CLI tool to revoke (remove) or delegate (set) EIP-7702 authorizations on Ethereum accounts using a separate gas sponsor account — so the compromised wallet does not need to hold ETH for gas fees. Works across 12 major EVM networks simultaneously.

EIP-7702 lets regular wallets (EOAs) temporarily behave like smart contracts by delegating execution to a contract address. This is powerful — but if a malicious actor tricks you into signing a delegation, they can drain your wallet.

The catch: if your wallet has no ETH for gas, you can't revoke the delegation yourself.

This tool splits the operation:

• Source wallet (the compromised one) signs the authorization — needs ZERO ETH
• Sponsor wallet broadcasts the transaction — pays gas fees

# Run directly without installation
npx eip7702-revoker --help

# Or install globally
npm install -g eip7702-revoker
eip7702-revoker --help

# Or clone and run locally
git clone https://github.com/Serge693/eip7702-revoker.git
cd eip7702-revoker
npm install
cp .env.example .env
# Edit .env with your private keys

# Revoke delegation on Base (default network)
npm run revoke

# Revoke on specific networks
npm run revoke -- --network base,ethereum,arbitrum

# Revoke on all 12 supported networks
npm run revoke:all

# Delegate to a contract
npm run delegate -- --network base --to 0xContractAddress...

# Delegate on all networks
npm run delegate:all

# Use with npx (no clone needed)
npx eip7702-revoker revoke --interactive

# Interactive mode without .env (tool prompts for keys)
npm run revoke -- --interactive

# Dry-run mode (simulate without broadcasting)
npm run revoke -- --dry-run

# JSON output (for scripting/automation)
npm run revoke -- --json

Note: zkSync Era uses a different transaction model and may not support EIP-7702 in the standard way. Proceed with caution.

Copy .env.example to .env and fill in:

• The source wallet only signs — no ETH needed, no transaction broadcast from it
• The sponsor wallet should be a separate account with minimal ETH
• Keys are validated for format before use
• Pre-flight checks verify RPC connectivity and sponsor balance
• Dry-run mode simulates without broadcasting
• Interactive mode keeps keys in memory only

npm run typecheck   # TypeScript type checking
npm run test        # Run tests
npm run lint        # Lint source code
npm run format      # Check formatting
npm run format:fix  # Auto-fix formatting

• Rewritten in TypeScript (all .mjs → .ts)
• Added test suite (vitest, 9 tests)
• Added ESLint + Prettier for code quality
• Added --interactive flag for key input without .env
• Added pre-flight checks: RPC health, sponsor balance
• Added zkSync compatibility warning
• MIN_SPONSOR_BALANCE is now enforced before sending
• EIP7702_VERIFY_DELAY is configurable via .env
• Added SILENT env var documentation
• All output and comments are in English

• Last stable JavaScript release
• Available on the v1.4.1 tag

Contributions are welcome! Here's how to help:

1. Fork the repository
2. Create a feature branch (git checkout -b feature/my-feature)
3. Make your changes
4. Run tests (npm test) and lint (npm run lint)
5. Commit and push
6. Open a Pull Request

Please ensure your code follows the existing style and all tests pass.

MIT © Serge693