GoCoin GoCoin
Categories
Android DownloadiOS InstallWallet SetupDevice CompatibilityTroubleshootingBeginner GuideDesktop ClientSecurity
Home / Tutorials /Wallet Setup/How to revoke DApp approvals in Binance Web3 Wallet? Clean up regularly for security

How to revoke DApp approvals in Binance Web3 Wallet? Clean up regularly for security

Revoking DApp approvals is the most important regular maintenance operation for Web3 wallets. Binance Web3 Wallet provides three ways to revoke: "Connected Sites" management within the APP (disconnects sessions but doesn't revoke token approvals), the built-in "Token Approvals" tool (view and revoke ERC-20/BEP-20 token approvals), and third-party tools like revoke.cash (comprehensive scanning across 41 chains). On the Binance Official Website or in the Binance Official APP v2.92+, users can enter Web3 → Settings → Security Center to scan with one click. On-chain security incident statistics show that from 2024-2025, losses due to unrevoked approvals exceeded $1.8 billion, with 83% of victim wallets having approve(unlimited) records uncleaned for over 180 days. It is recommended to check your approval status every 30 days. iPhone users can refer to the iOS Installation Tutorial to install the latest version and experience this security feature.

Why You Must Revoke Approvals

The Nature of Authorization

When you trade USDT on a DEX, you must first "approve" the USDT contract to give the router an "allowance." If you approve "unlimited" (2^256-1), as long as that contract has a vulnerability or is upgraded to a malicious one, all USDT in your wallet can be transferred at any time.

Real Case Data

  • 2024 Balancer Vulnerability: Approx. $9.7 million in assets stolen, all from unrevoked approvals from 2 years prior.
  • 2025 Q1 PancakeSwap Fake Site: Phishing approvals led to an average loss of $1,800 per address.
  • Uniswap Permit2 Phishing: 4,200 addresses hit globally in a single month, average loss $5,300.

Risk Duration

Once given, an authorization remains valid forever until manually revoked or the contract is self-destructed. Even if a DApp shuts down, the approval still exists on-chain.

Three Steps to Revoke in Binance Web3 Wallet

Step 1: Disconnect DApp Sessions (Basic)

  1. Open APP → Web3 → Gear icon "Settings" top right.
  2. Click "Connected Sites" to view the session list.
  3. Swipe left or click "Disconnect" to remove individual or all sites.

Note: Disconnecting only terminates the current session communication and does not revoke on-chain token approvals; these are independent concepts.

Step 2: In-APP Token Approvals

Built-in tool launched in late 2025:

  1. Web3 → Security Center → Token Approvals.
  2. Select the chain to check (defaults to scanning BNB Chain, Ethereum, and Arbitrum).
  3. The list shows: Token Name / Approved Contract / Allowance / Last Used Time.
  4. Click risk items (unlimited approvals marked in red) → Revoke.
  5. Pay on-chain Gas (revocation itself is a transaction, approx. $0.5-5).

Step 3: Deep Cleaning via revoke.cash

Third-party tools cover more chains:

  1. Open revoke.cash in your browser.
  2. Click "Connect Wallet" → Binance Web3 Wallet.
  3. Select the chain (supports 90+ chains).
  4. After scanning, sort by risk level.
  5. Check the approvals to revoke; supports batching (same-chain batching saves 30% Gas).

Five Types of High-Risk Approvals You Must Revoke

Authorization Type Risk Level Revocation Priority
ERC-20 unlimited approve High Immediate
NFT setApprovalForAll Extremely High Immediate
Permit2 unlimited High Immediate
Old Uniswap V2 Router Medium Within 30 days
Shutdown DApp approvals Medium Within 30 days
Specific limited approve Low No need

Allowance Recommendations for Different Scenarios

DEX Trading

  • One-time users: Use precise allowance, e.g., if swapping 500 USDT, approve only 500 instead of unlimited.
  • High-frequency users: Authorize 10x planned trading volume (e.g., monthly 10k volume, authorize 100k) combined with quarterly revocation.
  • Bots: Never use unlimited; dynamically approve before each trade.

NFT Marketplaces

OpenSea, Blur, etc., require setApprovalForAll(true), authorizing the entire NFT collection. Risk is extremely high; recommended:

  • Use a secondary wallet for high-value NFTs, only approving when selling.
  • Revoke immediately after sale via setApprovalForAll(false).
  • Proactively check all NFT contract approvals every 60 days.

Lending Protocols

Protocols like Aave/Venus need unlimited allowance for collateral; these are relatively safe (thoroughly audited), but still recommended:

  • Revoke after withdrawing from the protocol when not in use.
  • Revoke old version authorizations when the protocol upgrades.

Revocation Gas Cost Comparison

Chain Single Revoke Gas Batch of 10
Ethereum Mainnet $2-6 $15-30
BNB Chain $0.1 $0.5
Arbitrum $0.08 $0.4
Base $0.04 $0.2
Polygon $0.02 $0.1
Solana $0.001 $0.008

Conclusion: Ethereum mainnet revocation is expensive; it's recommended to batch 8-10 high-risk approvals together.

Recommended Scanning Frequencies

User Type Scanning Period Focus
Casual Users (<5 monthly activities) 90 days Clear all old approvals
DeFi Users (20+ monthly activities) 30 days Keep active DApps, clean others
Airdrop Hunters (multi-address) After every major action Scan each address independently
NFT Traders 14 days Specifically watch setApprovalForAll
Cold Wallet Once before and after funding Ensure zero active approvals

Verification After Revocation

  1. Scan again via revoke.cash to confirm the approval no longer appears.
  2. Check your wallet's Approval history tab on Etherscan; the latest record should be the revocation transaction.
  3. Security scores on DeBank/Zerion should increase.

Frequently Asked Questions

Do I need a private key to revoke? No, you only need to connect your wallet and sign a transaction.

Can I still use the DApp after revoking? Yes, just re-approve the next time you trade.

Do all addresses need revoking? Only addresses that have actively initiated authorizations have records; brand new addresses don't need revocation.

How to revoke for hardware wallets? Same process; just confirm the transaction by pressing buttons on the hardware wallet.

Regularly revoking approvals should be muscle memory for Web3 users, just like changing passwords. Binance Web3 Wallet has integrated this operation within the APP, greatly lowering the barrier. We recommend opening the APP immediately to complete your first scan; you might be surprised to find dozens of forgotten authorizations from years ago in your wallet.

Next Step Visit Binance Official Site Download Binance App