Before approving a MetaMask-related transaction in BE Custody, approvers should confirm that the request is expected, authorised, and consistent with the organisation’s approved Web3 process.
MetaMask-based workflows can involve smart contract interactions, token approvals, dApp permissions, and network-specific transaction behaviour. Approvers should review the request carefully before approving.
What should approvers check?
Before approving, check:
- The request is expected
- The dApp interaction is authorised by your organisation
- The connected wallet or sub-wallet is correct
- The selected network is correct
- The asset, token, contract, amount, and recipient are correct, where applicable
- The transaction type is understood
- The request matches the intended instruction
- Any required internal record, ticket, or approval is in place
- The request does not appear unusual, rushed, or inconsistent with normal activity
Do not approve if any detail is unclear, unexpected, or inconsistent.
Check the network
MetaMask workflows are network-specific.
Before approving, check that the selected network is the intended network and that it is supported for the relevant BE Custody workflow. Support for one network does not mean all networks, assets, tokens, or contract interactions are supported or approved.
Check the dApp and contract interaction
Approvers should understand what the dApp is asking the wallet to do.
Depending on the transaction, this may involve:
- Sending assets
- Approving a token allowance
- Interacting with a smart contract
- Signing a transaction request
- Executing a swap, deposit, withdrawal, stake, claim, or other dApp action
If the contract interaction is unclear or cannot be verified through your organisation’s approved process, do not approve it.
Check token approvals carefully
Some MetaMask workflows may request token approvals or allowances.
Before approving a token approval, check:
- The token is correct
- The spender contract is expected
- The allowance amount is appropriate
- The network is correct
- The request matches the intended dApp interaction
- The approval is consistent with your organisation’s risk controls
Do not approve unlimited or unexpected allowances unless they are explicitly approved under your organisation’s process.
Compare MetaMask and BE Custody details
Where transaction details are shown in both MetaMask and BE Custody, review them carefully.
If the details appear different, incomplete, or inconsistent, stop and escalate before approving. Do not assume the request is safe because it originated from a known dApp or a familiar workflow.
Warning signs
Do not approve if:
- The dApp is not approved by your organisation
- The transaction was not expected
- The network, asset, token, amount, or recipient looks wrong
- The contract interaction is unclear
- The spender contract is unfamiliar
- You are asked to bypass normal approval controls
- The request appears urgent without clear justification
- The request does not match an internal instruction or record
What should I do if I am unsure?
If you are unsure whether a MetaMask transaction should be approved, do not approve it.
Follow your organisation’s escalation process. If support is required, contact Bitpanda Enterprise Custody Support through the approved support channel and include relevant wallet, network, dApp, transaction, Snap, and timing details.
Do not include passwords, PINs, private keys, seed phrases, API keys, API secrets, access tokens, or other sensitive authentication information in a support request.