Analysis May 12, 2026

Ethereum Foundation's Clear Signing Standard Is a Real Fix With Real Limits

Ethereum Foundation Clear Signing standard announcement visual

The Ethereum Foundation has formalised a transaction readability standard built on ERC-7730, requiring dApps to supply human-readable descriptions before users approve on-chain actions. The standard directly targets approval phishing, which drained an estimated $374 million from wallets in 2023 alone. Whether enough of the ecosystem moves fast enough to implement it is a separate, harder question.

$374M Lost to approval phishing in 2023 (Chainalysis 2024 Crypto Crime Report)
60%+ Of surveyed users admitted approving transactions without reading the permission scope (Uniswap Labs, 2023)
<2,000 Verified contracts covered by Ledger's early Clear Signing rollout out of hundreds of thousands deployed on mainnet

The Thesis

Clear Signing is a necessary but insufficient fix. It solves the readability layer of the blind signing problem, giving wallets a structured format to display what a transaction actually does before the user taps approve. What it does not solve is the culture around signing: most users skip permission screens, wallet adoption of any new standard takes years to reach critical mass, and dApp developers facing new compliance burdens often drag their feet. The standard makes phishing harder. It does not make users more careful.

Making a warning legible is not the same as making users read it. The friction that protects people is the friction they refuse to add.

Why It Matters

The people most exposed are retail DeFi users on mobile wallets. They interact with token approval prompts dozens of times a month and most cannot parse hexadecimal calldata, the raw format that wallets have historically displayed when no human-readable metadata exists. When an attacker mimics a legitimate dApp front end and serves a malicious approval transaction, a user staring at a string of hex has no practical way to verify what they are signing.

Hardware wallet owners using Ledger or Trezor are the immediate target audience for the standard. Blind signing has been the default on-device experience for years, meaning even technically careful users holding crypto in cold storage were often approving transactions they could not read. Ledger faced significant public backlash in 2023 over an unrelated firmware issue, and its partial Clear Signing rollout that same year was a direct response to that pressure.

DApp developers are also affected in a new way. Teams that are slow to supply the structured metadata required by the standard risk being flagged or deprioritised in wallets that implement it. That creates a compliance incentive for developers that did not exist before, though enforcement depends entirely on wallet-side adoption.

What Changed

The Ethereum Foundation, working alongside EIP contributors and hardware wallet vendors, formally published the Clear Signing initiative in Q1 2025. The technical core is ERC-7730, a proposal that defines a structured metadata format. Under the standard, dApps are expected to provide human-readable transaction descriptions, and wallets are expected to surface those descriptions to users before approval is requested.

ERC-7730 was drafted with contributions from Ledger, Rabby, and WalletConnect as of early 2025. That vendor participation matters because a standard without wallet buy-in is a document, not a change. The fact that three major wallet-side players were involved from the drafting stage signals broader intent to ship, though involvement in drafting does not guarantee or set a timeline for deployment.

Ledger had already moved in this direction before the formal standard arrived. It shipped Clear Signing support for select ERC-20 contracts in late 2023, covering fewer than 2,000 verified contracts. That figure, placed against the hundreds of thousands of contracts deployed on Ethereum mainnet, shows the scale of the remaining work.

The Evidence

The $374 million figure for 2023 approval phishing losses comes from the Chainalysis 2024 Crypto Crime Report, which specifically identified token approval abuse as a distinct and growing attack category. The February 2024 FixedFloat exploit, which drained approximately $47 million, highlighted how compromised front-end approval flows could be weaponised at scale even against users who believed they were interacting with a trusted interface.

MetaMask's 2023 security transparency update reported that fewer than 30% of transactions reviewed by its Security Alerts feature were flagged before user confirmation. That gap between detection capability and actual prevention underscores the argument that tooling alone does not change outcomes if users are not conditioned to pause.

The Uniswap Labs internal user study from 2023, cited in subsequent EIP discussions, found that over 60% of surveyed users admitted to approving transactions without fully reading the permission scope. That number is striking because it comes from Uniswap's own user base, a group more technically engaged than average DeFi participants. Among less sophisticated users, the share who skip reading is likely higher, not lower.

The case against this

The strongest version of the counterargument is that clear display really does reduce harm, even if it does not eliminate it, and that marginal improvement at scale has real dollar value. If even 20% of the $374 million lost in 2023 could have been avoided by a readable prompt, that is roughly $75 million in prevented losses per year. At that scale, calling the standard insufficient without crediting what it actually prevents is a harsh framing.

There is also a version of the adoption argument that runs in the standard's favour. Unlike most EIPs, ERC-7730 had wallet vendors at the table from the start. Ledger, Rabby, and WalletConnect each have commercial incentives to be seen as the safe wallet option. A readable approval flow is a feature users can point to. That competitive pressure could accelerate adoption faster than historical EIP rollout patterns would predict.

Finally, the user apathy problem, while real, is not fixed. User behaviour does change in response to high-profile losses. After major approval phishing incidents receive news coverage, short-term caution increases. A readable prompt during that window of heightened attention could make the difference between a drained wallet and a cancelled transaction.

What would change this thesis:

  • If all three of Ledger, Rabby, and WalletConnect ship full ERC-7730 support covering the top 10,000 contracts by transaction volume within 18 months, the adoption gap argument weakens considerably.
  • If measurable approval phishing losses drop more than 40% year over year in the Chainalysis 2025 report, the standard's practical impact would be hard to dismiss regardless of theoretical concerns about user behaviour.
  • If major dApp platforms such as Uniswap, Aave, and Lido integrate Clear Signing metadata quickly and make it a visible trust signal in their interfaces, the compliance burden argument inverts and early adoption becomes a competitive advantage.
  • If on-chain data shows a statistically meaningful reduction in unlimited token approval grants following wallet-side Clear Signing rollouts, that would be direct evidence the friction is working as intended.

What to Watch Next

The clearest near-term signal is how many contracts Ledger's verified metadata database covers by the end of 2026. The late 2023 rollout covered fewer than 2,000 contracts. If that number does not grow by at least an order of magnitude within two years of the formal standard's publication, the coverage gap will remain large enough to limit real-world impact.

Watch whether MetaMask adopts ERC-7730 metadata in its transaction display. MetaMask processes more transactions per month than any other wallet by a significant margin. Its adoption or non-adoption will determine whether the standard reaches the majority of active Ethereum users or remains a hardware wallet feature.

The Chainalysis 2025 Crypto Crime Report, expected in early 2026, will be the first dataset that could show a measurable directional change in approval phishing losses following the standard's formal launch. A flat or rising number would signal that tooling alone is not moving the needle.

Data used in this article:
  • Chainalysis 2024 Crypto Crime Report, approval phishing losses estimate ($374M, 2023 calendar year). Published February 2024.
  • ERC-7730 proposal and associated EIP discussion thread on ethereum/EIPs GitHub repository. Accessed May 2026.
  • Ledger security blog, Clear Signing rollout announcement for select ERC-20 contracts. Published late 2023.
  • Uniswap Labs internal user study (2023), cited in EIP discussion threads. Survey sample and methodology not publicly disclosed in full detail.
  • MetaMask 2023 Security Transparency Update. Published 2024.

Independent analysis on crypto and AI, delivered when the story matters.

Subscribe to CryptoPickr →

CryptoPickr may earn from ads, sponsorships, or affiliate links. Compensation does not affect editorial conclusions. Sources: Chainalysis 2024 Crypto Crime Report; ERC-7730 Ethereum Improvement Proposal; Ledger security blog; MetaMask 2023 Security Transparency Update; Uniswap Labs internal user study (2023, cited in EIP discussions).