Wallet with padlock against blockchain background
Education DeFi and AMM Updates

How To Revoke Contract Permissions On Ruby


Following feedback from the community, we recently implemented the ability to revoke contract permissions on Ruby.Exchange, which was part of Core Update 2/3/2023.

Brief background: Using DeFi dApps means interacting with smart contracts. In the blockchain space, you are in full control of your account and every operation requires your explicit permission. When you make a token swap on Ruby.Exchange, for example, you first need to give the Ruby Router contract permission to use each asset.  

Approve USDP screenshot
Before using a token with a contract, you first need to approve permission for the contract to access it.

Only after you have Approved a token can you instruct the contract how to use the asset (e.g. "swap this amount of token X for token Y"). Approval is confirmed via MetaMask, and (like every operation on SKALE) costs nothing in gas fees.

MetaMask permission screenshot

You only need to give a contract permission to use each asset once, after which you can interact with the contract as many times as you want. Some contracts will approve a specific amount of an asset, but in many cases you'll be approving access to an unlimited number of tokens to ensure flexibility when you use the service.

Lethal Weapon 2 meme
It's normal to give trusted contracts full permission to access your tokens.

Sometimes, you will want to revoke or cancel access for a contract to your tokens. When interacting with audited platforms like Ruby, there should be little cause for concern, but we've included Revoke functionality as best practice. Here's how it works.

If you want to revoke contract permissions on Ethereum mainnet, you can use a site like revoke.cash.

Revoking Contract Access On Ruby

You can find the list of contracts to which you have given permission by clicking the Settings (cog) icon in the top right corner of the site, and selecting Revoke:

Revoke list screenshot
Each smart contract you use has to be granted access to the tokens it needs

From there, it's just a simple process of clicking "Revoke" for whichever tokens and contracts you want to remove permission for, and confirming in MetaMask.

Note: When you revoke access, the MetaMask alert will read "Give permission to access..." for the token in question. If you click "View full transaction details", you'll see that revoking permission actually means allowing the contract to access and spend a maximum of zero tokens.

Revoke confirm screenshot

Click Confirm, and that's it!

Danny Glover Lethal Weapon 2 meme

If you want to use that smart contract again, you'll need to Approve permission first.

Still have questions? Ask us on Discord, or follow us on Twitter and subscribe to our blog for regular updates.