Everyone tells you to revoke token approvals to prevent getting hacked.
But no one tells you how to actually do it.
Today, I’ll be revealing my step-by-step process that keeps your crypto wallet safe:
First, let's explain token approvals.
They are permissions given to a smart contract for interacting with tokens in your wallet.
This is needed for any smart contract, but here lies a major risk:
If you give an approval to a malicious smart contract, it can drain the funds in your wallet.
This was seen in the Galxe hack, where they tricked you into signing an approval.
This allowed them to steal funds from users' wallets.
But, here's the good news:
Token approvals can be revoked.
This means that you remove the permissions given to the smart contract.
Here’s how to do this in 3 steps:
Step #1: Identify the malicious smart contract
This can be the hardest part if you haven’t used a block explorer before.
The address should start with ‘0x…’
Here are some other ways to find the address:
❍ Use @DeDotFi shield to find malicious smart contracts
❍ Sort Revoke cash by 'Last Updated'
If you’re still not sure how to find the smart contract, feel free to DM me.
Once you’ve identified the malicious smart contract, here's what's next:
Step #2: Paste the contract address on an approval revoking tool
There are a few, including:
❍ @DeDotFi
❍ @RevokeCash
❍ Block explorers
Before pasting the smart contract, here’s one more thing to do:
Use the correct network on the smart contract
E.g. if the smart contract is on Polygon, it may not be available on other networks.
So you’ll need to switch your network to Polygon to identify it.
After pasting the contract address, we can move on to the last step:
Step #3: Revoke the approval
This is an on-chain transaction, so it’ll cost some gas.
💡 It can be expensive on certain networks like Ethereum.
And that’s it!
I would suggest making this a habit, especially for smart contracts that you only interact with once.
I’ve been too lazy on this part, but I’m hoping to change it too!