EVM token-approval defense at three resolutions: per-wallet active-approval list, per-wallet composite risk score, and per-spender reputation lookup. Recent-window eth_getLogs for Approval / ApprovalForAll events + on-chain allowance() / isApprovedForAll() confirmation. Multichain (ethereum / base / arbitrum / optimism / polygon). Pay-per-call USDC on Base — no signup, no API key, no Etherscan key.
| Path | Price | What it does |
|---|---|---|
POST /v1/wallet/approvals | $0.10 | Active ERC-20 + ERC-721 approvals for a wallet, per chain, with spender labels. |
POST /v1/wallet/approvals_risk | $0.20 | Composite 0–100 risk score with band, top-10 risks, and reasons. |
POST /v1/spender/reputation | $0.05 | Single-spender lookup. Returns label, EOA-or-contract, and recommendation. |
POST /mcp — MCP Streamable HTTP transport (JSON-RPC 2.0)curl -X POST https://approval-revoke-mcp.mtree.workers.dev/v1/wallet/approvals_risk \
-H "Content-Type: application/json" \
-d '{"address":"0xd8dA6BF26964aF9D7eEd9e03E53415D37aA96045","chains":["ethereum","base"]}'
# 402 returned; settle X-PAYMENT and retry.
Per chain: eth_getLogs over a recent block window for the indexed-owner Approval (ERC-20) and ApprovalForAll (ERC-721/1155) events. Group by (token, spender) pair and verify each is currently active on-chain via allowance(owner, spender) or isApprovedForAll(owner, operator). Risk score weights unlimited approvals, known-malicious spenders, and unverified spenders. Spender reputation cross-references a curated dictionary of ~30 major routers/aggregators/marketplaces (Uniswap V2/V3/UniversalRouter/Permit2, 1inch, 0x, Aerodrome, Sushi, Balancer, OpenSea Seaport, Blur, Velodrome, Camelot, QuickSwap) and a seed list of drainer-family addresses, and detects EOAs via eth_getCode.