Tonkeeper safety checklist remains the main reference point for users and Telegram Mini App developers following this update.
The Tonkeeper safety checklist emphasizes careful review of every connection and transaction. Before accepting any wallet prompt inside a Mini App, users should check the exact permissions requested, review terms, and ensure they are interacting through official channels. Any unexplained signing request should be rejected, and unknown apps should be disconnected from the wallet immediately. Neglecting to review signing actions or ignoring unclear wallet prompts can risk losing access or assets, as these actions cannot be reversed by Tonkeeper support. This approach is especially important for newcomers using Tonkeeper for payments, swaps, or enabling wallet-powered features for the first time.
Tonkeeper safety checklist: How to Inspect Wallet Prompts Safely
Tonkeeper provides an accessible way to interact with Mini Apps, but every connection or transaction prompt must be reviewed closely. Before approving any prompt, ensure you are using the official Tonkeeper interface, available via Tonkeeper.com or verified download channels. Only connect your wallet to Mini Apps from confirmed sources, and avoid accessing dApps through unverified links or forwarded messages, particularly within Telegram.
Thoroughly inspect all transaction details before approval. If a prompt requests permissions or signatures you do not recognize, reject it. Because Tonkeeper is non-custodial, users—not third parties—control the wallet, and signed transactions cannot be reversed. Regularly review the list of connected apps and disconnect anything unfamiliar or no longer in use. This lessens the risk of continued access by potentially malicious services.
Be wary of promotional claims inside Mini Apps or dApps. Unless campaign terms are confirmed on Tonkeeper’s official site or blog, consider all reward or airdrop offers as unverified. Never share your seed phrase, scrutinize all app permissions, and beware of signing prompts that do not clearly state their purpose and amount.
Reviewing Connected Apps and Permissions
Before interacting with new Mini Apps or dApps, check which apps are connected to Tonkeeper and what permissions they have. Every wallet prompt, connection, or transaction request should be treated as a request to access your funds or data. The wallet interface enables users to view and disconnect apps at any time. Unfamiliar or suspicious connections should be removed promptly. Verify app identities and review transaction details carefully before approving any wallet prompt.
Every time you connect to a new Mini App or sign a transaction, carefully read both the user interface and the technical wallet summary. Approving unknown permissions or unexplained signing actions can expose your crypto to theft or unintended transfer, and there is no possibility to reverse a malicious transaction on the TON blockchain. Prevention is your only defense.
TON Drop Hub take: Don’t rely solely on the default connection list. Manually disconnect anything unusual, compare each prompt with official Tonkeeper domains, and reject unclear requests. Avoid trusting any promotional, reward, or quest offer unless the terms are published by a verified source.
Disconnecting and Avoiding Untrusted Mini Apps
Disconnecting from untrusted Mini Apps is necessary whenever a connected app requests unclear permissions or tries to prompt a suspicious transaction. Tonkeeper’s workflow is designed for user review of wallet permissions before signing any message or transaction. Always inspect what a Mini App requests and whether the action matches your intentions. If you encounter wallet prompts that are difficult to interpret, or if an app attempts to access unrelated features, disconnect immediately.
Currently, Tonkeeper does not provide a universal “disconnect all” control or automated tool to manage Mini App disconnections. Users must manually remove individual Mini Apps by accessing the wallet’s connected apps panel. Any updates to streamline this process remain unconfirmed.
Key outstanding questions include the status of official Mini App whitelisting and how permission review may improve in future wallet versions. For now, only connect to Mini Apps you can trace to Tonkeeper's official site, and recheck wallet prompts before every transaction. Treat any promotional reward claims from new Mini Apps as unconfirmed until verified on Tonkeeper’s channels.
TON Drop Hub take: Manual review and disconnection are your main safeguards. Careful personal inspection is essential as wallet-powered integrations expand.
Tonkeeper’s non-custodial design gives wallet owners full responsibility for managing access, permissions, and transaction approvals. Before connecting to any new Mini App, always review transaction details and disconnect unknown or suspicious apps from wallet settings. Rely on Tonkeeper’s primary site for identity checks, and avoid trusting links or prompts that aren’t verified.
TON Drop Hub take: Mini Apps introduce new opportunities, but each connection point is final if approval is mishandled. Double-check all permissions and origins before proceeding in Tonkeeper.
For additional guidance, explore TON wallet safety guides.
Source reference: original source.