An Ethereum working group comprising wallet developers, security firms, and the Ethereum Foundation's Trillion Dollar Security Initiative launched Clear Signing on Tuesday. This open standard is designed to eliminate blind signing, a long-standing security flaw that has caused billions in user losses. Blind signing involves approving hexadecimal data without understanding its true intent, which attackers exploit by making malicious requests appear legitimate. High-profile incidents like the $1.5B Bybit exploit and $235M WazirX breach used this technique. The working group includes Ledger, Trezor, MetaMask, WalletConnect, and Fireblocks. Trezor CTO Tomáš Sušánka emphasized that the standard addresses a fundamental vulnerability, making it much harder for attackers to hide transaction intent. The initiative is expected to be adopted widely across wallet providers, significantly enhancing security for Ethereum users.

Key facts

• Clear Signing open standard launched by Ethereum working group to combat blind signing
• Blind signing caused billions in losses; exploited in Bybit, WazirX hacks
• Working group includes Ledger, Trezor, MetaMask, WalletConnect, Fireblocks
• Standard aims to make transaction intent transparent at signing point

KeyAudit data perspective