Following feedback from the community, we recently implemented the ability to revoke contract permissions on Ruby.Exchange, which was part of Core Update 2/3/2023.
Brief background: Using DeFi dApps means interacting with smart contracts. In the blockchain space, you are in full control of your account and every operation requires your explicit permission. When you make a token swap on Ruby.Exchange, for example, you first need to give the Ruby Router contract permission to use each asset.
Only after you have Approved a token can you instruct the contract how to use the asset (e.g. "swap this amount of token X for token Y"). Approval is confirmed via MetaMask, and (like every operation on SKALE) costs nothing in gas fees.
You only need to give a contract permission to use each asset once, after which you can interact with the contract as many times as you want. Some contracts will approve a specific amount of an asset, but in many cases you'll be approving access to an unlimited number of tokens to ensure flexibility when you use the service.
Sometimes, you will want to revoke or cancel access for a contract to your tokens. When interacting with audited platforms like Ruby, there should be little cause for concern, but we've included Revoke functionality as best practice. Here's how it works.
If you want to revoke contract permissions on Ethereum mainnet, you can use a site like revoke.cash.
Revoking Contract Access On Ruby
You can find the list of contracts to which you have given permission by clicking the Settings (cog) icon in the top right corner of the site, and selecting Revoke:
From there, it's just a simple process of clicking "Revoke" for whichever tokens and contracts you want to remove permission for, and confirming in MetaMask.
Note: When you revoke access, the MetaMask alert will read "Give permission to access..." for the token in question. If you click "View full transaction details", you'll see that revoking permission actually means allowing the contract to access and spend a maximum of zero tokens.
Click Confirm, and that's it!
If you want to use that smart contract again, you'll need to Approve permission first.