Revoking permissions vs disconnecting the wallet - how to keep your MetaMask secure
HTML-код
- Опубликовано: 3 окт 2024
- Crypto Like A Pro course is live now! - learn.cryptoli...
Private Discord is now open - / discord
In this video I talk about two different ways you can protect your MetaMask wallet from malicious smart contracts and various exploits in web3.
Navigating web3 can be sometimes a bit tricky and you have to be careful to not lose all your Ethereum or other altcoins.
While disconnecting your wallet from a dapp is certainly good, it is often not sufficient to protect your account from a malicious smart contract. In this video I explain the difference between revoking permissions and token approvals in comparison to just disconnecting your wallet.
Revoking permissions vs disconnecting - metamask.zende...
Disconnecting a wallet from a dapp - metamask.zende...
A more in-depth article about permissions and approvals - consensys.net/...
#metamask #crypto #ethereum
----
Thanks for watching! Please let me know your thoughts in the comments section and don't forget to like the video and subscribe to the channel.
----
Disclaimer
The content covered in this video is NOT to be considered as investment advice.
I’m NOT a financial adviser. These are only my own speculative opinions, ideas and theories.
Do NOT trade or invest based purely upon the information presented in this video.
Always do your own research and due diligence before investing or trading. I’ll never tell you what to do with your capital, trades or investments. I’ll also never recommend for you to buy, sell, long or short any asset, commodity, security, derivative or cryptocurrency related instrument as it's extremely HIGH RISK!
You should always consult with a professional/licensed financial adviser before trading or investing in any cryptocurrency related product.
That was an excellent video. I wasn't aware of the revoking permissions. Thank you!
Yes, most people only disconnect from a website and don't know about checking permissions. Glad it was helpful :)
Thank you. Sharing on my twitter feed. Novices and even intermediary level should appreciate the info. I do for sure and I have been around since 2014.
Excellent thorough breakdown, thank you.
Thank you :) Glad you found it helpful :)
Love that music at end of video
Contact him......👆 he just refund my lost bitcoin back.
Thank you sir for your amazing video❤ Excellent job👍
Thanks! GLad you found it helpful :)
Great video. Wish I would of known this 2 months ago. I got ripped off for 5K or more of coins and nfts
So sorry to hear this :( Sadly most people in crypto go through this at some point.
Stay safe!
Thank you.
Thank you!
Glad it helped!
Thank you for good video.
Thanks! Glad you found it helpful :)
Great video mate
So helpful, thanks v much.
On another point, because of the MAJOR security risks I do not subscribe OR have any social media aps installed. For example, I was asked to join Discord to view certain contents. This was my first and last foray with Discord resulted in being scammed within 10mins of logging on for the first time.
I advice all scammed victims should quickly contact the best cybersecurity team named *Krudcracks* for help they helped me get back my funds
On instagram
I advice you quickly contact with *KRUDCRACKS* for help he helped me out on same issue
Yes ON INSTAGRAM
So what you’re saying is, that it’s best to revoke everything in your wallet to be safe as possible. Right? And will there be any trouble with buying, swapping or selling the token I revoked? Do i have to give permission again to take further action? Thank you
Yes, you will need to give permission again for example to sell a token on Uniswap.
If you use a popular and secure platform (e.g. Opensea, Uniswap, etc.) or you know you will be trading the token often then I would just leave the permissions. It's basically balancing between security and convenience.
But technically, if you wanted maximum security, yes, you would always revoke permissions.
@@CryptoLikeAPro thanks for the answer. Keep up the good work you’re already doing 👏🏽
@@SerbianCryptoGeek Thank you :) Glad you're finding it useful :)
Great content man!
Let me know if you'd like to come on the show and talk more about crypto/security sometime :)
Thanks! Yeah it would be a pleasure! Can you email me the details? iamcryptobadger@gmail.com
Many thanks
Glad you found it helpful! :)
Use meta mask with a Ledger only, that way nothing can be sent out of the wallet with signing the transactions.
Yes, defo. I made a separate video about it. But I want to provide as much information about crypto and NFTs as possible hence why I made this video too :)
Contact him......👆 he just refund my lost bitcoin back.
I have a ledger do I always have to revoke smart contract ?
Does anyone know If I revolt access to a site/wallet, could they still send crypo to into my wallet?
I have some passive investment type accounts and was recently hacked. I sent BUSD into MM and it went right out so I revolved the wallet address that took the coins.
I am just not sure if I revoke all connected if they can still deposit
How?
thanks
I checked and there's no permissions to revoke.
I gave them my public account address but I guess that's public information anyway
Then it should be ok. Public address is ok to give - like you said - it's public anyway.
Hola. I've got a question. Is it possible for your wallet to be hacked with just the 12seedphrase been leaked without the hackers knowing your password?
Yes, 100%!!! The seed phrase is like a 'reset password' option. If someone has your seed phrase, they can just set up a new password.
Thanks for the excellent video. I have a question. In case i have stake lp token in a dapp and then revoke can i find again the lp if i connect my wallet again? Hope you understand what i mean. Thanks again
Very good question! I spoke to a couple of blockchain devs about it and they both said that it depends on the staking contract. In most cases, revoking permissions means that you're 'unsigning' the contract - you're no longer connected to it in any way and therefore staking will no longer work.
It is possible to write a staking contract in such way that it may point to an off-chain database, in which case the staking would still work but this is highly unusual.
