Clear Signatures: Making Transaction Approvals More Secure on Ethereum
The Ethereum Working Group, comprised of wallet developers, security companies, and the Ethereum Foundation’s Trillion Dollar Security Initiative, today launched an open standard designed to end blind signing, a structural flaw that has led to the loss of billions of users, including the Bybit hack. The Ethereum Foundation’s Trillion Dollar Security Initiative is taking an active role as a trusted neutral administrator of the Clear Signing registry.
Across major attacks on cryptocurrency and blockchain applications, the final step is often the user approving the transaction, rather than a bug in the code. Even when a breach is initiated by phishing or infrastructure compromise, the final step is typically confirmation that cannot be meaningfully understood by users. Transaction approvals are your last line of defense when it comes to controlling what happens to your assets on the blockchain. If done blindly, that defense will not hold up.
To ensure that users and institutions can comfortably store and interact with trillions of dollars worth of assets on Ethereum, What You See Is What You Sign (WYSIWYS) should be our goal and clear signatures should be the default.
Approving a transaction today often means trying to understand what you’re trying to do based on information that isn’t designed for people to read. In high-risk situations, users may use a separate device to double-check their details, especially if the app they are using may be compromised. In practice, this information is accurate, but it is often presented in a low-level, machine-readable format that is difficult to interpret without technical expertise.
What is needed is a way for both existing and new applications on Ethereum to provide clear, human-readable, structured descriptions of what a transaction will do, so that wallets can provide this information to users consistently and reliably. Achieving this requires a shared format for these descriptions (ERC-7730), a registry to store and distribute them, a way to ensure they are accurate, and a trusted neutral party supporting the infrastructure along with tools that will make it easy for wallets and developers to adopt this approach.
Can anyone provide an explanation of this system? Accuracy is verified through independent review and verification, and the wallet determines which sources are trustworthy. Although these descriptors are not directly included in the transaction and are provided with the transaction, this approach allows independent verification of correctness while supporting both existing and new applications.
The Ethereum Foundation’s $1 Trillion Security Initiative is committed to helping make Clear Signing the default on Ethereum by hosting this infrastructure, supporting its development using tools built and maintained by contributors across the ecosystem, and encouraging adoption through Clearsigning.org.
We encourage wallet developers to adopt this approach and integrate support for clear, human-readable transaction confirmations. Developers building applications are encouraged to provide an accurate description of what a transaction does, and security experts are encouraged to review and certify the accuracy of that transaction. Information about available tools, including Rust and TypeScript libraries funded through 1TS, can be found at Clearsigning.org.
By switching to Clear Signing, we are strengthening our last line of defense and making the Ethereum ecosystem safer, more accessible, and better prepared for the next generation of user and institutional adoption.
We would like to recognize and recognize Ledger for starting ERC-7730 and the initial tooling, infrastructure, and training efforts. This is an intentionally multi-stakeholder effort across research, library development, auditing, and moderation, involving teams including ZKnox, Sourcify, Cyfrin, Zama, WalletConnect, Fireblocks, Trezor, Keycard, MetaMask, Argot, and independent contributors from across the ecosystem.
