この記事はお役に立ちましたか?
もしこの記事が一つでもセキュリティリスクの明確化に役立ったのであれば、恩恵を受けそうな他の人々と共有することを検討してください😎
⬇️⬇️⬇️⬇️⬇️
Key Answer: D'CENT's May 2026 update lands 4 changes you'll feel right away.
- See every token approval in one place — and revoke any of them in a tap.
- Cap the amount before you sign — unlimited isn't the default anymore.
- Add a mainnet, get the tokens you already hold with it — one consent step.
- Pick your chart colors, and find AI Help in Settings — small touches that add up.
All live in the latest mobile app.
Think of a token approval like a permission slip.
Every time you swap a token on a DEX, stake on a DeFi app, or use a bridge, your wallet signs a small slip that says "this app is allowed to move my token." The slip stays on file forever — until you take it back yourself.
After a year of using crypto, most people have a long trail of these slips they don't even remember signing.
Smart contracts get exploited. They get compromised. They get hacked outright — the $285M Drift Protocol hack drained users in minutes through an oracle manipulation and a compromised admin key. On top of those protocol-level risks, any old approval becomes a separate door an attacker can walk through if that one contract is later found to have a bug — and your seed phrase never enters the picture. (Our guide on how token approvals get weaponized walks through the attack pattern step by step.)
Until now, the only way to take those slips back was to open a separate website like Etherscan or revoke.cash, connect your wallet, and pay for the transaction over there. Most people never bother.
This update brings the whole thing inside D'CENT.
My Wallet → Approval — every permission in one screen
A new Approval tab lives inside My Wallet. It shows every token you've ever approved, grouped by token, with a small count of how many apps each one is sharing permission with.
Tap a token and the list of apps unfolds underneath:
- App name + icon — apps D'CENT knows (like the 1inch router) show their mapped icon. Unknown apps show a plain icon — your cue to look closer.
-
Permission amount — the exact number, or
Unlimitedif you once signed a max approval. - Risk highlight — approvals untouched for over 60 days, plus any unlimited grants, get a warning icon and color so you can spot the risky ones in a second.
Real D'CENT app — My Wallet → Approval tab. Tap a token, and the apps that hold permission for it unfold underneath.
You're looking at the same on-chain data Etherscan would show you. The difference is it's already filtered to your wallet, already grouped neatly, and already inside the app you trust.
Revoke — one tap, no external site
Pick an app you no longer trust, and tap Revoke. D'CENT prepares a "permission = 0" transaction, you sign it on your D'CENT device, and the app drops off the list.
The whole flow lives in four screens:
① Confirm
② Sign on device
③ Sending
④ Done
Real D'CENT app — confirm what's about to change, sign it on the hardware, watch the network confirm it, then see the approval drop off your list. All inside the wallet.
No outside website. No copy-pasting contract addresses. No leaving the device that holds your keys.
Once the list is empty, your risk for that token drops to zero — until you choose to grant a new approval.
Stop signing unlimited approvals
The Approval tab cleans up what's behind you. The next change stops the next risk before it starts.
Here's the rule: don't hand a contract a blank check. If you only need to swap $200 worth of USDC, don't approve unlimited. Approve $200. If the contract is later exploited, the most you can lose is what you signed for.
D'CENT now makes this the easy path. When you approve a token before a swap, an Allowance row appears on the approval screen. Tap it and type the exact amount — your token balance is shown right there, so you don't have to guess. Unlimited is still possible, but you have to choose it on purpose, and you'll see a red warning when you do:
"With unlimited approval, a malicious project or contract bug could drain every token of this kind."
Until this update, every swap in D'CENT signed unlimited by default. From now on, the default is a number you decide. That single switch turns a forgotten permission into, at worst, a small forgotten permission.
Why this small change matters more than it sounds
Approval-based attacks follow the same pattern almost every time. A contract you used a long time ago is later exploited or compromised, and because your old permission slip is still on file, the attacker uses it to pull your tokens — without ever touching your seed phrase.
