For purposes of atomicity, certain processes necessitate allowing (or approving) a contract to conduct ERC-20 token transfers on behalf of the approver. These allowances remain in effect until they are either revoked or fully utilized (technically, to revoke an allowance, one should send an allow transaction of value 0). Although allowances are a common practice and must be used for many flows, they might pose a security risk in case a contract is compromised or is vulnerable to hacking. We recommend keeping allowances short-lived and revoking them as soon as they are no longer required.
Similarly, ERC-721 and ERC-1155 standards also provide support for allowances. However, the capability to revoke these allowances using EVM revoke allowance requests is not available. To revoke allowances for ERC-721 and ERC-1155 tokens, use raw EVM transactions.
Note
API users must strongly authenticate transaction requests that are created programmatically by signing them. Learn more.
Following is an example of a create transaction request for revoking an ERC-20 allowance. The request should be inside the body, as demonstrated here.
{
"signer_type": "api_signer",
"type": "evm_transaction",
"details": {
"type": "evm_transfer",
"use_secure_node": false,
"gas": {
"type": "priority",
"priority_level": "medium"
},
"chain": "ethereum_mainnet",
"token": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48",
"spender": "0xB572Cf029bD939B260b16A97036456d6165F2222",
},
"note": "Revoking USDC Allowance",
"vault_id": "8988893a-cf29-4a02-acc7-5bb723c74f47"
}