Ethereum, Ledger, Trezor, MetaMask Join New Security Feature...End of Blind Signing Era

▲ Ethereum (ETH)

Contributors to the Ethereum (ETH) ecosystem have unveiled a new security feature called ‘Clear Signing’ that allows users to clearly verify transaction details before approving them. This feature focuses on reducing the risk of asset loss due to malicious transaction approvals by converting hexadecimal data, which is difficult for users to read during the blind signing process, into human-readable transaction descriptions.

Cointelegraph reported on the 13th that Ledger, Trezor, MetaMask, Keycard, WalletConnect, Argot, and Fireblocks are among the initial platforms to adopt and contribute to Clear Signing. This feature is designed to ensure users confirm what they are actually signing before approving asset movements on the blockchain.

The Ethereum Foundation pointed out that while transaction approval is the last line of defense in controlling blockchain assets, this defense mechanism fails if it is performed in a blind state. The foundation characterized blind signing as a "structural flaw" and cited it as a factor contributing to billions of dollars in losses, including the $1.4 billion Bybit hack last year.

Tomáš Sušánka, CTO of Trezor, stated that attackers have continuously exploited the absence of comprehensive security features that can distinguish between malicious smart contracts and legitimate transactions. He explained that there have been cases where users unknowingly signed and lost all their assets, and Clear Signing directly addresses this problem by displaying transactions in a human-readable form before approval.

Clear Signing was introduced through the Ethereum Foundation's ‘Trillion Dollar Security Initiative’ and was initiated by Ledger through the open-source ERC-7730 token standard. Key components include human-readable transaction descriptions, a neutral and replicable descriptor registry, and an attestation framework that allows auditors to verify these descriptors.

Trezor aims to implement this security feature by June 30th. Sušánka evaluated the introduction of Clear Signing as a measure for user protection and a significant security advancement for the entire industry. Keycard, WalletConnect, Argot, Sourcify, Zama, ZKnox, and Fireblocks also contributed to the development of this feature.

*Disclaimer: This article is for investment reference only, and we are not responsible for any investment losses based on it. The content should be interpreted for informational purposes only.*