A hardware wallet stops attackers from stealing your private key. It does not take back a permission you already gave. Revoking old approvals is the only way to close that door — a habit that matters as much as protecting your seed phrase — and most people skip it because the tool lives outside their wallet.
By putting it inside D'CENT, and signing every revoke with the hardware itself, the loop finally closes. Your keys never leave the device. Now your approvals don't have to either.
Add a Mainnet, Get Your Tokens With It
The Approval changes clean up the risks behind you. This second update saves you time ahead of you.
When you add a new EVM mainnet account in D'CENT, the wallet now scans your address for ERC-20 tokens you already hold and asks — once — if you'd like to add them too. Tokens D'CENT recognizes are surfaced as Listed on D'CENT and pre-checked. Unknown tokens land under Needs review with a warning, so you can opt them in one by one — a small barrier that keeps airdrop spam out of your wallet.
It starts when you add a new mainnet:
① Add account
② Name it
Then D'CENT asks before doing anything. You decide whether to check the address for tokens — and the result sheet groups everything by trust level:
③ Ask
④ Detecting
⑤ Select tokens
Detection only runs after you tap Check — no auto-add, no surprise. If the chain isn't supported or detection silently fails, the popup closes quietly so the mainnet account add itself never gets blocked. Two consent gates (chain support → user opt-in) and an opt-in rule for unknown tokens keep this convenient without ever letting spam in.
Also new this May
A couple of smaller improvements shipped alongside the two main changes.
Pick your chart colors
Settings → Chart Colors now lets you switch between Standard (Up red / Down green) and Reverse colors (Up green / Down red) — whichever matches your local convention. Your choice applies everywhere — portfolio chart, mini charts, percentage badges.
① Settings entry
② Standard
③ Reverse colors
AI Help, now in Settings
The in-app AI Help Agent moved out of "Lab" and into the Customer Support section of Settings — it's officially out of beta. Toggle it on and the "Get help" button becomes active on error pages, so you can ask the AI assistant the moment something goes wrong. (New here? Our intro to D'CENT's AI Helpdesk walks through what it can answer and how it differs from a chatbot.)
FAQ
What's a token approval, exactly?
When you swap or stake an ERC-20 token, you sign an approve transaction. That transaction gives the app permission to move that token from your wallet. The permission stays saved on-chain — forever — until you take it back.
Why is unlimited approval risky?
Because the app can move any amount of that token, anytime, forever — until you revoke. If the app is later hacked, the attacker inherits that permission.
Does revoking cost gas?
Yes. Each revoke is its own on-chain transaction, so a small gas fee applies per app — you'll see the exact cost before you sign.
Will revoking break the dApp I use regularly?
The next time you swap or stake, the dApp will simply ask for a new approval. You re-grant it (ideally with a capped amount this time) and continue.
Does this support all chains?
Approval listing and revoke currently work on EVM chains, where on-chain allowance data is reliable. Non-EVM chains follow their own permission models and aren't included in this release.
Is my hardware element still involved?
Yes. Every revoke transaction is signed by your D'CENT device, just like a transfer. The EAL5+ secure element never exposes your private key.
Will D'CENT auto-add tokens to my wallet without asking?
No. Detection only runs after you tap "yes" on the consent popup — and unknown (unregistered) tokens are added one by one, so airdrop spam can't sneak in. If the chain isn't supported, the popup closes silently and your mainnet account add completes as usual.
Get the update — and try it now
If you already use D'CENT, the latest App Store / Google Play update brings all of this — on by default, no setting to flip.
Open D'CENT → tap My Wallet → switch to the Approval tab. See how many permissions are still on file. Most people are surprised — and the new tab is the fastest way to clean them up.
The allowance picker shows up the next time you approve a token before a swap.
D'CENT Biometric Wallet
Hardware-signed self-custody.
Now with one-tap approval cleanup.
EAL5+ Secure Element · Blockaid Real-time Scam Detection · Biometric Authentication · In-App AI Help · Zero Security Breaches Since 2018
Buy D'CENT Wallet →
