The March 28, 2024 Prisma Finance exploit that drained approximately $12 million in ETH from user vaults exposed a critical operational gap in how even experienced DeFi users manage smart contract permissions. While beginner guides cover the basics of token approvals, advanced users need a systematic approach to position security that includes on-chain monitoring, programmatic revocation, and multi-layered defense strategies. This tutorial walks through building a professional-grade approval management workflow.
The Objective
This guide will teach you how to build a comprehensive approval auditing and revocation system for your DeFi positions. You will learn to programmatically detect vulnerable approvals using on-chain data, automate revocation through batch transactions, and implement monitoring that alerts you when new approvals are granted to your wallets. The goal is to reduce your attack surface to near-zero while maintaining the ability to interact with DeFi protocols efficiently.
Prerequisites
Before proceeding, you should have experience with MetaMask or Rabby Wallet, basic familiarity with Etherscan, and an understanding of ERC-20 token approvals and their associated risks. You will need a Web3 wallet with a small amount of ETH for gas fees, access to Etherscan or a comparable block explorer, and optionally a terminal with Foundry or Hardhat installed for programmatic operations. Ensure you are operating in a secure environment with no active connections to unfamiliar dApps.
Step-by-Step Walkthrough
Step 1: Complete Approval Inventory. Begin by connecting your wallet to Revoke.cash, the most comprehensive cross-chain approval scanner available. Select each network where you have DeFi positions and export the full list of active approvals. For Ethereum mainnet, also check delegate approvals separately using Etherscan’s Token Approvals tool under your address page. Record every active approval in a spreadsheet noting the contract address, token or position type, approval amount, and the date the approval was granted.
Step 2: Risk Classification. Categorize each approval by risk level. High-risk approvals include unlimited token allowances to contracts you do not actively use, delegate approvals on lending or staking protocols, and approvals to contracts that have been recently updated or migrated. Medium-risk approvals include active allowances to well-audited protocols you currently use. Low-risk approvals include time-limited allowances and approvals to contracts with established security track records. The Prisma exploit demonstrated that migration helper contracts, even from trusted protocols, can carry high risk.
Step 3: Batch Revocation. For all high-risk approvals identified in Step 2, execute revocation transactions. On Ethereum, you can set the approval amount to zero by calling the token contract’s approve function with the spender address and amount zero. For efficiency, use a batch transaction tool like the one available at Revoke.cash or build a custom multicall transaction using Foundry. A sample Foundry script would iterate through your list of high-risk approvals, constructing approve(spender, 0) calls for each and bundling them into a single transaction to save gas.
Step 4: Forward-Looking Permission Architecture. Establish a wallet architecture that limits exposure. Use a hierarchy of three wallets: a cold wallet for long-term holdings with zero DeFi approvals, a warm wallet for active DeFi positions with minimal and regularly reviewed approvals, and a hot wallet for daily transactions and protocol interactions with limited funds. Never grant delegate approvals from your warm wallet. Instead, transfer only the necessary tokens to your hot wallet, complete the interaction, and transfer remaining funds back.
Step 5: On-Chain Monitoring Setup. Configure transaction monitoring for your wallets using tools like Forta, OpenZeppelin Defender, or custom Web3 event listeners. Set alerts for any new approval transactions, particularly delegate approvals and unlimited token allowances. For Foundry users, a simple script using cast can periodically check your wallet’s approval events and compare them against your known whitelist. Any approval not on your whitelist should trigger an immediate investigation.
Step 6: Post-Incident Response Protocol. When an exploit like Prisma Finance occurs, your first action should be revoking all approvals to the affected protocol, not checking if your funds are safe. Speed matters because copycat attackers often follow initial exploits, as happened with Prisma where two additional exploiters extracted 173 wstETH after the primary attack. Keep a pre-signed revocation transaction ready for your most critical protocols, or use a smart contract wallet like Safe that allows pre-configured recovery modules.
Troubleshooting
If a revocation transaction fails, the most common cause is insufficient gas. Some older tokens require the approval amount to be set to zero before setting a new amount, which can fail if you try to revoke while the contract is paused. In this case, wait for the protocol to unpause and retry. If you encounter a token that does not support the standard approve function, check if it implements increaseAllowance and decreaseAllowance instead, which is common in some newer ERC-20 implementations.
For delegate approvals that cannot be revoked through standard tools, you may need to interact directly with the protocol’s contract. In Prisma’s case, users needed to call setDelegateApproval with the MigrateTroveZap address set to false on the BorrowerOperations contract. Always verify contract addresses against official documentation before making direct contract calls.
Mastering the Skill
Advanced approval management is not a one-time task but an ongoing operational discipline. Schedule weekly approval audits for your hot wallet and monthly audits for your warm wallet. Stay informed about protocol upgrades and migrations, as these events often introduce new contracts that require new approvals. Follow security researchers on platforms like Twitter and subscribe to protocol-specific alert channels. The difference between users who lose funds in exploits and those who do not often comes down to whether they had a systematic approach to permission management. Build the habit now, before the next exploit makes it a costly lesson.
Disclaimer: This article is for educational purposes only and does not constitute financial or security advice. Always verify contract addresses and conduct your own research before executing on-chain transactions.
This guide is a bit technical for me, but the ‘inventory and classify risk’ part is solid advice for everyone. We often forget which protocols we’ve interacted with over the months. Monitoring and alerts are definitely the next step for my setup.
Batch revoking is something I’ve been putting off, but after reading this, I’m making it a priority. The risk of unlimited allowances is just too high. Thanks for the breakdown on using Hardhat for those who are more dev-oriented.
Programmatic revocation with Foundry? That’s next-level. I usually just use the Revoke.cash UI, but for hundreds of positions, a script makes way more sense. The defense-in-depth approach is the only way to not get wiped out in the next exploit.
revoke.cash is fine for small portfolios but once you cross 50+ protocol interactions you need automation. the manual approach does not scale
Defense-in-depth is the only way to survive in this space. Recently updated contracts should always be treated as high-risk, regardless of the team. Glad you mentioned the multi-layer security approach—one mistake shouldn’t drain your whole wallet.
The batch revoke workflow is a lifesaver. Using Foundry to programmatically check for unlimited allowances is the level of paranoia we all need right now. Post-Prisma, I’m not taking any chances with my DeFi positions.
foundry for allowance checks is smart. been using a similar script but with cast instead of forge, works well for batch operations