Approvals
When you interact with a dapp, there are two types of permissions you are granting:
You grant the dapp permission to access your wallet when you initially connect your wallet. In this instance, you are allowing the dapp to access your public key and see your wallet balances and activity.
You approve your tokens to be used in order to complete a buy or trade. This step is referred to as “token approval” (or “token allowance”) because you are allowing the dapp to directly interact with your tokens and complete a transaction. You usually only have to complete a token approval once.
Since token approval requests usually ask for unlimited access to your token balance, if there is a security vulnerability, all of the assets in your wallet could be exposed. Depending on how severe the security vulnerability is, disconnecting your wallet from a dapp may not be enough to fully protect your assets.
To minimize this risk, we suggest that you build a habit of checking your existing token approvals. You can revoke your existing token approvals in the Approvals Section. This will trigger an additional confirmation to complete a transaction.
Reasons to revoke token approvals
Limit the risk of your wallet being exposed if there’s a security vulnerability
You don’t plan on using that dapp anytime soon
You no longer trust the dapp or its smart contract
You did not intend to connect to that dapp
Last updated
