When using dApps on Kaspa, you grant them permission to spend your tokens and NFTs. This is called a token approval. If you don't revoke these approvals, the dApp can spend your tokens forever. Clean up your approvals with KasClean.app.
Loading wallet connection...
Click Connect Wallet on the top right or enter an address in the search bar to begin scanning.
Inspect your approvals by using the network selection, sorting and filtering options to find risky permissions.
Revoke the approvals that you no longer use to prevent unwanted access to your funds and NFTs.
It is always good to limit your approvals whenever you are not actively using a dApp, especially for NFT marketplaces. This reduces the risk of losing your funds to hacks or exploits and can also help mitigate the damage of phishing scams.
Very often, scammers try to trick you into granting them an approval to your funds. Sort your approvals by most recent to find out which approvals are to blame and revoke them to prevent further damage. Unfortunately it is not possible to recover funds that have already been stolen.
Prevention is better than mitigation. Regular approval management helps you maintain a clean wallet state and reduces your attack surface. Our platform includes smart contract analysis and warning systems to help you identify potentially risky approvals before they become a problem.
No. KasClean.app is a preventative tool that helps you practice proper wallet hygiene. By regularly revoking active approvals you reduce the chances of becoming the victim of approval exploits. But unfortunately it cannot be used to recover any stolen funds. You should still make sure to revoke the approvals that were used to take your funds so that they cannot steal more in the future.
No. In general, hardware wallets are much safer than mobile or browser-based wallets because the wallet's keys are securely stored on the device, making it impossible to steal the keys without proper access to the device. But with approvals no one needs to steal your keys to take your tokens. And because of that hardware wallets offer no extra protection against approval exploits.
If you have a so-called "sweeper bot" on your account that steals any KAS as soon as it comes in, your seed phrase was compromised. This means that revoking approvals is not going to help with your wallet security. Unfortunately, there is no way for your wallet to recover from this. You should abandon this wallet and create a new one.
No. Disconnecting your wallet (e.g. MetaMask) does not do anything to protect you from approval exploits - or most other exploits. The only thing that happens when disconnecting your wallet from a website is that that website cannot see your address anymore. But your approvals stay active.