Ethereum Foundation Launches Clear Signing Standard — Finally Putting an End to “Blind Signing” and Billion-Dollar Drains
On May 12, 2026, the Ethereum Foundation dropped what might be one of the most important security upgrades in the history of crypto wallets: Clear Signing.
No more approving mysterious hex strings. No more “trust me bro” transaction approvals. From now on, when you sign something on Ethereum, you’ll actually see — in plain English — exactly what you’re approving.
The Problem Everyone Knew Was Deadly
When you connect your wallet to a dApp, most interfaces show you either:
- A beautifully designed UI that says “Swap” or “Approve”, or
- A raw, incomprehensible wall of hexadecimal calldata in the wallet itself.
The gap between what the dApp shows you and what you’re actually signing is the perfect attack vector. Malicious dApps (or compromised legitimate ones) can hide draining transactions behind innocent-looking buttons.
This exact flaw was a key part of how the North Korean Lazarus Group stole $1.4 billion from Bybit in one of the largest hacks in crypto history.
Blind signing has been consistently ranked in the top-2 causes of major user losses with hardware wallets. Total ecosystem damage? Billions of dollars.
Clear Signing: “What You See Is What You Sign” (WYSIWYS) Becomes Reality
Instead of seeing a 200-character hex string, your wallet will now display something like:
“Swap 100 USDC for 0.042 ETH on Uniswap V3”
or
“Approve spending 1,000 USDC by 0x… (Uniswap Router)”
No more guessing. No more “I hope this is safe.”
How It Actually Works (Powered by ERC-7730)
Here’s the flow:
- Smart contracts (or their developers) publish a **descriptor file** that explains what each function actually does.
- When you’re about to sign a transaction, the wallet fetches the relevant descriptor + the raw calldata.
- It reconstructs the call into clear, human-readable text.
- You see the real intent before you approve.
The entire system is built on three pillars:
- ERC-7730 — the shared format for descriptions.
- Public registry — a neutral, mirrorable database where descriptors are stored and distributed.
- Independent verification — security researchers review and cryptographically attest that the descriptions are accurate and honest.
Wallets decide which sources they trust. The whole thing is designed to be decentralized, transparent, and resistant to manipulation.
From Ledger’s Idea to Ethereum Foundation Stewardship
The EF’s Trillion Dollar Security Initiative is taking over the registry infrastructure, funding open-source tooling (Rust + TypeScript libraries), and pushing for widespread adoption. The official home for everything is now clearsigning.org
Also read:
- The Perfect Degenerate Time-Killer: Halupedia — The Infinite Hallucinating Wikipedia
- WooCommerce + AI in 2026: The Tools, Plugins and Workflows That Actually Save Time
- Finally, Something Truly New from Mira Murati (And Yes — the $2 Billion Was Absolutely Worth It)
Why This Matters More Than Most Upgrades
We’re no longer in the “move fast and break things” era. Ethereum is maturing into infrastructure that institutions and trillions of dollars will eventually sit on.
As the Ethereum Foundation put it:
“For users and institutions to feel comfortable storing and interacting with assets on Ethereum that amount to trillions, ‘What You See Is What You Sign’ (WYSIWYS) must be our goal, and Clear Signing must be the default.”
This isn’t just another security patch. It’s a structural fix to one of the ecosystem’s longest-standing and most expensive vulnerabilities.
Wallet developers are already being called on to integrate it. dApp teams are encouraged to publish accurate descriptors for their contracts. Security researchers can start reviewing and attesting descriptors right away.
The era of blind signing is officially on notice.
Read the full announcement:
Clear Signing: Making Transaction Approvals Safer on Ethereum
Official resources: clearsigning.org
Finally, signing a transaction on Ethereum might actually feel safe. About time.