❗How to prevent malicious approval
What is Approve
Approval is authorization. It allows token holders to give a certain permission to an account by calling the approve method. if authorized to malicious accounts, those approved assets are extremely risky.
Is approve common
Approve is a familiar calling method in our daily operations on the blockchain, and it is commonly used in calling contracts. Public chains based on Ethereum EVM have this command call. TRON is no exception, so it will also be affected, and the malicious authorization on TRON is the most extensive.
How to prevent malicious approval
The best protection against malicious approval is not to call it, but this is nearly impossible, so in order to protect users, TokenPocket has built an approved "firewall" in the wallet.
How to trigger approve Firewall:
Go to TokenPocket and use the DApp browser to open any third-party link. You will see the first layer of risk prompts, telling the user not to open links with unknown security; when the user insists on opening the link and performing an operation, the second layer of approval "firewall" will pop up, which details the risks that approval may bring. If you check “I know”, then you must be responsible for your own operation.
2、Go to TokenPocket and use the DApp browser to open any third-party link. You will see the first layer of risk prompts, telling the user not to open links with unknown security; when the user insists on opening the link and performing an operation, the second layer of approval "firewall" will pop up, which details the risks that approval may bring. If you check “I know”, then you must be responsible for your own operation.
Do not continue to transfer USDT to addresses that have been maliciously authorized. You can use tools to cancel the approval and continue to use them, or create a new wallet address to use.
How to cancel the approval
1、 Use tronlink to cancel
2、Use cointool to do that
Authorization management: On the “discover” page, search for "cointool" in the search box to manage authorization.
How to use: https://theodore-ratliff.gitbook.io/share/EN/tutorial/cointool
最后更新于
