A smart contract hosted on a blockchain autonomously executes once all the specified terms or conditions in a contract or agreement are satisfied, negating the need for intervention by an intermediary.
The terms of the contract are written in machine-readable code. Once the smart contract is complete, it is irreversible and legally binding, raising the question: Is it possible to terminate a smart contract? And more importantly, can smart contracts be reversed?
This article discusses whether it is possible to revoke smart contracts and, if possible, how one can revoke smart contract access to their cryptocurrency holdings.
What does revoking smart contracts mean?
Revoking a smart contract typically means disabling or terminating its functionality on a blockchain. For instance, revoking may stop access to a userâs crypto wallet and ability to move tokens. Additionally, revoking a smart contract halts permission to view a userâs token balance or public address.
Why are smart contracts revoked?
One may revoke a smart contract under several circumstances, such as if they donât intend to buy, sell or transfer an asset or use the smart contract again.
In other instances, malicious developers build backdoors into smart contracts, allowing unauthorized access to funds.
Who can change a smart contract?
Like any contract, once the parties have agreed on the contract terms, they are unchangeable. Even if the parties wanted to do so, the terms are written on the blockchain, which is unalterable. This makes smart contracts immutable.
The only way to âchangeâ the terms of a contract is to âupgradeâ the contract, that is, swap the underlying smart contract of a decentralized application (DApp) for another. Alternatively, the parties can choose to have an upgradeable contract from the start, which allows for modifications to the smart contract.
Who controls a smart contract?
No one controls the smart contract once the code is written into the blockchain. The code will execute if or when a predetermined condition or stipulation is met or verified. The action involves updating the blockchain and sending notifications. Only the parties with access to the smart contract can see the transaction details.
Since no one has express control of the contract, the parties need to determine the stipulations and describe them adequately without ambiguity to ensure they can execute. And this begs the question: can tokens be locked inside a smart contract? When a user sends tokens into a smart contract, no one can trade or withdraw them, essentially locking them in it.
The smart contract will only release the tokens after a certain period or performance of certain conditions. Some platforms even allow for customization of the token lockup, with a user specifying the date and time when the tokens can become available.
What are token approvals and permissions in smart contracts?
The only way to protect against the exploitation of smart contracts is to approve only the withdrawal of funds required, avoid untested platforms, and revoke token approvals and permissions.
But what are token approvals and permissions? Smart contracts allow DApps to automate the moving of tokens in oneâs wallet, hence token approvals and permissions. Therefore, token approvals and permissions signify the ownerâs approval of a smart contract to withdraw tokens from a wallet to execute a trade. A user can use several means to revoke smart contract access to their tokens:
Revoking smart contracts through token block explorer
Individual networks usually have block explorers, such as Polygonscan and Etherscan, which contain an approval section where users can utilize the token approval tool to revoke permissions and approvals.
These are the typical steps taken when using a token approval tool, and please note that only the address owner can revoke connected smart contracts:
1. Navigate to the token approval page.
2. Type your address in the search bar and click âsearch.â
3. Any smart contract associated with the address that can spend on the userâs behalf will appear in the assets list, which provides further information like the smart contractâs token allowance, transaction hash and token standards.
4. Connect to the wallet by clicking the âconnect to Web3â button.
5. Once the connection is confirmed, select which contract(s) to revoke.
How to revoke token approvals and permission of smart contracts on Ethereum
Here are the usual steps taken when revoking smart contracts on the Ethereum mainnet:
Step 1: Revoke access tools
Users can track and revoke smart contracts connected to their addresses using several third-party revoke access tools. Connect to any of these websites to commence the process:
- approved.zone: Ethereum
- Revoke: multiple networks
- EverRise: multiple networks
- Ethallowance: Ethereum
- Unrekt: multiple networks
- Beefy.finance: BNB Smart Chain
- Etherscan: Ethereum
- Cointool: multiple networks
Step 2: Connect the wallet
Once youâve connected to the website, search for and click on the âconnect walletâ button. When connecting the website to oneâs wallet, ensure they are on the same network, as revoke access tools only work in one kind of chain.
For instance, if connected to the Ethereum mainnet, one cannot revoke a Polygon smart contract, as only Ethereum smart contracts are supported and will be displayed.
Step 3: Select smart contract
The smart contract tool will display all the compatible smart contracts, showing their access permissions and spending limits. Users should select the ones they wish to revoke. If unsure, select all and grant new permissions on the next launch of each DApp.
Step 4: Revoke access
Click the ârevokeâ button, pay for the transaction, and wait a minute or two to complete the transaction. Log out and log back into the website to confirm the revoked transaction was successful (the smart contract should not be on the list).
Does revoking token access also terminate DeFi strategies?
No. Users will retain their positions in decentralized finance (DeFi) strategies such as pooling, staking and lending, allowing them to keep receiving rewards. However, it can significantly affect them, depending on the context and how the strategy is structured.
In DeFi ecosystems, users often grant smart contracts permission to access their tokens for various functions like trading, lending or staking. If a user revokes this access, the smart contract can no longer move or manage the userâs tokens on their behalf.
This action can disrupt ongoing strategies that rely on the contractâs ability to interact with the tokens. However, the underlying DeFi strategy isnât terminated but paused or made inactive until access is granted again or the strategy is adjusted.
Is disconnecting a wallet from a project the same as removing permission to use funds?
No, they are not the same thing. Disconnecting a wallet from a project only cancels permissions that allow other users to view oneâs token balances, public address and past activities, and it stops the initiation of transactions. However, please note that it will not prevent the execution of transactions.
On the other hand, removing permission to use funds means revoking a DAppâs permission to access and move a walletâs contents.