Frequently Asked Questions
Straight answers. If yours isn't here, reach us at support@allowanceguard.com.
The Basics
What is a token allowance?
A permission you grant a smart contract to spend your tokens. Required for DEXs and dApps, but the permission persists after you stop using them. If left unchecked, a compromised contract can drain approved tokens from your wallet.
What does Allowance Guard do?
A security dashboard that scans your wallet for every token approval, scores each one for risk, and lets you revoke with one click. We read public blockchain data — your keys stay in your wallet.
Is Allowance Guard a wallet?
No. It is a read-only security dashboard, not a wallet. We never hold funds or keys. Think of it as a window into your wallet's permissions — you see them, you decide what stays.
Security & Privacy
Is it safe to connect my wallet?
Yes. Connecting via MetaMask or WalletConnect grants read-only access to your public address and approvals. We cannot access private keys, sign transactions, or move funds. You sign every revocation yourself, in your own wallet.
What data do you collect and store?
Minimal data: your public wallet address and cached allowance data for performance. No private keys, no seed phrases, no personal information. Encrypted at rest (AES-256), in transit (TLS 1.3). Full details in our Privacy Policy.
How does your risk engine work?
Rule-based scoring powered by live threat intelligence. Flags unlimited amounts, known malicious addresses, unverified contract code, and anomalous approval patterns. Scores update continuously as new threat data comes in from security researchers, blockchain analysts, and community reports.
Using the Dashboard
How much does it cost?
The core scanner is free and open source. Scan wallets, view risk scores, and revoke approvals at no cost — you only pay the network gas fee for on-chain revocations. Pro and Sentinel plans unlock monitoring, batch revoke, multi-chain views, and team tools.
What does revoking do?
Sets the spending limit for that token and contract to zero. The contract can no longer access your tokens unless you grant a new approval. It is an on-chain transaction that you sign and pay gas for.
Why do I pay gas to revoke?
Revoking is an on-chain transaction. Gas goes to network validators, not to us. We show a gas estimate before you confirm, and our batch revoke contract minimises the cost when revoking multiple approvals at once.
Technical & Support
Which wallets and chains do you support?
Any EVM-compatible wallet: MetaMask, Coinbase Wallet, WalletConnect, and others. We cover 27 EVM chains: Ethereum, Arbitrum, Base, Optimism, Polygon, Avalanche, BNB Chain, Fantom, zkSync Era, Polygon zkEVM, Mantle, Gnosis, Linea, Scroll, Celo, Blast, Cronos, Moonbeam, Aurora, opBNB, Manta Pacific, Mode, Taiko, Metis, Kava, ZetaChain, and Worldchain.
My revocation transaction failed.
Usually caused by insufficient gas or network congestion. Check that you have enough ETH (or the chain's native token) and try again with a higher gas setting. If it keeps failing, contact support with the transaction hash.
How do I report a bug or request a feature?
Open an issue on our GitHub repository. For general feedback, email support@allowanceguard.com. Security-related reports are prioritised. Code contributions are welcome — see our Contributing page.
Advanced Security Questions
How do you ensure smart contract integrity?
Revocations use standard ERC-20 approve(spender, 0) and ERC-721 setApprovalForAll(spender, false) — the same functions every legitimate DeFi protocol uses. No custom contracts that could introduce additional attack surface.
What if your service goes down?
Your approvals exist on-chain, independent of our service. If we go offline, your approvals are unchanged and you can revoke directly through Etherscan or any block explorer. We target 99.9% uptime with redundant infrastructure.
How do you handle false positives?
The engine errs on the side of caution — better to flag and explain than to miss a real threat. Every flagged approval shows exactly which risk factors triggered the score. You review, you decide. We refine algorithms continuously based on feedback and new threat data.
Has AllowanceGuard been audited?
Initial security assessment completed September 2024, covering the risk engine, data handling, and contract interactions. Revocations use standard ERC-20/ERC-721 functions tested by the broader Ethereum ecosystem. SOC 2 Type II compliance and third-party audits are in progress.
How fresh is the data?
Allowance data refreshes on every scan — pulled live from the chain. Threat intelligence updates continuously throughout the day. Risk scores recalculate in real time as new data arrives. For best results, scan after interacting with new protocols.
I think an approval was wrongly flagged.
Every flag shows the specific risk factors that triggered it — unlimited amount, unverified code, known patterns. If you disagree, report it through our feedback system. We review every report and adjust detection rules when warranted.
Where does your malicious contract data come from?
Multiple sources: security researchers, blockchain analysis firms, community reports, and our own threat intelligence. The database covers known exploits, phishing contracts, and rug pulls, updated continuously. Our risk scoring is one tool in your security toolkit — always do your own research as well.
Still Need Help?
Question not covered here? Reach out — we respond to every inquiry.