Token Revoke
by
Check and revoke ERC‑20 token allowances across multiple EVM‑compatible blockchains, providing visibility into token approvals and enabling secure removal of unnecessary permissions.
Token Revoke Overview
What is Token Revoke about?
Token Revoke enables developers and wallet owners to fetch all ERC‑20 token approvals for a given address on any supported EVM chain, revoke specific allowances, and monitor the status of revocation transactions.
How to use Token Revoke?
- Install dependencies with
npm installafter cloning the repository. - Set environment variables
MORALIS_API_KEY(for token data) andPRIVATE_KEY(for signing revocation txs). - Run the server (e.g.,
node index.js). - Interact through natural‑language prompts or direct API calls to:
- fetch approvals,
- submit revocation transactions,
- query transaction status.
Key features of Token Revoke
- Fetch Token Approvals: Returns token address, symbol, balance, USD value at risk, spender, approved amount, and related transaction hash.
- Revoke Allowances: Constructs and sends signed transactions to set allowance to zero for any spender.
- Transaction Status Check: Queries on‑chain receipt to report pending, successful, or failed states.
- Multi‑Chain Support: Works with >50 EVM‑compatible networks (Ethereum, Polygon, BSC, Avalanche, testnets, etc.).
- Simple Configuration: Only requires a Moralis API key and a wallet private key.
Use cases of Token Revoke
- Security Audits: Quickly identify and remove stale token approvals that could be exploited.
- Wallet Management: Give end‑users a one‑click way to clean up permissions across all their assets.
- DeFi Platforms: Automate periodic allowance checks for downstream contracts to reduce risk.
- Compliance Tools: Generate reports of allowances and their USD exposure for regulatory purposes.
FAQ from Token Revoke
- Do I need to pay gas for revocation? Yes, each revocation transaction is a normal Ethereum transaction and requires the native gas token of the target chain.
- Can I revoke allowances for any token? The server works with any ERC‑20 contract that follows the standard
approvemethod. - What chains are supported? All chains listed in Moralis’
chaindata.ts– major mainnets (Ethereum, Polygon, BSC, Avalanche, Fantom, Arbitrum, Optimism) and their testnets. - Is my private key safe? The server runs locally; the key never leaves your environment. Ensure the host machine is secure.
- How is USD value calculated? Prices are fetched via Moralis APIs at request time and multiplied by the token balance to estimate risk.
Token Revoke's README
Token Revoke MCP
An MCP server for checking and revoking ERC-20 token allowances, enhancing security and control.
Features
- Fetch Token Approvals: Retrieve all ERC20 token approvals for a wallet on a specified chain, including token details, balances, and USD values at risk.
- Revoke Allowances: Submit transactions to revoke ERC20 token allowances for specific spenders.
- Check Transaction Status: Verify the success or failure of submitted transactions using transaction hashes.
- Multi-Chain Support: Supports over 50 EVM-compatible chains, including mainnets (e.g., Ethereum, Polygon, BSC) and testnets (e.g., Goerli, Mumbai).
Prerequisites
- Node.js: Version 18 or higher (for native
fetchsupport). - Moralis API Key: Required for fetching token approval data.
- Private Key: An Ethereum-compatible private key for signing revocation transactions.
Installation
-
Clone the Repository:
git clone https://github.com/kukapay/token-revoke-mcp.git cd token-revoke-mcp -
Install Dependencies:
npm install -
Client Configuration:
{ "mcpServers": { "token-revoke-mcp": { "command": "node", "args": ["path/to/token-revoke-mcp/index.js"], "env": { "MORALIS_API_KEY": "your moralis api key", "PRIVATE_KEY": "your wallet private key" } } } }
Usage
Below are examples of how you might interact with the server using natural language prompts as input. The outputs are the raw text values from the content array returned by the server, assuming a client translates the prompts into tool calls.
Example 1: Fetch Token Approvals
Input Prompt:
"Show me all the token approvals for my wallet on Polygon."
