# 如何查看/取消恶意Approve（授权）？

Approve即授权。它允许持有 Token 的用户，通过调用 Approve 方法，授权给指定账户一定额度，赋予该账户自由支配额度内 Token 的权力。如果授权给恶意账户，那么授权资产就会有极大风险。

在本教程开始前，请点击以下文字，了解什么是Approve（授权）？

[about-approve](https://help.tpwallet.io/cn/security-knowledge/protective-measures/about-approve "mention")

**----TRON授权查询---**

1.使用电脑打开TRON区块浏览器<https://tronscan.io/#/>，选择【连接钱包】，根据提示连接钱包

![](https://3236963393-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZCSGxZxDUFXGuknjRHbB%2Fuploads%2FLXrfgH6ct2HkJaQdWKIU%2F1%20%E6%8B%B7%E8%B4%9D%2011.png?alt=media\&token=06ef45bf-beda-4efb-a137-b7a8ec927dd2)

2.进入「账户」页面。点击【授权列表】，即可查看钱包地址的授权情况；

![](https://3236963393-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZCSGxZxDUFXGuknjRHbB%2Fuploads%2FJatQ5kO2JfNin73WEWcs%2F1%20%E6%8B%B7%E8%B4%9D%2012.png?alt=media\&token=267c5ecd-9c1a-417c-8384-f93d07e2f933)

3.点击【取消授权】，由于TRON取消授权需要用到TronLink插件，因此点击取消授权后，请根据TronLink指引进行。

&#x20;

**如何确认恶意授权地址？**

**恶意授权地址有如下几个特征：**

特征一：来路不明的空投引诱

1.任意点开一个授权地址，点击【通证余额】，点开任意代币进行「通证转账」查看；

![](https://3236963393-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZCSGxZxDUFXGuknjRHbB%2Fuploads%2FMpvrzp2nAdrryY6IF7YX%2F1%20%E6%8B%B7%E8%B4%9D%2013.png?alt=media\&token=714e0ff5-b55c-4f72-8ae3-6b98d20580d9)

2.在部分转账中，盗币者会附上备注，以空投为诱饵，让用户通过第三方的DApp来进行兑换。这是最常见的一种获取用户授权的方法，请注意防范！！切勿不要相信任何来路不明的空投，避免因小失大！！

![](https://3236963393-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZCSGxZxDUFXGuknjRHbB%2Fuploads%2Fxr06kvOcawRSWk5ics0Q%2F1%20%E6%8B%B7%E8%B4%9D%2014.png?alt=media\&token=7e62765f-7af1-453b-918e-66ba258283a6)

特征二：授权地址发行多个同类型代币

1.经过授权地址查看，发现该地址发行有多个TRC10的Token内容如下：

![](https://3236963393-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZCSGxZxDUFXGuknjRHbB%2Fuploads%2FuDGqHs87ltnwj8sewP3I%2F1%20%E6%8B%B7%E8%B4%9D%2015.png?alt=media\&token=db37d52b-e744-41ca-813f-9673cb3e1545)

2.这么多TRC10类型的Token，又不能在Swap中兑换，那肯定是另有他用，逐个点开查看Token得到以下内容：

![](https://3236963393-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FZCSGxZxDUFXGuknjRHbB%2Fuploads%2Fouwl0R4E4Gsa4S7vW1yX%2F1%20%E6%8B%B7%E8%B4%9D%2016.png?alt=media\&token=b21b0175-bb58-4f92-a475-b207868b2215)

注：除此之外还有盗币者利用假的收款界面和用户进行转账交易，利用Approve恶意授权来达到盗币目的，所以一定要谨慎和他人交易。


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.tpwallet.io/cn/security-knowledge/protective-measures/cancel-malicious-authorization.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.