Wed. Aug 10th, 2022

If you’re a DeFi (decentralized finance) user, do you actually know who can access your tokens? Are you sure that the dapps (decentralized apps) and smart contracts you use can’t access an unlimited amount of your tokens? Most importantly, how can you check that?

Source: iStock/DNY59

Numerous dapps and their smart contracts require you to grant access to an unlimited amount of tokens. While it does help you to improve your user experience, one signature is enough for all future transactions.

This also means that buggy, untrustworthy, and exploitable contracts might drain your account at any time. At the same time, there is no such thing as expiring permission yet, one approval will leave your wallet open for good, and there is no easy way to remove it.

However, there are tools like Token Allowance Checker (TAC) or Approved.Zone that might help you to audit your allowances.

Created by Ethereum developer Michael Bauer, Token Allowance Checker is a tool that checks your complete Ethereum transaction history and looks for ERC-20 approvals. Then, it collects all ERC-20 token contracts, as well as spender all addresses approved by you in the past.

Alternatively, you can use Approved.Zone, which does precisely the same.

By presenting all token approvals, these tools allow you to edit or delete the allowance amounts and thus protect you from malicious dapps that could spend tokens without your consent.

DeFi is still a nascent sector and there are many risks associated with smart contract exploits, bugs, and hacks, so be sure to be safe rather than sorry.

Leave a Reply

Your email address will not be published.

Pin It on Pinterest