In brief
- Ethereum developers proposed a fix to blind signing, the act of signing transactions without easily understandable language on what will happen.
- The solution, "clear signing," would let users sign transactions in a "what you see is what you sign" format.
- The effort is being built by the Ethereum Foundation, Ledger, Trezor, and others industry builders.
A group of Ethereum developers and advocates has put forward a plan to end “blind signing,” a technical feature of Ethereum’s transaction flow that has led to potentially billions in lost funds, highlighted by last year’s nearly $1.5 billion Bybit hack—the largest crypto hack of all time.
The “clear signing” open standard seeks to end the practice of blind signing—or approving transitions by interpreting “low-level, machine-readable formats that are accurate but difficult to interpret without technical expertise”—by providing users with information in a “what you see is what you sign” format.
“Approving a transaction is meant to be the last line of defense when exercising control over what happens to your assets on the blockchain,” an Ethereum Foundation blog post about the standard reads. “When it is done blindly, that defense does not hold.”
The working group behind the standard includes the Ethereum Foundation, hardware wallet firms Ledger and Trezor, and self-custody wallet providers MetaMask and WalletConnect, among others.
Working off of existing clear signing efforts, the group’s solution leverages a pair of existing Ethereum Improvement Proposals—Ledger’s previous work on ERC-7730, a standard for human-readable transaction descriptions, and ERC-8176, which builds an attestation and integrity framework.
The solution also makes use of a decentralized off-chain registry for descriptor distribution and developer tooling and SDKs.
“By moving to clear signing, we are strengthening the last line of defense and making the Ethereum ecosystem safer, more accessible, and better prepared for the next wave of users and institutional adoption,” the Ethereum Foundation wrote.
As part of the effort, the Ethereum Foundation’s Trillion Dollar Security Initiative will act as a “credibly neutral steward” of the clear signing registry.
The Trillion Dollar Security Initiative was launched last May in an effort to make the layer-1 network robust enough to potentially support billions of users securely holding more than $1,000 directly on-chain.
Other security focuses for the initiative include mitigating quantum computing risks, front-end hacks and on-chain security, and UX focuses that cater to speed over security.