In order to prevent wallet approvals from compromising your assets, it is important to understand what exactly they are and what they can do.
What are wallet approvals?
Wallet approvals refer to the process of granting permission to a smart contract or decentralized application (dApp) to interact with your wallet and perform certain actions on your behalf. These actions can include transferring tokens, accessing your account balance, or executing specific functions within the dApp. For example, if you want to list an NFT on OpenSea, you will have to give OpenSea approval to list and move the asset if sold from your wallet. This approval is performed on-chain, therefore if the OpenSea smart contract is exploited, you are giving an attacker the same approvals to your assets allowing them to list, sell , or move your asset.
Why should I revoke approvals?
These approvals may put your assets at risk, so you should revoke approvals you no longer need. If you don't plan on selling a specific NFT or token that has value, there is no reason to leave an open approval for it in case the smart contract gets exploited in the future.
For example, if you have an open approval to list your NFT on OpenSea or Blur, and you end up signing a gasless signature you do not understand, or if the smart contract tied to the approval is exploited (which has happened with both OpenSea and Blur in the past), it has the approval to auto-list your NFT for 0 ETH in a private sale to the attackers wallet, which would auto-execute and empty the asset you gave approval for.
How do I know if I am dealing with a safe approval?
Wallet approvals can pose security risks if not properly understood or managed. Before granting approval, it's crucial to carefully review the permissions requested by the dApp and ensure that you trust the smart contract and its developers. Additionally, regularly reviewing and managing your approved wallets can help maintain control over your assets and minimize potential risks.
How do I manage my wallet approvals or revoke a high risk approvals?
With Wallet Guard you can perform a security scan to audit all your approvals, see their risk factors and revoke them directly on-chain.