# Approval Diagnosis

**MetaSuites** (Prev. MetaDock)  enhanced a token approvals management tool by ***Etherscan*** that can **help you identify and avoid risky approvals to phishing addresses or vulnerable contracts**.

## What are risky approvals?

The approval mechanism in token transactions allows users to grant permission to other entities, such as smart contracts or other users, to spend their tokens on their behalf. For example, a user can approve a smart contract to use their USDC tokens, enabling the smart contract to perform operations like swapping USDC for other tokens without requiring further confirmation from the user. Once the tokens are approved for use by the smart contract, no additional signed messages are needed from the token owner for the smart contract to execute transactions with those tokens. This streamlines the transaction process by reducing the need for multiple confirmations.

However, the approval can be risky if the spender is a phishing address or a spender is a vulnerable contract. In both cases, the user's tokens can be stolen.

{% hint style="danger" %}
[See Twitter for how the user was tricked to lose 70 WBTC.](https://twitter.com/MetaSleuth/status/1638812482021228544)
{% endhint %}

## How Approval Diagnosis helps

**MetaSuites** flags suspicious approvals to vulnerable contracts and EOAs (phishing accounts, unsafe accounts, etc.) **Users can review the approvals here and revoke all risky approvals immediately to prevent further loss**. 

### Step 1: Click the Approval Diagnosis button

After [installing the **MetaSuites** extension](https://chromewebstore.google.com/detail/metadock-builders-swiss-a/fkhgpeojcbhimodmppkbbliepkpcgcoo), the `Approval Diagnosis` button will be shown on the [address page of the Etherscan](https://etherscan.io/address/0xfab576ff46bd27b095a4eee4a293ecb0c41d5a85). 

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2FXFZUEf9LAzedvvL61snX%2Fapproval.jpg?alt=media&#x26;token=e2acdbd2-c062-4b1f-918b-da675e619f36" alt=""><figcaption><p>The Approval Diagnosis Button</p></figcaption></figure>

### Step 2: Check the risky approval

After clicking the button, the detailed approval results will be shown. Risky approval will be displayed in red with notes!

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2FMelOkQmXLwtNnvoLnAZl%2FFr46wGHaEAANP03.jpeg?alt=media&#x26;token=9ac8a627-1665-4974-8c68-30ccd1a55797" alt=""><figcaption><p>Approval to the phishing address</p></figcaption></figure>

We can see the approval of the phishing address. Unfortunately, the user did not notice this approval, and the attacker transferred 70 WBTC from this address (see the following figure).&#x20;

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2FMSsJ9uvYnPrSnqMdbFMo%2FFr46i0qagAA9LSJ.jpeg?alt=media&#x26;token=8799ab26-6489-49b6-b767-662a90fc908c" alt=""><figcaption></figcaption></figure>

### Step 3: Revoke the approval

If there is any risky approval, the user needs to remove the approval immediately. Just connect to the Web3 wallet and revoke all approvals flagged by **MetaSuites**.

<figure><img src="https://2319654293-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FwxbNGlBc5Kji1KaYLlhe%2Fuploads%2FZ6FsP6SMSLBowZ36LlP0%2Fimage.png?alt=media&#x26;token=eb4c9c42-e7ef-47ce-98ea-ffcf02ae80b1" alt=""><figcaption><p>When you find risky approvals, please ①connect your wallet and ②revoke as soon as possible</p></figcaption></figure>

Risky approval has been a significant threat to users, and **MetaSuites** helps users know of their risky approval. To stay safe, don't forget to make an approved **diagnosis regularly.**&#x20;