원클릭으로
revoke-approval
Revoke risky token approvals to protect wallet security
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
Revoke risky token approvals to protect wallet security
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Manage address aliases and transfer history. Auto-create contact names from transfer memos, track transfer counts, and quickly access frequently-used addresses.
Analyze address behavior patterns from transaction history. Detect anomalies, identify activity patterns, and alert on suspicious changes.
Check TRON addresses for security risks using TronScan labels, blacklists, scam detection, and fraud transaction history before interacting.
Scan wallet for token approvals and detect risky unlimited allowances. Critical for security.
Analyze energy costs for TRON transactions and generate rental proposals to save on fees. Compares burning TRX vs renting energy from platforms.
Analyze TRON blockchain transaction errors using AI to provide concise, user-friendly explanations with root causes and actionable solutions.
| name | revoke-approval |
| description | Revoke risky token approvals to protect wallet security |
| version | 1.0.0 |
| author | BlockChain-Copilot Team |
| tags | ["security","approval","trc20","protection"] |
Use this skill to:
Security Risk: When you approve a contract (e.g., for swaps), you grant it permission to spend your tokens. If:
2^256-1)→ Your tokens are at risk! This skill revokes those permissions.
User wallet
↓ Step 1
scanApprovals() → Find risky approvals
↓ Step 2
revokeApproval(contract, token) → Set allowance to 0
↓ Step 3
Transaction confirmed → Approval removed ✅
from skills.revoke_approval.scripts.revoke import build_revoke_transaction
# Revoke a specific approval
result = await build_revoke_transaction(
owner_address="TYourAddress...",
token_address="TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t", # USDT
spender_address="TMaliciousContract..."
)
print(result['unsigned_tx']) # Returns transaction to sign
# 1. Scan for risky approvals
from skills.approval_scanner.scripts.scan_approvals import scan_approvals
scan_result = await scan_approvals("TYourAddress...")
# 2. Revoke all critical risks
for risky in scan_result['risky_approvals']:
tx = await build_revoke_transaction(
owner_address="TYourAddress...",
token_address=risky['token_address'],
spender_address=risky['spender']
)
# Sign and broadcast tx
{
"success": true,
"message": "Revoke approval transaction created successfully",
"data": {
"owner": "TYourAddress...",
"token": "TR7NHqjeKQxGTCi8q8ZY4pL8otSzgjLj6t",
"token_symbol": "USDT",
"spender": "TMaliciousContract...",
"old_allowance": "115792089237316195423570985008687907853269984665640564039457584007913129639935",
"new_allowance": "0",
"unsigned_tx": {
"txID": "...",
"raw_data": {...},
"visible": true
},
"estimated_energy": 15000,
"estimated_bandwidth": 345
},
"warnings": [
"⚠️ This will prevent the contract from spending your USDT",
"You'll need to re-approve if you want to use this contract again"
]
}
Complete Security Workflow:
1. scan_approvals() # Detect risks
↓
2. User reviews results # Decision point
↓
3. revoke_approval() # Take action
↓
4. Sign & broadcast # Execute
↓
5. Wallet protected ✅
Common errors and solutions:
NoApprovalFoundError: No approval found for this token/spender combination
Solution: Approval may have already been revoked or never existed
InsufficientEnergyError: Not enough energy to execute transaction
Solution: Rent energy using energy-rental skill first
InvalidAddressError: Token or spender address is invalid
Solution: Verify addresses are valid TRON addresses
How revoke works:
approve(spender, 0) functionEnergy cost: ~15,000 energy (~0.5 TRX or rent)
Reversible: Yes, you can re-approve anytime
# MCP tool wrapper
@mcp.tool()
async def revoke_token_approval(
owner_address: str,
token_address: str,
spender_address: str
) -> str:
"""
Revoke a token approval to protect wallet security.
Args:
owner_address: Your wallet address
token_address: Token contract (e.g., USDT)
spender_address: Contract to revoke approval from
"""
result = await build_revoke_transaction(
owner_address, token_address, spender_address
)
return format_for_agent(result)
approval-scanner before revokingFor hackathon presentation:
User: "帮我检查钱包安全"
Agent:
1. [Calls approval-scanner]
"发现3个风险授权:
- SunSwap: 无限授权 USDT (1年前)
- Unknown Contract: 无限授权 USDC (高风险)"
2. [Recommends action]
"建议撤销这2个高风险授权"
3. User: "好的,撤销吧"
4. [Calls revoke-approval]
"已生成撤销交易,请在钱包中签名确认"
5. [Transaction signed]
"✅ 授权已撤销,钱包安全等级提升!"
This completes the Data → Insight → Action loop! 🔐
triggersmartcontract endpointapprove(address,uint256) function0 to revoke