|
| 1 | +#show-card |
| 2 | + |
| 3 | +## What is Revoke.cash? |
| 4 | + |
| 5 | +[Revoke.cash](https://revoke.cash/) is a security tool in the [[Web3]] ecosystem that helps users manage and revoke token allowances (approvals) granted to different smart contracts and decentralized applications ([[DApp]]s). It provides a user-friendly interface for crypto users to monitor, control, and revoke permissions they have previously given to various protocols to spend their tokens. |
| 6 | + |
| 7 | +## Understanding Token Approvals |
| 8 | + |
| 9 | +In [[Ethereum]] and [[ERC-20]] compatible blockchains, when interacting with dApps and protocols like decentralized exchanges ([[DEX]]s), lending platforms, or [[NFT]] marketplaces, users often need to grant these applications permission to access and transfer tokens on their behalf. This is done through the `approve` function in the ERC-20 standard. |
| 10 | + |
| 11 | +These approvals come in two forms: |
| 12 | +- **Limited approvals**: Permission to spend up to a specific amount of tokens |
| 13 | +- **Unlimited approvals**: Permission to spend an infinite amount of tokens (most common) |
| 14 | + |
| 15 | +## Why Revoke.cash is Useful |
| 16 | + |
| 17 | +### Security Risks of Unlimited Approvals |
| 18 | + |
| 19 | +Many dApps request unlimited token approvals for user convenience, but this creates significant security risks: |
| 20 | + |
| 21 | +1. **Vulnerability to exploits**: If a dApp you've approved is hacked or has a vulnerability, attackers could drain all approved tokens |
| 22 | +2. **Smart contract risks**: Bugs or backdoors in approved contracts could lead to loss of funds |
| 23 | +3. **Forgotten approvals**: Users often forget which dApps they've granted permissions to over time |
| 24 | + |
| 25 | +### Benefits of Using Revoke.cash |
| 26 | + |
| 27 | +- **Visibility**: See all active token approvals across multiple chains in one dashboard |
| 28 | +- **Control**: Selectively revoke unnecessary or risky approvals |
| 29 | +- **Security**: Reduce attack surface by managing approval permissions |
| 30 | +- **Multi-chain support**: Works across Ethereum, Polygon, BSC, and many other EVM-compatible networks |
| 31 | +- **Risk reduction**: Minimize potential losses from smart contract vulnerabilities |
| 32 | + |
| 33 | +## Best Practices |
| 34 | + |
| 35 | +1. Regularly audit and revoke unnecessary token approvals |
| 36 | +2. Only approve the exact amount needed for a transaction when possible |
| 37 | +3. Revoke approvals immediately after completing transactions with a [[DApp]] |
| 38 | +4. Use [[hardware wallet]]s for additional security when managing approvals |
| 39 | + |
| 40 | +Revoke.cash has become an essential security tool for responsible Web3 users, helping to mitigate one of the most common yet overlooked security risks in the ecosystem. |
| 41 | + |
0 commit comments