Revoke.Delegate
Real time protection for exploits by revoking approvals for exploited smart contracts.
Revoke.Delegate
Created At
Winner of
Blockscout - Blockscout Explorer Big Pool Prize
Prize Pool
NounsDAO - Best public good built with Nouns 1st place
Linea - Best Project Deployed on Linea and MetaMask JSON-RPC API
Project Description
Token approvals are a core part of the smart contract ecosystem. Without them, a lot of DeFi applications would not be possible. But there are also risks to token approvals. If you give a smart contract permission to spend your tokens, it can spend them at any time. So if the smart contract is hacked or malicious, your tokens can be stolen.
We provide real-time protection from exploits by revoking approvals for exploited smart contract addresses.
Problem statement
- Managing them proactively is impossible
- It's tough to keep an eye on the ecosystem about ongoing exploits and react suitably in time.
- New users are afraid of crypto because all they hear are about exploits thus making them hesitant
Use cases
- To save funds from getting drained due to smart contract exploits
- As an inbuilt feature or integration inside wallets to make them more secure and provide an improved experience.
- Smart revocation, to revoke allowances periodically without manual intervention.
About
Revoke.Delegate revokes smart contract allowances as soon as the exploit is reported making sure the damage is to its minimum.
- A user delegates a very specific permission to "set token approval to 0" to revoke.delegate.
- Revoke.delegate doesn't own any Private keys or permissions other than the one delegated above – this makes it very secure
- As soon as an exploit is reported revoke.delegate would be able to safeguard all wallets by revoking the allowances for the exploited contracts.
How it's Made
We use the Metamask Delegation toolkit to delegate the functionality to set the allowances to 0.
ERC 7579: Under the hood, the Delegation manager uses executeFromExecutor to perform the redeem delegation operation, making it compatible with Safe, Kernal, and Biconomy nexus.
Curvegrid: We use Curvegrid as a "delegate" in the whole architecture, it works as a paymaster who revokes the allowances on the delegator's behalf.
NounsDAO resource: For building a user-friendly and fun – visual and verbal branding.
Push protocol: We use the Push protocol to notify the users about the approvals that have been revoked – saving the wallets from getting drained.
Celo Composer and Next.js for responsive web experience across devices.
