Non-custodial, read-only

A security tool should be the one you trust most. So here is exactly what we do — and never do — with your wallet.

What we never do

• We never ask for your private key, seed phrase, or password.
• We never ask you to connect a wallet, sign a message, or approve a transaction.
• We never move, hold, or have access to your funds.
• We never create, sign, or send transactions — revoking is done by you, in your own wallet.
• We don't use tracking cookies and we don't run ads.

What we actually do

• Read public on-chain data for the address you paste (the same data anyone can see on a block explorer).
• Score the token approvals on that address and explain the risks in plain language.
• Link you to revoke.cash so you can cancel risky approvals yourself.

Why pasting an address is safe

A wallet address is public — sharing it cannot move your funds or grant anyone access. Only your private key can authorize a transaction, and we never see it. Moving funds always requires a signature from your own wallet, which only you control.

Verify it yourself

You don't have to take our word for it — the code is open source. Read it and confirm it only reads public data and never touches keys or funds: source code.

Scan a wallet