Quick, practical guidance for adding tokens, hiding spam, checking token allowance, and safely revoking approvals in MetaMask. I’ve been using this software wallet daily for months and I’ll show exact steps I use (and the mistakes I learned from). And yes, the little details matter when you’re interacting with DeFi.
MetaMask is a non-custodial software wallet that asks you to manage token visibility and on-chain permissions yourself. That gives flexibility — and responsibility. Short version: adding a token to your UI is simple and free; revoking a token approval requires an on-chain transaction and some gas. But don’t panic: the steps are straightforward once you know them.
Below I explain the two common flows: the browser extension on desktop and the mobile app. The goal: make the token visible in your assets list without interacting with unfamiliar sites.
(Image placeholder: screenshot of extension Add Token flow)
Tip: always verify the contract address on a trusted block explorer before you paste it.
Mobile includes a lightweight portfolio view that updates balances across networks (if you have multiple accounts). If you’re new to the mobile dApp browser, see install-metamask-mobile-app and tokens-portfolio for setup tips.
Knowing how to revoke token approvals protects you from smart contracts that retain permission to spend tokens you no longer want them to touch.
An ERC-20 token exposes an allowance mapping: when you approve a dApp, you sign a transaction that writes a number (the token allowance) to the token contract allowing a specific spender address to transfer tokens on your behalf. That approval stays until you change it on-chain. Question: why does this matter? Because an approved spender can move those tokens subject to the allowance (or, if an unlimited approval was granted, possibly all of them).
MetaMask itself acts as the signer for revocation transactions, but you usually use an approval-checker or block explorer to find approvals and send the revoke transaction. The common pattern I use:
Gas varies by network (L2s are cheaper). If you have many approvals, batch them slowly — I usually revoke the riskiest first.
Disconnecting a site in MetaMask (via the connected sites list) stops the dApp from seeing your wallet, but it does not change token allowances on-chain. That’s a common misconception. So if your goal is to remove spending permission, you must revoke the on-chain approval (see above). For more on disconnects and dApp connections, check connect-dapps.
(Image placeholder: approval checker UI showing a revoke button)
Spam tokens are visual noise, not an immediate theft (they’re just tokens showing in your UI). To hide spam tokens MetaMask lets you remove them from view without affecting the underlying blockchain balance.
Note: hiding does not revoke approvals or move tokens. For portfolio tracking, the mobile app aggregates balances and shows simple charts — handy for quick checks but not a replacement for accounting tools. See tokens-portfolio for more on tracking.
What I’ve learned the hard way: I once approved a malicious contract while testing a new dApp. I had to revoke on-chain and pay gas to clean up. Annoying and expensive, but doable — and a good lesson to avoid infinite approvals.
Who this wallet suits:
Who should consider alternatives:
Advantages (brief): widely supported by dApps, easy to add custom tokens, good hardware-wallet support. Disadvantages (brief): hot-wallet exposure to phishing and on-chain approvals; revocation requires extra steps and gas.
Q: Is it safe to keep crypto in a hot wallet?
A: Hot wallets are convenient for daily DeFi activity but carry higher risk than cold storage. For everyday swaps and staking small amounts they’re fine. For large holdings, I move to a hardware wallet or cold storage.
Q: How do I revoke token approvals?
A: Use an on-chain approval checker, connect MetaMask, and send a revoke transaction (approve(spender, 0) or a specific revoke function). For a detailed step-by-step see token-approvals-revoke.
Q: What happens if I lose my phone?
A: If you lose the device but still have your seed phrase (and it’s secure), you can restore the wallet on a new device. If someone else has both your phone and seed phrase, funds are at risk — backup the seed phrase offline and consider hardware wallets for larger balances. See backup-recovery-seed.
Q: How do I hide spam tokens MetaMask?
A: Use the token menu (three dots) and select "Hide token". That only affects UI visibility.
Token management is a steady habit more than a one-time task: add tokens carefully, hide the spam, and check approvals from time to time. I use these steps weekly and recommend doing a quick approval audit after interacting with any unfamiliar dApp. But don’t just take my word for it — try the steps in a low-stakes account first.
Ready to set up the wallet or check other setup topics? See the extension and mobile install guides: install-metamask-extension | install-metamask-mobile-app. For a focused revocation walkthrough, open token-approvals-revoke.