The biggest threat to blockchain security is not bad code - it is bad decisions. Every year, hackers steal billions of dollars, but most losses do not come from breaking smart contracts. They come from convincing users to sign transactions they do not understand. The attack is not on the blockchain, it is on the human. For years, the industry has responded with the same advice: “Be careful what you sign.” However, that has proved inadequate. Unlimited token approvals, phishing attacks and misleading wallet prompts continue to exploit the gap between what users think they are authorising and what a smart contract will actually execute. Essentially, clear signing aims to eliminate that gap. By converting complex blockchain transactions into plain, human-readable language before they are approved, this could do for digital assets what HTTPS did for internet banking - i.e. transform security from something users are expected to understand into something built directly into the experience. If successful, clear signing may become one of the most important innovations in blockchain security, removing a major obstacle to institutional confidence and mainstream adoption. To understand why clear signing could become one of blockchain’s most important security upgrades, it helps to understand why approval attacks continue to succeed despite years of warnings. Every interaction with a decentralised exchange, lending platform or staking protocol requires users to grant permission for a smart contract to access tokens held in their wallet. To improve convenience, most applications ask for unlimited approval whereby allowing future transactions without repeatedly requesting permission. It creates a smoother user experience, but it does also create a hidden security liability.
A key problem is that these permissions often remain active indefinitely. A wallet may still contain unlimited spending approvals granted years earlier, long after a user has stopped using the application or forgotten it even exists. If that protocol is later compromised, changes ownership or contains a previously undiscovered vulnerability, those historic permissions can become an unexpected attack vector. Convenience today can become tomorrow’s security breach. Unsurprisingly, attackers exploit this weakness in two principal ways. The first is through sophisticated phishing websites that imitate legitimate DeFi applications, persuading users to approve malicious smart contracts instead of genuine ones. The second is more subtle - rather than attacking individual wallets directly, criminals wait for a trusted protocol to be compromised, then exploit the existing approvals that thousands of users have already granted. In many cases, victims never knowingly interact with the attacker at all. This is why blockchain security is increasingly becoming a human interface problem rather than a coding problem. The technology may perform exactly as designed but if users cannot clearly understand what they are authorising, the blockchain remains secure while their assets do not. Clear Signing aims to close that gap by ensuring users understand exactly what they are approving before a transaction is executed. If successful, it could remove one of the largest barriers to mainstream adoption, therefore replacing blind trust with informed consent. The DEX approval surface is particularly acute. Decentralised exchanges such as Uniswap, Curve and their EVM chain cousins have millions of wallets with limitless approvals. If the exchange contract is hacked, a user is misled into signing a malicious approval (or the approval is replayed on another network), then each approval can become an attack vector. Collateral delegation and borrowing permission systems produce intricate webs of interdependent permissions that even knowledgeable users struggle to verify.
Beyond Ethereum: cross-chain adoption pathway
The Ethereum environment inspired clear signing, although its approval attack vulnerability is not Ethereum-specific. Polygon, Arbitrum, Optimism, Base, Avalanche and dozens of more EVM-compatible chains share the ERC-20 approval method and signature interface flaws. Through differing technological design, Solana’s token delegation mechanism has similar concerns. Blockchain signing’s human-layer vulnerability is industry-wide, not network-specific. Each step of the cross-chain adoption stack has unique obstacles. Major software wallets such as MetaMask, Phantom, Rabby, Rainbow and their competitors support users across many chains at the wallet layer. These wallets must support ERC-7730 metadata for Ethereum contracts and provide metadata frameworks for Solana program interactions, Polygon smart contracts and Arbitrum deployments to achieve clear signing. Although the technical work is significant, the wallet layer has the greatest immediate user impact: a user who sees a plain-language description of every transaction they sign, regardless of chain, receives continuous protection without needing to understand chain-specific differences. Solana is the most difficult to implement technically. The Solana program model differs considerably from EVM smart contract architecture; hence, transferring clear signing’s metadata approach to Solana involves creating new description formats that match Solana program instructions. Several Solana wallet projects are working on these issues, and the ecosystem’s history of rapid protocol iteration implies that technological adaptation will continue, although it will take longer than Ethereum installation.
Clear signing: closing the deadliest gap in blockchain
Smart contract bugs make headlines; approval exploits quietly bleed users dry. The real vulnerability is not code, it is comprehension. Most users lose money, not because of re-entrancy attacks, but because they authorise transactions they do not truly understand. Unlimited approvals, hidden permissions and signature tricks have stolen far more from everyday users than sophisticated protocol hacks. Clear signing changes that. Originally an Ethereum proposal, it is rapidly becoming a cross-chain standard for human-readable transaction descriptions. By making every approval explicit and verifiable, across wallets and protocols, it attacks the root cause of hundreds of millions in losses: the dangerous gap between what users think they are signing and what they actually authorise. This is not another user education campaign - it is infrastructure that finally puts clarity where it belongs before the signature is given. In a world of AI agents and autonomous transactions, readable signing may soon separate viable consumer blockchain products from the rest.
For years, the industry gambled on user education - it failed. No amount of guides, warnings or Twitter/X threads can teach the average person to analyse smart contract bytecode or spot malicious approvals in real time. The result? Hundreds of millions lost to the simplest attack vector in crypto: signing something you do not understand. Clear signing flips the script - by turning complex transaction data into clear, human-readable descriptions, standardised across chains and wallets, it removes the need for users to become security experts. What used to require deep technical knowledge now becomes as straightforward as reading a sentence. When every signature prompt tells you exactly what you are authorising - in plain language - the most expensive category of user error starts to disappear. Approval exploits, unlimited permissions and phishing-driven signatures lose their power when the user can actually see the consequences before they click.
In the age of AI agents executing thousands of micro-transactions, readable signing is not optional - it is the bare minimum for mainstream trust. The future of blockchain security will not be built on better education - it will be built on better interfaces. And clear signing is that interface. For businesses building wallets, DeFi protocols or custody solutions, adopting clear signing is becoming a competitive necessity. It reduces user error, lowers support costs, decreases exploit-related reputational damage and builds trust at scale. In an industry where user confidence is the ultimate moat, standardised transaction clarity is not just a security upgrade - it is a powerful commercial advantage that accelerates mainstream adoption.
This article first appeared in Digital Bytes (7th of July, 2026), a weekly newsletter by Jonny Fry of Team Blockchain.