Information like this should be provided in the documentation or the whitepaper or you can try asking the project team... but 99% chance is that revoking permissions will stop staking.
bro, i connected to fake site and my usdc was transferred but my eth wasnt. Will disconnecting the site make my account secure again?
Definitely disconnect and check if there are any permissions - if there are, revoke them.
This should keep your wallet secure but personally, I think when a wallet is compromised, it's best to transfer any remaining crypto to a new wallet. Better to stay safe!
so once re-voked is it 100% that the bad site has no access to your wallet?
To the best of my knowledge - yes. In principle it should mean that your wallet is secure as any malicious contract/website has no longer permission to interact with it. But I don't know if it's possible to write a malicious contract that can still somehow go round it. I don't think so but I can't say I'm 100% sure.
There are definitely contracts which won't allow you to revoke permissions but assuming that you can revoke them, then it should be fine.
Contact him......👆 he just refund my lost bitcoin back.
Hi, great video but what if your seed phrase was stolen and the hacker added a sweeper bot to it to drain everything to his wallet. How do you stop this? Can you add a sweeper bot to do the same to my other wallet? And what with NFT's that might be coming into that wallet?
Not sure if this answers your question but if I had a serious reason to suspect that my seed phrase was compromised I would just stop using that wallet. I see revoking permissions more as a good practice, rather than last resort tool if you know your wallet was compromised.
Contact him......👆 he just refund my lost bitcoin back.
Good content.. Adjust your thumbnails split test .
Mistakenly connected one site didnt transact anything just connected and after just little time disconnected its ok.. didn't give any allowance permission or transactions please reply
It 'should' be fine. If you try to revoke permissions and there are no permissions given to this contract/website then you should be fine.
I'm pretty sure this is a dumb question but do you have to revoke permissions if your Metamask was never connected to your ledger? The Volt Inu 3 migration was done inside of Ledger with no interaction from me so I'm not sure of what else I have to do.
No, if there was never a connection then there's no need to revoke permissions as the two wallets were never linked.
@@CryptoLikeAPro Thanks for your help.
Would you need to do this with staked hex ?
Would it interfere with the contract or T share rate ?
ofc u can. it wont interfere with anything, your funds are
on chain, not in the wallet
hex and t shares and all are not touched.
I'm not familiar with Hex specifically but others asked the question regarding staking before.
I spoke to a couple of blockchain devs and they said that it all depends on how the contract is written. Usually revoking permissions would un-stake your tokens (essentially you're cancelling the contract) but as I said - it depends on the contract itself. The information should be provided in Hex whitepaper so you can check there.
I can not afford the gas when I revoke the token aprroval, because the gas is increasing according to my balance. I my balance is 10, the gas will be 11, so I cant be able to pay the gas fee to revoke, how should I do? thank you
Hey, sorry but I'm not sure without seeing it. My only guess is that the gas happened to spike when you were trying to revoke permissions - maybe try again when the network is quieter or just push the transaction through with an 'aggressive' gas setting? Could be also a glitch in MetaMask user interface - it sometimes happens. Just restart everything and try again.
Don't know if it's relevant here but if you have an insufficient amount of Eth to pay for gas and the transaction is guaranteed to fail, the expected gas amount will be shown as being ridiculously high to prevent you from processing the transaction.
what if i have a large amount of hex staked on hex stake? can that be hacked?
Yes
I advice you reach out to *KRUDCRACKS* for help and assistance
On instagram
I advice you quickly contact with *KRUDCRACKS* for help he helped me out on same issue
Yes ON INSTAGRAM
What if i connected metamask wallet to a phishing site but not approved any sign in transaction. And disconnected the site immediately..so is my wallet compromised, is it safe???
If you didn't sign any transactions you should be safe.
You can check your wallet on revoke.cash - if there are no permissions to revoke for this website/contract then it's all good.
If you want to be extra safe, you can always set up a new account (even in the same MetaMask) and transfer your assets there but it shouldn't be necessary.
@@CryptoLikeAPro no i didn't signed any transaction and didn't gave any seed phrase or private key..the website is only showing update metamask, when i clicked on that, it automatically connected to my wallet but didn't asked any approval or seed phrase.
@@CryptoLikeAPro and thank you i have already revoked all the transactions from all the networks. Thank you
@@saivandana8888 Ok, it should be all good then :)
Friend my meramesk was hakeada but when I put balance to revokar hacker contract the value only and before revoka .what can you tell me????????
Hey, sorry to hear your MetaMask was hacked. Revoking permissions only means that if you connected your MetaMask to a malicious contract, this contract will no longer be able to interact with your account (for example sell your tokens). But unfortunately, if a hacker already managed to transfer some tokens out of your account, your cannot revert it. Revoking permissions only protects you from further losses. Hope this makes sense.
Contact him......👆 he just refund my lost bitcoin back.
Can you help me? My metamask is hacked always drained my top up. I can't claime my coins..pls help
If your MetaMask was hacked, you can't use it anymore. Revoking permissions may stop further losses but whatever was taken from in is gone. You have to set up a new wallet. Sorry
Contact him......👆 he just refund my lost bitcoin back.
On instagram
You are talking so much 🥱🥱🥱🥱🥱🥱
I know :D I'm trying to improve this but it's definitely still work in progress ;)
I concur with the comments of @ht24601 My other question is, if they are legitimate, then why have you hidden the answer? 🤔