Subscribe to Bankless or sign in
Yesterday’s Socket hack, which saw $3.3 million drained from users with active token allowances for the cross-chain bridge, stands as another painful reminder that security and wallet hygiene are critical elements of navigating Web3.
To use any decentralized app, token allowances must be issued and approved — a process where the user grants permission to the dapp they are interacting with to essentially spend tokens on their behalf. For example, when swapping USDC for UNI, I set a token allowance to permit Uniswap to spend my USDC to buy UNI. The 'approve' function sets this spending limit, while the 'allowance' function reveals how much a dapp can use from your wallet.
Once you grant these permissions, they will remain active until the line is cut, potentially acting as a backdoor for hackers if they gain access to a faulty smart contract. To be safe, it is wise to revoke these permissions once done using the dapp — a process that can be done through tools like Revoke Cash.
Kostenlos abonnieren, um weiterzulesen
- Unterstütze die Bankless-Bewegung
- Zugriff auf Tausende von Artikeln
- Komplettes Archiv aller Bankless-Episoden
- Starte kostenlose Quests im Airdrop Hunter
- Tägliches Alpha direkt in dein Postfach
Bereits abonniert? Anmelden
