A group of Ethereum developers and ecosystem actors, including the Ethereum Foundation, Ledger, Trezor, MetaMask, and WalletConnect, have proposed an open standard called 'clear signing' to replace the current 'blind signing' practice. Blind signing requires users to approve transactions by interpreting low-level, machine-readable data, which has led to billions in losses, notably the $1.5 billion Bybit hack in 2024. The new standard aims to present transaction details in a 'what you see is what you sign' format, making it easier for users to understand what they are approving. The solution leverages existing Ethereum Improvement Proposals: ERC-7730 for human-readable transaction descriptions and ERC-8176 for attestation and integrity. It also uses a decentralized off-chain registry for descriptor distribution, along with developer tooling and SDKs. The Ethereum Foundation's Trillion Dollar Security Initiative will act as a neutral steward for the registry. This initiative, launched in May 2024, focuses on enhancing L1 security to support billions of users holding over $1,000 on-chain, addressing risks like quantum computing, front-end hacks, and UX trade-offs. The clear signing standard is seen as a critical step to strengthen the last line of defense for user assets.

Key facts

• Clear signing standard aims to replace blind signing with human-readable transaction details.
• Ledger, Trezor, MetaMask, WalletConnect, and Ethereum Foundation co-build the standard.
• Uses ERC-7730 for descriptions and ERC-8176 for attestations and integrity.
• Decentralized off-chain registry distributes transaction descriptors.
• Trillion Dollar Security Initiative acts as neutral steward of the registry.

KeyAudit data perspective