Permission Records Before You Use an App
Permission screens are access records. Disconnecting an app does not cancel every prior grant.
Start with public records
What an approval actually does
Ethereum and Uniswap guidance both emphasize that an approval lets a contract spend tokens from your wallet under the granted limit. That permission can remain active long after you stop using the app.
- Exact approvals reduce blast radius but may require more transactions later.
- Unlimited approvals reduce friction but increase exposure if the spender is compromised.
- Revoking an approval is separate from disconnecting a wallet.
Source note
Good approval discipline
Treat approvals as access management, not as routine clicking.
- Prefer exact or bounded approvals on first use.
- Review stale approvals after airdrops, mint sites, and migration tools.
- If a token approval flow behaves oddly, revoke first and retry instead of stacking permissions.
Source note
Red flags
Approval abuse often hides behind convenience.
- A site asks for unlimited approval before showing a clear route or contract.
- A no-gas signature or Permit2 request can still grant spend permissions. Do not sign if the wallet cannot clearly show what it authorizes.
- The spender address is unfamiliar or does not match the official interface.
On this page
How to use this guide
Check the source before you respond or connect.
Compare the source you plan to use against this briefing. Confirm it independently, and stop if the public record does not match the message.
Primary sources