly same idea is proposed, implemented and audited 3 years ago: ERC-6120: Universal Token Router.
But to completely remove the blind signing UX, we need something like this: ERC-TBD: Intent-Based State Transition.