Talisman
  • 🧿Introduction
    • Welcome to Talisman
    • Talisman Wallet
      • Extension Feature Highlights
      • Extension Views
    • Talisman Portal
      • Portal Feature Highlights
      • Spirit Keys and Commendations
  • 🌠GETTING STARTED
    • Installing Talisman
      • Download the Extension
      • Create a New Account
      • Back Up Your Secret Phrase
    • Importing Existing Accounts
      • Import from Polkadot.JS
      • Import Ethereum (EVM) Accounts
      • Watched-only Accounts
    • Importing External Wallets
      • Import from Ledger
      • Import from Polkadot Vault
  • 🧿Customizing Talisman
    • Customizing Talisman
      • Multi-Language Support
      • Multi-Currency Display
      • Wallet Options
    • Managing Accounts
      • Account Maintenance
      • Multi-Recovery Phrase Management
    • Change Password
    • Managing Networks and Tokens
      • Joining EVM Networks
      • Opt-in or out of Networks
      • Adding Custom Tokens
      • Adding Custom Substrate Networks
  • 🔮Navigating WEB3
    • Sending and Receiving Funds
      • Copy Address /Receive Funds
      • Sending Funds
      • Reading Transaction Details
      • How to use ENS in Talisman
    • Using the Address Book
    • Using Talisman with a Website/dApp
      • Connect your wallet to a Website/dApp
      • Switching Networks and Accounts on Dapps
      • Token Approvals
    • Using the Talisman Portal
      • Portal Portfolio
      • Your NFTs
      • Explore Polkadot
      • How to Stake on Talisman
      • Transaction History
      • Auto Asset Discovery
    • Ethereum Signing Requests Analysis
    • Substrate Features
      • Get your first DOT / KSM
      • Existential Deposit
      • How to Reap your Account
  • 🛠️EXTERNAL RESOURCES
    • EVM Chain Integration Requirements
    • EVM Integration for Dapps
    • Substrate Integration for Dapps
    • Brand / Media Kit
  • 🎒ABOUT TALISMAN
    • Knowledge Base
      • Polkadot / Kusama Glossary
      • Useful articles / guides
    • Wallet Release Notes
    • Security
    • Privacy Policy
    • Terms of Use
  • 🆘Help and Support
    • Troubleshooting
      • Metamask and Talisman popup priority
      • Balances on Brave not showing
      • Substrate transaction fails due to existential deposit
    • FAQ
Powered by GitBook
On this page
  • What is an ERC-20 token approval?
  • How can an ERC-20 token approval compromise my wallet?
  • Is it enough to "disconnect" my wallet instead of revoking allowances?
  • Can hardware wallets save me from allowance exploits?
  • How can I revoke these token approvals if my wallet has been compromised?
  1. Navigating WEB3
  2. Using Talisman with a Website/dApp

Token Approvals

PreviousSwitching Networks and Accounts on DappsNextUsing the Talisman Portal

Last updated 1 year ago

What is an ERC-20 token approval?

An ERC-20 token approval is a method of allowing a smart contract or another address to withdraw funds from the address sending the transaction. In most cases, this has to be done before a token trade or depositing funds into a smart contract like adding liquidity. Most protocols have users approve an infinite amount of tokens so they would never need to approve the asset again, but this can be dangerous.

How can an ERC-20 token approval compromise my wallet?

Once an approval is granted, some smart contracts may be able to execute transactions without further approval or action from the wallet owner. Another method scammers use is having users give a token approval to the scammer's address so the scammer can steal legitimate tokens later.

Is it enough to "disconnect" my wallet instead of revoking allowances?

No. Disconnecting your wallet does not do anything to protect you from allowance exploits - or most other exploits. The only thing that happens when disconnecting your wallet from a website is that that website cannot see your address any more. But your allowances stay active.

Can hardware wallets save me from allowance exploits?

No. In general, hardware wallets are much safer than mobile or browser-based wallets because the wallet's keys are securely stored on the device, making it impossible to steal the keys without proper access to the device. But with allowances no one needs to steal your keys to take your tokens. And because of that hardware wallets offer no extra protection against allowance exploits.

How can I revoke these token approvals if my wallet has been compromised?

v 1.1

We suggest using which works across all Polkadot EVM networks to revoke token approvals.

🔮
https://revoke.cash/