When you approve a transaction on a dApp, you often hand a smart contract standing permission to move tokens or NFTs out of your wallet — sometimes for every token of a type at once. That permission is a token approval. It stays in place until you revoke it. Most are routine (a swap on Uniswap needs one). Some are traps — scam pages collect blanket approvals on purpose and drain the affected tokens whenever the attacker decides.
If you've approved something dodgy, revoke it before the attacker uses it. Two free tools do this. Match your situation to the table, then run the steps.
Find your situation
What you're seeing | What it means | Path |
You just clicked a scam link and approved something, but funds are still in the wallet | The approval is sitting there waiting to be used — revoke now | Revoke an approval |
Your wallet has been quiet for a while, you want to clean up | Review every active approval and revoke anything you don't recognise | Revoke an approval |
Funds or NFTs have already moved out of the wallet without you signing | A bad approval was used. Revoke any others before they're used too, then move what's left | Revoke an approval, then move funds to a new wallet |
Your | The name was transferred out. Revoking an approval won't bring it back | |
Your recovery phrase has been shared, photographed, or typed into a website | The wallet is fully compromised; revoking can't help | Move everything to a fresh wallet — see the Important note below |
Good to know
A token approval lets a smart contract move specific tokens or NFTs from your wallet. Most are routine (a swap on Uniswap needs one); the dangerous kind is
setApprovalForAll— a blanket permission for every token in an NFT collection.Revoking is one transaction per approval. Several approvals means several wallet pop-ups.
Revoking doesn't undo transfers that already happened. Tokens already gone are gone — blockchain transactions can't be reversed.
Approvals are per-chain. Mainnet approvals don't show up when you check Base or Arbitrum. Switch network in the tool to check each chain.
The original gas you paid to grant the approval isn't refunded.
Pick a tool
Tool | Where it runs | Notes |
revoke.cash | Community-built and widely used. ENS-backed mirror also available. | |
Etherscan Token Approval Checker | Etherscan's own tool. Reference article on Token Approvals. |
Both do the same job. Pick whichever you find easier to read.
Revoke an approval
Open the tool. Go to one of the URLs above and connect your wallet.
Pick the network. Approvals are per-chain — switch between Mainnet, Base, Arbitrum, and others to see each chain's active approvals.
Find the approval. Each row shows the token, the contract that has access, and how much the contract can move. Approvals on contracts you don't recognise — especially
setApprovalForAllon an NFT collection — are the priority.Click Revoke. Approve the revoke transaction in your wallet. Most confirm in 1–2 blocks (12–24 seconds); busy networks can take longer.
Repeat for each one you want gone. One transaction per approval.
Revoking is a transaction, so you need a bit of ETH on Ethereum Mainnet (or the L2 the approval lives on) for gas — no other cost.
Important: If your recovery phrase has been compromised — written down somewhere others have seen, photographed, or typed into a fake login — revoking approvals won't help. Anyone with the seed phrase has full wallet access and can re-grant any approval you revoke. Move funds and any ENS names to a new wallet with a fresh seed phrase.
What revoking can't do
A few things readers ask about that revoking doesn't fix:
It doesn't reverse a transfer. Tokens that already moved out are gone.
It doesn't recover a stolen
.ethname. Names are NFTs but the recovery path is different — see How do I recover a .eth name from a compromised wallet?.It doesn't help if the seed phrase leaked. A leaked seed phrase is whole-wallet access; revoking one permission at a time is fighting a fire one match at a time.
What's next?