Output Response:
[
{
"tokenAddress": "0x2791bca1f2de4661ed88a30c99a7a9449aa84174",
"tokenSymbol": "USDC",
"balance": "100.5",
"usdPrice": "1.00",
"usdValueAtRisk": "50.25",
"spenderAddress": "0x1111111254eeb25477b68fb85ed929f73a960582",
"approvedAmount": "1000.0",
"transactionHash": "0xabc...",
"timestamp": "2023-10-01T12:00:00Z"
}
]
Example 2: Revoke an Allowance
Input Prompt:
"Revoke the allowance for token 0x2791bca1f2de4661ed88a30c99a7a9449aa84174 to spender 0x1111111254eeb25477b68fb85ed929f73a960582 on BSC."
Output Response:
Allowance revocation submitted on bsc. Transaction hash: 0x123.... Note: Transaction is not yet confirmed.
Example 3: Check Transaction Status
Input Prompt:
"Did my transaction 0x123... on BSC go through?"
Output Response (possible outputs):
- Pending:
Transaction 0x123... on bsc is still pending or not found. - Success:
Transaction 0x123... on bsc has completed with status: successful. Block number: 12345. - Failure:
Transaction 0x123... on bsc has completed with status: failed. Block number: 12345.
Supported Chains
The server supports a wide range of EVM-compatible chains based on the Moralis JS SDK’s chaindata.ts. Examples include:
- Mainnets:
ethereum,polygon,bsc,avalanche,fantom,arbitrum,optimism, etc. - Testnets:
goerli,mumbai,bsc testnet,arbitrum goerli,optimism sepolia, etc. - Full list: See
SUPPORTED_CHAINSinserver.js.
License
This project is licensed under the MIT License. See the LICENSE file for details.
Token Revoke Reviews
Login Required
Please log in to share your review and rating for this MCP.
Actions
Token Revoke's Information
Configuration
{
"mcpServers": {
"token-revoke-mcp": {
"command": "node",
"args": [
"path/to/token-revoke-mcp/index.js"
],
"env": {
"MORALIS_API_KEY": "your moralis api key",
"PRIVATE_KEY": "your wallet private key"
}
}
}
}Claude Code (Terminal)
claude mcp add token-revoke-mcp node path/to/token-revoke-mcp/index.jsConfigure Clients
Similar MCP Servers like Token Revoke
Explore related MCPs that share similar capabilities and solve comparable challenges
SafeLine
by chaitin
A self‑hosted web application firewall and reverse proxy that protects web applications from attacks and exploits by filtering, monitoring, and blocking malicious HTTP/S traffic.
SafeDep Vet
by safedep
Provides enterprise‑grade open source software supply chain security by scanning source code, dependencies, containers and SBOMs, detecting vulnerabilities and malicious packages, and enforcing policy as code.
Semgrep MCP Server
by semgrep
Offers an MCP server that lets LLMs, agents, and IDEs run Semgrep scans to detect security vulnerabilities in source code.
Burp MCP Server
by PortSwigger
Enables Burp Suite to communicate with AI clients via the Model Context Protocol, providing an MCP server and bundled stdio proxy.
Cycode CLI
by cycodehq
Boost security in the development lifecycle via SAST, SCA, secrets, and IaC scanning.
Bugsy
by mobb-dev
Provides automatic security vulnerability remediation for code via a command‑line interface and an MCP server, leveraging findings from popular SAST tools such as Checkmarx, CodeQL, Fortify, and Snyk.
Keycloak MCP Server
by ChristophEnglisch
Provides AI‑powered administration of Keycloak users and realms through the Model Context Protocol, enabling automated creation, deletion, and listing of users and realms from MCP clients such as Claude Desktop.
OpenCTI MCP Server
by Spathodea-Network
Provides a Model Context Protocol server that enables querying and retrieving threat intelligence data from OpenCTI through a standardized interface.
Authenticator App MCP Server
Officialby firstorderai
Provides seamless access to two‑factor authentication codes and passwords for AI agents, enabling automated login while maintaining security.