Token allowances refer to the permissions you grant to smart contracts or decentralized applications (dApps) to spend a certain amount of a specific token on your behalf. This is done using a smart contract called an ERC-20 allowance.
β How Token Allowances Work
Approve Spending
To interact with a dApp or contract, you approve a specific amount of a token (e.g., ETH, DAI) that the contract can use.
For example, you might approve a DeFi lending platform to use 100 DAI from your wallet.
If you use Metamask wallet when trading on Matcha, you can set the allowance when approving a token for spending.
Usage by Decentralized Applications (dApp)
Once approved, the dApp can spend up to the approved amount without requiring your explicit consent for each transaction. This streamlines interactions with the dApp.
*Note: By default, with Cross Chain Swaps on Matcha, we send your wallet the amount you want to trade for approval (nothing more). You can always change this if your wallet allows you to, but our guidance will be to only approve the amount you are trading when using Cross Chain Swaps.
β
π§ Managing Token Allowances
Moving forward, you can also manage your ERC-20 token allowances each time you interact with a dApp.
Within MetaMask, for instance, click Edit Permission and enter your desired amount in Custom Spend Limit. By default, most dApps ask for an unlimited spend limit. By setting a spending limit, you reduce the risk of having your ERC-20 funds drained by a malicious actor.
Changing or Removing Allowances
Increase Allowance
If you want to allow the dApp to spend more of your tokens, you can simply approve a larger allowance. The new allowance will replace the old one (this varies from dApp to dApp).
Decrease Allowance
To reduce the allowance, you approve a smaller amount. This effectively limits how much the DApp can spend.
Remove Allowance
If you no longer want the dApp to access your tokens, you can set the allowance to 0. This revokes its permission to spend any of your tokens.
βοΈ Revoking Token Allowances/Approvals
Since token approvals are conducted on-chain, revoking the approval must also be on-chain. This means you need to pay network fees for each revocation.
Revoking Services
There are several third-party tools you can use to revoke token approvals entirely. For this tutorial, we'll be using Polygon's Token Approval tool (in beta).
*Note: Keep in mind that these are third parties and we cannot make any guarantees about their service.
Steps to Revoke Token Approval
Navigate to https://polygonscan.com/tokenapprovalchecker.
Press Connect to Web3 to connect your wallet.
Navigate through the ERC-20, ERC-721, or ERC-1155 tabs until you see the token approval you would like to revoke.
Press Revoke to revoke the token approval.
This will prompt a signature request in your wallet.
Once the transaction has been completed, the token approval will be revoked.
Additionally, you can also use Revoke.cash to revoke Token approvals. We recommend doing your own research before interacting with any tool.
β
π‘οΈ Security with Token Allowances
Always exercise caution when setting allowances, and only approve tokens for well-established and trusted dApps, as once approved, they can spend the allocated amount without further confirmation. This is crucial for security in the decentralized ecosystem.
π Further Reading
Blog post on gasless approvals [Matcha]
What are Token Allowances [Zerion]