Ethereum launches clear signing standard

Ethereum wallet security has had a dumb weak point for years. The last click — the approval screen — often shows users a blob of hex, a vague permission, or a contract call only a developer could parse. That is how a lot of thefts actually finish. Not with some cinematic onchain exploit, but with a user signing something they do not understand. On May 12, an Ethereum working group backed by the Ethereum Foundation launched Clear Signing to fix that, with ERC-7730 as the core format and a public registry to distribute the descriptions. ### What is “clear signing”? Basically, it is a way to make wallet approvals read like normal language. Instead of showing raw calldata or a generic function name, a wallet can show the practical effect of the transaction — send this token, receive that token, interact with this protocol, approve this spender. Ethereum’s own example is simple: a wallet could display “Swap 1,000 USDC for at least 0.42 WETH” instead of a selector plus integer fields. (blog.ethereum.org) ### What launched this week? The launch was bigger than just an old proposal getting a mention. The group rolled out an open standard, a registry for descriptors, and supporting infrastructure the Ethereum Foundation says it will help steward through its Trillion Dollar Security Initiative. The point is to give wallets one shared place to fetch these human-readable descriptions and one shared format for rendering them. (ethereum.org) ### What does ERC-7730 actually do? ERC-7730 is a JSON format. It binds a descriptor to a real contract address and chain, adds metadata about the project, and maps function signatures to readable labels and field formats. That means a wallet can take an ugly machine-level input like a uint256 token amount and render it with the right decimals, ticker, and context. The standard also covers more than plain transactions — it is designed for EVM calldata, EIP-712 typed messages, and EIP-4337 user operations. (blog.ethereum.org) ### Why not just decode the contract call? Wallets already do some decoding, but only when they recognize the contract and trust their own interpretation. That breaks down fast with new apps, compromised frontends, offline devices, proxy patterns, and phishing flows that rely on users seeing something technically accurate but practically meaningless. Clear Signing adds intent and presentation rules on top of raw decoding. (eips.ethereum.org) Think of it as the difference between reading database fields and reading the sentence those fields are supposed to mean. ### Why keep descriptors outside the transaction? Because that makes the system usable right now. Ethereum’s tutorial spells out that descriptors are separate from the contract, so existing protocols can add support without redeploying code. The registry model also lets wallets fetch updates and lets independent parties review whether a descriptor is honest. That is the tradeoff — more flexibility, but also a need for trusted curation. (ethereum.org) ### So who decides what is trustworthy? Not one central signer, at least in theory. Anyone can contribute descriptors, and the launch post says accuracy is checked through independent reviews and attestations, while wallets choose which sources they trust. The Foundation is trying to play neutral infrastructure host here, not the sole arbiter of truth. But wallets still need policies for which attestations count and how to handle conflicts or malicious submissions. (ethereum.org) ### What is the catch? Adoption. A standard does nothing on its own. Wallets need to support ERC-7730. Protocol teams need to publish descriptors. Registries and review systems need to stay current. Ethereum’s own developer docs note that verified ABIs and descriptor submission are part of the flow, so there is real integration work here. If the big wallets and big apps move quickly, approval screens get safer fast. (blog.ethereum.org) If not, blind signing stays the default in too many places. ### Bottom line? Ethereum did not solve wallet phishing in one day. But it finally shipped a serious shared standard for the exact screen where users most often lose. That matters — because in crypto, the last defense is often just one signature. (blog.ethereum.org) (ethereum.org)