Launch App

The Ultimate Guide To Token Approvals (Why They’re ESSENTIAL)

●   7 min

If you’re performing any transaction Krystal or any decentralised application (DApp) for the very first time, you may notice that you’ll need to perform an ‘Approve’ transaction first.

Why do you need to do this transaction, and does it cost a lot of gas fees?

Here’s everything you need to know!

What is an ‘Approve’ transaction?

An ‘Approve’ transaction grants a smart contract the permission to interact with the tokens in your non-custodial crypto wallet. 

All decentralised applications (DApps) are built on smart contracts, which provide you with an interface to use these contracts on the blockchain.

This includes any DeFi platform, game, or NFT marketplace.

You will need a non-custodial wallet (like Krystal or Metamask) to interact with these DApps and smart contracts.

However, before you can use any functions on the DApp, the smart contract needs to view and retrieve the tokens that are in your wallet.

Here are some examples of how a smart contract interacts with the tokens in your wallet.

FunctionHow the smart contract interacts with your wallet
SwapThe decentralised exchange needs to retrieve the token balance in your wallet, and withdraw the funds from your wallet to deposit the swapped tokens
DeFi LendingThe lending platform needs to retrieve your token balance and withdraw the funds to deposit into the lending smart contract
BridgeThe bridge needs to retrieve your token balance and withdraw the funds from your wallet to deposit the same token in your wallet, but on another chain
NFT MarketplaceThe marketplace needs to retrieve your token balance and withdraw the funds from your wallet to allow you to purchase an NFT

Before a smart contract can interact with your token balances, you will need to grant permission via a token approval.

A token approval can be sometimes referred to as an allowance.

This approval will be recorded on the blockchain, and acts as proof that you were the one who gave this permission.

As such, it is extremely important that you keep your private keys and seed phrases secure. Anyone who has access to either one can give token approvals to any smart contract!

Why do I need to approve a token before performing a transaction (e.g. swapping)?

By default, all smart contracts are unable to interact with the token balances in your wallet, apart from the native token of that network. Each approval transaction will give the smart contract permission to interact with a specific token in your wallet.

If you are performing a transaction with a token for the very first time, this means that you will need to process 2 transactions:

  1. Approving the smart contract to interact with your token balance
  2. The actual transaction that you intended to do (e.g. Swap, Earn or Bridge)

After approving a token, this will allow the smart contract to transfer the tokens from your wallet to theirs, where they can perform any transactions including token swaps, lending or bridging.

It can be rather confusing at first, as after the approval transaction, you may think that the transaction is done. However, that is not the case!

You will still need to confirm the actual transaction in a separate blockchain transaction!

When does an ‘Approve’ transaction occur?

You may want to note that a new approval transaction is needed for: 

  • Every token you intend to use
  • Every smart contract you interact with

For example, let’s say you want to swap USDT on the Avalanche network using Krystal.

You will need to approve Krystal’s smart contract first before you can perform the swap.

If you are looking to swap USDT on another network (like Polygon), 

you will need to confirm another approval transaction.

The same applies if you are looking to bridge USDT from Avalanche to another network (like BNB Smart Chain),

where you’ll need to approve yet another one!

Each transaction is usually only done once, unless you have reached the token limit (which we’ll cover later).

The only exception to this is when you are looking to transact using the network’s native token. In this scenario, no approval transaction is required.

For example, if you are looking to swap BNB on the BNB Smart Chain to another token, you can do so right away without any token approval.

Approvals can be limited or unlimited

In most cases, when you are approving any transaction, the default for most wallets is that you will be approving an unlimited allowance.

In the screenshot above, the amount of USDT is equivalent to an infinite amount, which suggests an unlimited approval.

This can be advantageous as you only need to approve this allowance once, saving you on gas fees!

Usually, this would not matter if you are only interacting with trusted DApps, like Uniswap, Pancakeswap or Krystal 😉.

However, there are risks when you approve an unlimited allowance for a malicious smart contract.

The funds in your wallet can be accessed by this smart contract, so it has the potential to drain all of them!

Some token approvals can be limited as well.

For example, let’s say you set a limited approval for 2,000 USDT on Uniswap. This means that Uniswap can only withdraw up to 2,000 USDT in total from your wallet.

If you want to swap more than 2,000 USDT, you will need to approve another allowance.

⚠️ Be careful which contracts you’re approving

While you are interacting with multiple protocols or decentralised apps (DApps), you may be required to approve multiple smart contracts for them to interact with your wallet.

However, some of these contracts can be malicious, and are designed to drain your funds once you interact with them!

Multiple hacks have occurred this way, where hackers create phishing sites that look similar to the actual platform.

Here are some examples of Pancakeswap,

and CoinMarketCap.

You may have mistaken them for the actual site, and after approving the contract, the smart contract may be able to drain all of your funds!

Some examples include:

As such, it is very important that you double check the URLs of the DApps you are interacting with. If they look suspicious, please do refrain from connecting your wallet and approving any transactions!

While having a non-custodial wallet is great for having full control over your funds, you are also fully responsible for the security of your funds.

If your non-custodial wallet gets hacked, no one will be able to help you!

This is in contrast with leaving your funds in a custodial account, such as a centralised exchange like Binance. The majority of your transactions are off-chain transactions, where they are done within the platform itself, as compared to off-chain transactions.

In the event of any ‘bad’ transactions that are made on a centralised exchange, the custodian is still able to reverse them. However, the same cannot be done on a non-custodial wallet!

As such, do be really careful when you are approving any new contract, and it will be good to double-check if you are interacting with the actual site or a phishing one.

Approving is different from connecting your wallet

When you connect your non-custodial wallet to a DApp, that DApp is only able to view your wallet address.

As such, connecting your wallet is different from approving a token allowance.

Connecting a wallet is the first layer of security, where the DApp can only view your wallet address.

If you do not approve any allowances, the DApp cannot interact with your token balances in the wallet.

As such, disconnecting your wallet from a malicious DApp does not mean that your wallet is safe!

You will still need to revoke the token approval that you have given to that DApp, and here’s how Krystal’s revoke approval function works!

Introducing: Krystal’s Token Approval tool

You can view any token approvals that your wallet has using our Token Approval tool.

After connecting your wallet or pasting a wallet address on the search bar, any token approvals across all supported networks will be shown here.

The total allowance value indicates the total amount in your wallet that can be accessed by smart contracts that you’ve previously approved.

You can select the smart contract under ‘Approved Spender’ to view the smart contract on a block explorer.

For example, this smart contract (0x051DC16b2ECB366984d1074dCC07c342a9463999) is referring to the Krystal Router, one of the smart contracts that you’ll use on our platform.

You can choose to revoke any smart contract by clicking on the revoke button.

Gas fees are needed to process this ‘revoke access’ transaction, so don’t forget to have some of the native tokens in your wallet!

Once the transaction is confirmed, the smart contract is no longer able to interact with your token balance!


Approving token allowances is necessary for you to interact with any DApps in the DeFi world.

However, it is a double-edged sword, as any malicious smart contract has the potential to drain all of your funds if you’re not careful!

Some of the ways to protect yourself from such contracts include:

  1. Paying attention to any possible phishing links
  2. Not approving any allowances for suspicious smart contracts
  3. Using Krystal’s token approval tool to revoke a smart contract’s access to your token balances

🔍 Navigate the DeFi Space NOW with Krystal!

Start your journey NOW on Desktop, iOS or Android

📱 Social Media

How do you rate this article?


Leave a comment

Your email address will not be published.