What is Revoke.cash?
Revoke.cash is an Approve management DApp with a simple and user-friendly interface. It allows users to view and revoke obsolete authorizations, enhancing user control and security over their assets.
Authorization is a mechanism that allows third-party contracts to use a specific amount of tokens on behalf of the user. This mechanism helps to facilitate liquidity provision and transaction functions but also has some potential risks. For example, if a user grants authorization to a malicious contract and fails to revoke it promptly, the malicious contract could misuse this authorization to transfer the user's tokens at will. This could lead to financial losses for the user and pose a security threat.
As of now, Revoke.cash supports managing authorizations in networks such as Ethereum, Arbitrum, Optimism, BSC, Polygon, and Avalanche. Click here for more information about Revoke.cash.
How to Use Revoke.cash in imToken
1. Open the ETH wallet in imToken, tap the token you want to manage (such as USDT), tap the Token Function ◎ button in the bottom left corner, and select “Revoke” to enter the Revoke page. Then tap “Confirm” to connect your wallet and check the approvals.
Note: If the page is displayed in another language, scroll to the bottom and switch to English.
2. If you want to manage authorizations for other networks, such as BSC, Polygon, etc., you can switch networks directly on this page by clicking the network dropdown menu.
3. Scroll down to the bottom of the page to view the approved status of the account. Check your approved amounts, the approved Spender, and the last updated list.
If you want to revoke an approval, find the token or NFT in the approved list that you want to revoke, swipe left, and click “Revoke.“ Confirm again on the pop-up page to cancel the approval.
4. After the cancellation is done, return to the wallet home page and click "Activity" to check the status of the transaction. When the status changes from "Pending" to "Successful", it indicates that you have successfully canceled the approval.
5. If you want to change the token approved amount, click the "✏️" icon to the right of the amount to edit it. After entering the new value, click "Update" and confirm again on the pop-up page.
The middle picture above shows "Approved Spender" including Uniswap, Aave, etc. This is because when we trade in DEXs, we need to approve first to allow DEXs to complete token swaps.
However, if you find an unfamiliar address in the Spender column and you do not recognize or understand who controls that address, it is likely a scammer's address. Please cancel the approval immediately!
FAQ
Q1. If I have an "Unlimited" authorization, does this mean my entire portfolio is at risk?
A: "Unlimited" authorization is limited to the specific tokens or NFTs you authorize. For example, if you provided unlimited authorization for DAI, all your DAI might be at risk, but the rest of your portfolio won't be affected. Similarly, your "unlimited" authorization for Bored Ape won't affect your CryptoKitties.
Q2. Is my wallet safe if I disconnect it from a DApp, rather than revoke the authorization?
A: No. Disconnecting your wallet from a DApp does not protect it from the effects of authorization and related vulnerabilities. When the DApp and wallet are disconnected, it only means that it can no longer see your address, but the authorization for a third-party contract on that website still remains valid.
Click to know more about the FAQ of Revoke.cash.
End
For best security on large amounts of crypto, consider our hardware wallet, imKey. imKey also allows users to manage authorization.
Risk Warning: The content of this article does not constitute any form of investment advice or recommendation. imToken does not make any guarantees and promises for the third-party services and products mentioned in this article, nor assume any responsibility. Token investment has risks. You should carefully evaluate these investment risks and consult with relevant professionals to make your own decisions.