$3.4B drained in 2025

Stop Wallet DrainsBefore They Start

Free 24/7 Wallet Monitoring

Every token approval is a potential backdoor. We watch them all and alert you the instant something goes wrong.

Free forever No seed phrase needed 2-minute setup
FREE INSTANT SCAN

How Exposed Is Your Wallet?

The average DeFi wallet has 47 forgotten approvals.Each one is a potential drain waiting to happen.

All chains scanned
Risk level scored
No wallet connection needed

Enter any address. We'll show you every approval and flag the dangerous ones.

Setup in 2 Minutes. Protected Forever.

No ongoing work required. Add your wallet once and we handle the rest.

STEP 1

Add Wallet

Read-only. We find every approval you've ever made, across all supported chains. Takes 2 minutes.

STEP 2

We Watch 24/7

The moment a contract you approved transfers assets, you get an alert. Under 60 seconds.

STEP 3

You Act Fast

One-click revoke or transfer assets to safety.

WHY SPEED MATTERS

90 Seconds to Save Everything

Attackers drain wallets in minutes. Most victims find out on Twitter, hours later.With Pragma, you find out in under 60 seconds — while you can still act.

Without Pragma

  • ×Find out hours or days later from Twitter
  • ×Wallet already drained completely
  • ×No chance to transfer assets to safety
  • ×100% loss, nothing to recover

With Pragma

  • Alert hits your phone in under 60 seconds
  • One-click revoke link in the alert
  • Transfer assets to a fresh wallet
  • Keep most or all of your funds
00:00

Time since attack

90.0%

Assets recoverable

Every second counts. The faster you respond, the more you save.

Complete Wallet Trust Layer

Built by security researchers who've seen how wallets actually get drained.

See Every Approval

ERC20, ERC721, Permit2 — across Ethereum, Arbitrum, Base, and more. Nothing hidden.

Revoke in One Click

Don't fumble with Etherscan. One click, you sign. Gas optimized.

See Your Total Exposure

One dashboard shows every approval, ranked by risk. No spreadsheets needed.

Alerts That Reach You

Alerts in under 60 seconds, with clear instructions. So you can act fast when it matters.

Full History Logged

Every approval, every revoke, timestamped. Export anytime for compliance.

Team & Multisig Support

Monitor your DAO treasury or team wallets. Track signer changes too.

Understanding The Threat

How Wallets Actually Get Drained

It's not phishing. It's not a bad seed phrase. Most drains happen through approvals you forgot you gave.

Step 1

You Approve a Contract

Normal DeFi stuff. You use Uniswap, Aave, a yield farm. You click approve.

Nothing wrong here. This is how DeFi works. The danger comes next.

Step 2

You Move On, It Doesn't

Months pass. You forget about that protocol. But your approval? Still active. Forever.

Right now, you probably have 50+ approvals you don't remember giving.

Step 3

The Protocol Gets Hacked

Private key stolen. Malicious upgrade. Rogue team member. It happens constantly.

Radiant Capital ($58M), BadgerDAO ($120M), Euler ($197M). The list goes on.

Step 4

Your Tokens Vanish

The hacker uses YOUR old approval to drain YOUR wallet. You don't sign anything.

You wake up. Check your wallet. It's empty. No warning. No confirmation. Just gone.

Real Example: The BadgerDAO Hack

What Happened

  • • Users approved BadgerDAO vaults in early 2021
  • • Months later, hackers injected malicious code
  • • Used old approvals to drain $120M in 30 minutes
  • • Users woke up to empty wallets

How Pragma Prevents This

  • Pragma would have revealed approvals
  • Bad actor detection flags compromised contracts
  • Instant alerts when suspicious activity starts
  • Panic revoke to stop drains in progress

The shocking truth:You don't need to be hacked. You don't need to sign anything.
Your tokens can disappear while you sleep.

This is why continuous monitoring is essential.

We Can't Drain You. By Design.

Read-only access. No private keys. You sign every transaction yourself.

Read-Only
We can't move your funds
You Sign
Every single transaction
< 60s
Alert speed
Zero
Keys stored
No Private Keys
Read-Only Access
24/7 Monitoring
SOC2 Compliant

Who's Behind This

Built by the Team That Secures Billion-Dollar Protocols

Pragma is built by Zak Cole, co-founder of Code4rena — the security platform that's found 1,365+ critical vulnerabilities in protocols like EigenLayer, Arbitrum, Coinbase, and Chainlink.

