The Ethereum Foundation just launched an open standard called Clear Signing — and it’s pointing straight at the wallet flaw that helped attackers walk away with $1.5 billion in the Bybit hack. The new system replaces the unreadable code on transaction screens, so you can actually see what you’re approving. Here’s how it works and why it matters for anyone who holds crypto in a self-custody wallet.
What the Ethereum Foundation actually announced
On 12 May 2026, the Ethereum Foundation rolled out the Ethereum Clear Signing standard, an open framework that wallets across the ecosystem can plug into. The whole point is to end “blind signing,” which is the practice of approving a transaction when your wallet only shows you a wall of hexadecimal code instead of a sentence you can read.
We’ve all seen those approval pop-ups. They look like a jumble of letters and numbers — the kind of thing you click through because it feels official.
The Foundation now wants to flip that experience on its head with a simple “What You See Is What You Sign” model.
Backing it are some of the biggest names in wallet infrastructure: Ledger, Trezor, MetaMask, WalletConnect, Fireblocks, and security firm Cyfrin, among others. Trezor and Ledger say they will update firmware and companion apps to implement the standard.
Why the Bybit hack pushed this forward
To understand why the Foundation moved on this now, you need to look back at February 2025. During what appeared to be a routine transfer from Bybit’s Ethereum cold wallet to a hot wallet, Bybit unknowingly signed the malicious transaction, enabling the attackers to move approximately 401,000 ETH — valued at nearly $1.5 billion at the time of the exploit — to addresses under their control.
The attackers, widely linked to North Korea’s Lazarus Group, the same team in the $292M Kelp DAO hack, didn’t break the smart contract or crack a private key. They tampered with the user interface that Bybit’s signers were looking at. The signing screen showed a normal transaction. The actual transaction being signed was a malicious contract swap.
That gap — between what the wallet displayed and what users were really authorizing — is exactly what the new Ethereum wallet security push aims to close.
The Foundation explicitly named the Bybit incident in its announcement, calling it a textbook case of how blind signing has fed billions in losses across the industry. And Bybit wasn’t a one-off.
How Clear Signing works
The Ethereum Clear Signing standard isn’t a single piece of software. It’s a combination of two existing Ethereum Improvement Proposals that finally got bundled into something wallets can adopt at scale.
- The first, ERC-7730, was originally proposed by Ledger. It defines a shared JSON format that translates raw transaction data into something readable — for example, “Swap 1,000 USDC for at least 0.42 WETH on Uniswap V3” instead of a function selector and a list of integers.
- The second, ERC-8176, is the trust layer. It lets independent auditors cryptographically sign off on those descriptions so wallets can verify they’re accurate.
Anyone can contribute a descriptor to the public registry hosted at clearsigning.org. Auditors then review them. Each wallet decides which sources it trusts. Nothing on the blockchain itself needs to change — descriptions live off-chain.
What this means for crypto users
If you’ve ever clicked “Approve” on a MetaMask pop-up without fully understanding what you were signing, this update is for you. We think the most important thing here isn’t the technical detail — it’s the user experience shift.
Right now, signing a crypto transaction can feel like agreeing to terms in a language you don’t speak. After the standard rolls out across major wallets, the same pop-up will show you the asset moving, the recipient, and the exact permission you’re granting, in plain English.
That matters most for the people who are usually rushing — the trader chasing a fresh listing, the wallet user catching the next memecoin breakout, the buyer minting at peak hype. Those are exactly the moments when fake dApps and phishing sites bury malicious approvals in the noise, and they’re the moments clear signing is built for.
The catch? Coverage depends on developers writing ERC-7730 descriptors for their contracts. Adoption won’t be instant.
But Trezor’s CTO, Tomas Susanka, told CoinDesk that the company plans to ship transaction decoding into readable formats early in Q2 2026 and full human-readable signing later in Q2.
The bigger picture for Ethereum security in 2026
The Ethereum Foundation announced the launch through its official X account, writing: “Clear Signing is now live. An open standard to end blind signing, making human-readable transactions default.” The post framed the move as both a user experience and a security upgrade.
This sits inside a much larger push the Foundation is calling its Trillion Dollar Security Initiative — basically, the project of getting Ethereum ready for the moment when billions of dollars sit directly on-chain in everyday wallets.
We see this as one of the more important security shifts in years, especially given how often retail users get drained through approval-based attacks rather than code exploits.
The standard won’t catch every scam. Wallets still have to opt in, and not every contract will have a descriptor on day one. But it removes a huge profit zone for attackers.
Our advice is simple: keep an eye on your wallet’s update notes. If you’re using Ledger, Trezor, MetaMask, or WalletConnect, the support is coming in the next few weeks. When you see the upgrade, take it.
The post Ethereum Proposed Clear Signing Fix Vulnerabilities $1.5B Bybit Hack appeared first on Memeburn.
