These APIs will be used to avoid the misuse of funds by the DApp users
This feature will be used only with External Contract wallets ( like Argent , Gnosis) supported by Biconomy.
If you are using external contract wallets to enable meta transactions you need to use whitelisting APIs to whitelist your user's contract wallet and target addresses in order to avoid misuse.
If user contract wallet address and target addresses are not whitelisted then a hacker could use your DApps API Key to send gasless transaction to any smart contract e.g. Uniswap contracts via his contract wallet that is not even registered on your DApp and you would end up paying gas fees for his transaction.