475+
Security Audits Completed
25,000+
Vulnerabilities Found
10,000+
Security Researchers

Why this matters: We've seen thousands of hacks. We know exactly how attackers think and how drains happen. Now that same expertise protects your wallet.

Questions You're Probably Asking

Revoke.cash shows you a list. Pragma watches that list 24/7. When a contract you approved gets exploited, Revoke.cash won't tell you. Pragma will — in under 60 seconds.
Every time you use DeFi, you approve contracts to move your tokens. Those approvals never expire. If a contract gets hacked months later, the attacker can use YOUR old approval to take YOUR tokens. No signature needed. This is how BadgerDAO lost $120M.
No. Your approvals from 2021, 2022, 2023 are all still active. Radiant Capital users got drained through approvals they'd forgotten about. If you ever clicked 'approve', you're at risk until you revoke.
Drains happen in minutes. By the time you 'get around to checking', your wallet is empty. Pragma alerts you in under 60 seconds — while you can still act.
If you've used DeFi for more than a few months? Probably 50-100+. Every swap, every farm, every NFT mint. They add up. Most people are shocked when they see the list.
Wallets warn about NEW approvals. They don't monitor your OLD ones — which is where 90% of drains happen. That Uniswap approval from 2021? Your wallet forgot about it. Attackers didn't.
Yes. Pragma gives you approval monitoring and alerts forever.
That's exactly who needs this most. Whales have hardware wallets, multisigs, and diversification. You probably don't. Losing $500 because you didn't know about a free monitoring tool would be brutal.
The Radiant Capital team was careful. Professional security people. They still lost $58M. Approval exploits don't require you to do anything wrong. The attack happens to a contract you trusted, and your old approval becomes the weapon.
Panic revoke. One button, revokes everything, might save your tokens before the attacker can drain them. The Sept 2024 NPM supply chain attack hit 2B+ downloads. Users who revoked fast kept their funds.
2024-12-15Solana web3.js$160K(NPM supply chain)PREVENTABLE|
2024-11-20Radiant Capital$58M(Compromised keys)PREVENTABLE|
2024-10-31M2 Exchange$13.7M(Private key leak)PREVENTABLE|
2024-10-18Ethena Labs$290K(Frontend attack)PREVENTABLE|
2024-09-24NPM debug/chalk2B+ downloads(Wallet drainer)PREVENTABLE|
2024-09-18BingX$52M(Hot wallet breach)PREVENTABLE|
2024-08-19Nexera$1.5M(Smart contract exploit)|
2024-07-18WazirX$230M(Multisig breach)PREVENTABLE|
2024-07-10Compound Finance$24M(Governance attack)PREVENTABLE|
2024-06-03UwU Lend$19.3M(Price manipulation)|
2024-05-31DMM Bitcoin$300M(Private key theft)PREVENTABLE|
2024-05-15Gala Games$240M(Unauthorized minting)PREVENTABLE|
2024-04-30Pike Finance$1.6M(Reentrancy attack)|
2024-03-28Prisma Finance$11M(Flash loan attack)|
2024-03-20Parallax Finance$12M(Reentrancy)|
2024-02-29PlayDapp$290M(Private key compromise)PREVENTABLE|
2024-02-23Connector Bridge$2.5M(Approval exploit)PREVENTABLE|
2024-01-16Socket.tech$3.3M(Input validation bug)|
2024-01-10Gamma Protocol$3.4M(Price manipulation)|
2023-12-14Ledger Connect$484K(Supply chain attack)PREVENTABLE|
2023-11-25Kronos Research$26M(API key compromise)PREVENTABLE|
