Coinbase Wallet

Dapp permissions and token approvals

When you interact with a dapp, there are two types of permissions you are granting:

1. You grant the dapp permission to access your wallet when you initially connect your wallet. In this instance, you are allowing the dapp to access your public key and see your wallet balances and activity.


2. You approve your tokens to be used in order to complete a buy or trade. This step is referred to as “token approval” (or “token allowance”) because you are allowing the dapp to directly interact with your tokens and complete a transaction. You usually only have to complete a token approval once.

Since token approval requests usually ask for unlimited access to your token balance, if there is a security vulnerability, all of the assets in your wallet could be exposed. Depending on how severe the security vulnerability is, disconnecting your wallet from a dapp may not be enough to fully protect your assets.

To minimize this risk, we suggest that you build a habit of checking your existing token approvals. You can revoke your existing token approvals. This will trigger an additional confirmation to complete a transaction.

Reasons to revoke token approvals

  • Limit the risk of your wallet being exposed if there’s a security vulnerability

  • You don’t plan on using that dapp anytime soon

  • You no longer trust the dapp or its smart contract

  • You did not intend to connect to that dapp

Note: You will have to pay a gas fee when you revoke or set a spend limit on a token approval.

To revoke token approvals:

  1. Open setting in your Coinbase Wallet and select Token allowances

2. Select the token allowance you’d like to revoke by clicking 'Revoke'. Note that there is a network fee for revoking allowances.

3. Confirm and accept the network fee. Note: If you do not have enough in your wallet to cover the network fee you will be prompted to fund your wallet.

4. You will see a confirmation on your screen that the token allowance has been revoked.

Once the transaction is complete, your token approval will be revoked. If you set a spend limit on token allowances, then any dapp transactions that exceeds your spend limit will need to be approved.

Keep in mind that you can always update your token approvals on the dapp if you reuse it in the future.