One of MetaMask's most exciting features is its ability to connect to decentralized applications, or dapps (often referred to as Dapps, dApps, or Đapps). Think of dapps as traditional websites that you can access in your browser, but that have a special portal built into them that links them to a blockchain. In order to interact with the functionality of that network, you need to have a wallet connected to the dapp portion of the website. That's where MetaMask comes in.
Trying to figure out whether a dapp is legitimate?
You can always consult the details of projects registered at everest.link and verify that they match.
Also, check out our article on verifying whether smart contracts are legit. Though dapps and smart contracts are not the same thing, the former is generally powered by the latter, so it is definitely recommended to verify trustworthiness before interacting with a dapp.
Many websites that have dapp functionality will have a button somewhere on the site that says 'Connect wallet', or 'Connect to dapp' or even just 'Launch app'. Clicking the correct button should launch a set of interactions that end up with your MetaMask wallet being connected to the dapp you're on. That said, you might not want to do this your first visit to the site, and that's fine; you can always manually connect later (see instructions here).
Be careful about which dapps you connect to, and what permissions you give them.
Certain types of transaction require granting a dapp's smart contract permission to access your funds, and, in many cases, virtually infinite amounts of your funds.
In fact, there are many cases in which smart contracts run by dapps are created specifically to defraud users and steal all of their funds once they've granted this kind of access.
Token approval scams are one of the most common methods through which web3 users are scammed, so it pays to clue up. See our guide to token approvals for more information.
Of course, infinite access to funds is often what you want; if you're accessing a decentralized exchange, you want to be able to deposit, swap, or transfer as many tokens as you specify. That said, here are some things to keep in mind:
- How well-known is the project? Does it have a community channel? Do your research before allowing access.
- How often do you use the dapp? If it's not something you're actively using, do you want it to have access to your wallet?
- Has the dapp or a related project recently had a security breach? It's worth searching here.
That said, tools are available to manage your existing token approvals. Read more here.
Note that disconnecting your wallet from a dapp does not affect token approvals.
FAQs and further reading
Why am I being asked to connect to a Dapp?
Can I make a list of favorite Dapps?
How to revoke smart contract allowances/token approvals
How to customize token approvals/allowances with custom spend limit
How to verify if a smart contract is safe to interact with