2023-11-10Poloniex$100M(Hot wallet hack)PREVENTABLE|
2023-10-20Hope.money$4.8M(Private key leak)PREVENTABLE|
2023-09-24HTX Global$7.9M(Bridge exploit)|
2023-09-12Stake.com$41M(Hot wallet breach)PREVENTABLE|
2023-08-18Exactly Protocol$12M(Bridge vulnerability)|
2023-07-30Curve Finance$73.5M(Reentrancy)|
2023-07-02Multichain$125M(Private key compromise)PREVENTABLE|
2023-06-04Atomic Wallet$100M(Wallet drainer)PREVENTABLE|
2023-04-13SushiSwap$3.3M(Approval exploit)PREVENTABLE|
2023-03-13Euler Finance$197M(Flash loan attack)|
2022-10-06BNB Bridge$586M(Bridge exploit)|
2022-09-20Wintermute$162M(Private key compromise)PREVENTABLE|
2022-08-01Nomad Bridge$190M(Validation error)|
2022-06-23Harmony Bridge$100M(Private key compromise)PREVENTABLE|
2022-03-28Ronin Bridge$624M(Private key theft)PREVENTABLE|
2022-02-02Wormhole$326M(Signature verification)|
2021-12-02BadgerDAO$120M(Frontend injection)PREVENTABLE|
2021-10-27Cream Finance$130M(Flash loan exploit)|
2021-08-10Poly Network$611M(Cross-chain exploit)|
2024-12-15Solana web3.js$160K(NPM supply chain)PREVENTABLE|
2024-11-20Radiant Capital$58M(Compromised keys)PREVENTABLE|
2024-10-31M2 Exchange$13.7M(Private key leak)PREVENTABLE|
2024-10-18Ethena Labs$290K(Frontend attack)PREVENTABLE|
2024-09-24NPM debug/chalk2B+ downloads(Wallet drainer)PREVENTABLE|
2024-09-18BingX$52M(Hot wallet breach)PREVENTABLE|
2024-08-19Nexera$1.5M(Smart contract exploit)|
2024-07-18WazirX$230M(Multisig breach)PREVENTABLE|
2024-07-10Compound Finance$24M(Governance attack)PREVENTABLE|
2024-06-03UwU Lend$19.3M(Price manipulation)|
2024-05-31DMM Bitcoin$300M(Private key theft)PREVENTABLE|
2024-05-15Gala Games$240M(Unauthorized minting)PREVENTABLE|
2024-04-30Pike Finance$1.6M(Reentrancy attack)|
2024-03-28Prisma Finance$11M(Flash loan attack)|
2024-03-20Parallax Finance$12M(Reentrancy)|
2024-02-29PlayDapp$290M(Private key compromise)PREVENTABLE|
2024-02-23Connector Bridge$2.5M(Approval exploit)PREVENTABLE|
2024-01-16Socket.tech$3.3M(Input validation bug)|
2024-01-10Gamma Protocol$3.4M(Price manipulation)|
2023-12-14Ledger Connect$484K(Supply chain attack)PREVENTABLE|
2023-11-25Kronos Research$26M(API key compromise)PREVENTABLE|
2023-11-10Poloniex$100M(Hot wallet hack)PREVENTABLE|
2023-10-20Hope.money$4.8M(Private key leak)PREVENTABLE|
2023-09-24HTX Global$7.9M(Bridge exploit)|
2023-09-12Stake.com$41M(Hot wallet breach)PREVENTABLE|
2023-08-18Exactly Protocol$12M(Bridge vulnerability)|
2023-07-30Curve Finance$73.5M(Reentrancy)|
2023-07-02Multichain$125M(Private key compromise)PREVENTABLE|
2023-06-04Atomic Wallet$100M(Wallet drainer)PREVENTABLE|
2023-04-13SushiSwap$3.3M(Approval exploit)PREVENTABLE|
2023-03-13Euler Finance$197M(Flash loan attack)|
2022-10-06BNB Bridge$586M(Bridge exploit)|
2022-09-20Wintermute$162M(Private key compromise)PREVENTABLE|
2022-08-01Nomad Bridge$190M(Validation error)|
2022-06-23Harmony Bridge$100M(Private key compromise)PREVENTABLE|
2022-03-28Ronin Bridge$624M(Private key theft)PREVENTABLE|
2022-02-02Wormhole$326M(Signature verification)|
2021-12-02BadgerDAO$120M(Frontend injection)PREVENTABLE|
2021-10-27Cream Finance$130M(Flash loan exploit)|
2021-08-10Poly Network$611M(Cross-chain exploit)|
PRAGMA MONITORS ALL APPROVAL-BASED ATTACKS 24/7