Revoking DAPP Access

•

Back in February of 2022, Opensea was hacked. The solution? "revoke access". Many people used fake revoking sites and got pwned even harder. Let me show you how to revoke access without getting hacked in the process 👻

It's not as simple as "google revoke access and click the first link" Not too long ago fake revoking sites popped up, pushing users to revoke access. But, when you used the website linked it would hack you and steal your assets 🤯 twitter.com/bee_sec_san/status/1512399889103171584?s=20&t=PPhPLQYig6faxW7-GYWX6Q

❓ Did you know your wallet likely already supports revoking access? And it doesn't cost gas like the other options! You should always use your wallet first before an external website‼ Here is how to do it on Metamask: twitter.com/bee_sec_san/status/1509153559048179717?s=20&t=PPhPLQYig6faxW7-GYWX6Q

For @argentHQ you'll want to: 1. Go to your accounts screen 2. Click "settings" and then "connected DAPPs" 3. Disconnect from the DAPPs! As you can see, I rarely do this 😅 But ideally you'd have a spring cleaning every month or so!

If your wallet does not support DAPP permission revoking, then use Etherscan: 1. Go here etherscan.io/tokenapprovalchecker 2. Connect your wallet 3. DIsconnect from all sites Do not use third party sites like revoke.cash before trying your wallet / Etherscan!

Finally, if all else fails and: 1. Your wallet does not support revoking permissions 2. Etherscan does not support your wallet Then you can use a site like revoke.cash. Make sure it's a legit site, revoking a smart contract is a smart contract!