Crypto’s Greatest Weakness? Blind Signing, Explained

Medium Sep 29, 2021 · 7 min read

Key Takeaways:
– Following the incredible rise of DeFi and NFT dApps, users are interacting with smart contracts in ever more complex ways. And scammers are always on the lookout for new vulnerabilities. 
Blind signing is one of the lesser known tricks being leveraged by scammers to steal your assets.
– The smart contracts used in present-day dApps and NFTs have posed a challenge for the current generation of crypto wallets because their code – containing key contract details – cannot be fully extracted and displayed, thus, users sign without knowing what they are signing. 
– With crypto bursting into the mainstream, more and more people are becoming educated about how to keep their assets secure, and there are less opportunities for scammers to gain access to your assets. So instead of trying to break the door open – they are relying on you to open it for them by tricking you into blind signing. 
– At Ledger, our mission is to bring absolute transparency and security to every one of your transactions – that means being able to read your contract data each time you sign. Our latest upgrade achieves that by providing clear signing for every integrated dApp.
Though blind signing is still required for dApps that are not part of Ledger Live yet, this can be done safely by following these steps.

If you’ve been hearing about blind signing, but you’re not sure what it means, then look no further. Here, we explain the concept.

If you’re reading this, you already know that crypto is a hot property. Whether your thing is coins, tokens or NFTs, we all have a vested interest in keeping our assets safe. “I know!” you say. Never give my private keys or share my recovery phrase with anyone. Well that’s true, but it’s not the end of the story.

Following the incredible rise of DeFi and dApps within the cryptosphere, users are interacting with smart contracts in ever more complex ways. And scammers are always on the lookout for new vulnerabilities in the transaction process, this has naturally led to a new generation of scams designed to part you from your hard earned crypto assets. And they can also be hard to detect, even for a crypto pro.

Blind signing is one of the lesser known tricks being leveraged by scammers to steal your assets. Here, we will explain what a blind signature is, how blind signing scams work – and tell you how you can avoid them.

What is Blind Signing?

Before discussing how this concept operates digitally, let’s start from the pen-and-paper basics of the real world. Contracts exist to govern our relationships; whether it’s an employment contract requiring you to work 40 hours per week or a Netflix subscription that needs to be paid every month, when you sign a contract, you’re agreeing to do what it says. By signing, you indicate that you have seen and understood the conditions and consent to be bound by them.

Signing a Digital Contract

Smart contracts – the infrastructure that powers dApps, NFTs and many elements of DeFi – are a digital version of this. Let’s say you borrow some crypto from a lender, on the basis that each month you will pay back a set amount, with interest. When you verify the agreement using your private key, you are digitally signing the smart contract.

But what if you can’t actually see the contract? This brings us back to our original question. 

The smart contracts used in present-day dApps and NFTs have posed a challenge for the current generation of crypto wallets because their code – containing key contract details – cannot be fully extracted and displayed in a language that the user would understand. In other words, wallets are still playing catch-up with the latest options for consumers.

So How Does This Look for Me?

Let’s look at a real example to show how this affects your transactions. First of all we should start by clarifying – whenever you sign any transaction using your computer screen, you are technically blind signing.

Say you’re transacting through a soft wallet only: since your display screen (the computer or mobile) is connected to the internet, it is vulnerable to hacking. This means the screen showing the details of what you are signing can never be fully trusted – there is always a possibility that the screen has been hacked to show a false display, leaving you to sign for something else. By confirming the transaction, you are therefore “blind signing” – approving the transaction based on trust.

The point of using a hardware wallet such as the Ledger Nano is to eliminate this risk. Since your wallet serves as a secure, offline venue that is impenetrable to hackers, its screen will always show the true details of a given transaction. This is why our “Trusted Display” is invaluable in making sure you know exactly what you’re agreeing to.

However, although your Nano will always display accurate transaction details, this is only possible when those details are available. And this is not always the case.

Let’s say you’ve got the right security measures in place and that you’re making a swap using a combination of your Ledger device along with the soft wallet that’s connecting you to the dApp – good job! 

But, as we previously mentioned most software wallets i.e the middleware between your device and the dApp are unable to read and fully extract the smart contract elements of the transaction. This means that, even if you use your Ledger device to verify and complete the transaction, the device will be unable to show you full details –  since the middleware itself has nothing to transmit to it.

Instead, the device will simply show “Data Present”, leaving you unable to view key details such as action, price, receiving address etc before confirming. Here’s how that looks:

With no detail of what this contract entails, the only option here is to once again verify your transaction based on trust. This is why it’s called blind signing.

Described in this way, blind signing seems pretty risky, but most of us are guilty of doing it; when was the last time you read the user agreement for that new service you signed up to? The fact is that we base many of our decisions on the reputation of who we are transacting with.

Blind Signing Gives Rise to New Types of Fraud

With crypto bursting into the mainstream, more and more people are becoming educated about how to keep their assets secure, and there are less opportunities for scammers to gain access to your assets. So instead of trying to break the door open – they are relying on you to open it for them.

A prime example of this is NFT drops on lesser known websites – NFT mania has caused huge demand for these digital assets, and drops are designed to play on that excitement. But before you give a blind signature for an NFT drop, think – if it’s not a well known brand, can you be sure the transaction you’re verifying is what you think it is?

Private messages are another hotbed for this type of threat. A recent incident saw scammers posing as OpenSea tech admins on Discord. An experienced collector looking for technical help started a conversation about his account, believing he was talking to a service advisor. In the course of the chat the advisor asked him to approve a transaction call – showing no contract details – using his Ledger Nano. In reality, the transaction he was verifying provided access to his vault, and the advisor was really a fraud – the entire scenario was the staging for a scam.

This is a perfect example of how even an experienced crypto user can make a mistake, when the circumstances are convincing enough.

Don’t Trust – Verify

Rackets of this nature are all about social engineering. Scammers specialise in meticulously creating an environment where you trust them enough to let your guard down – in this instance, the victim trusted a blind transaction because he thought he was dealing with a reputable help desk.

And this type of scam is becoming all the more common because the sheer pace of evolution has made blind signing an industry norm. It’s time for the tools to catch up.

How Can I Ever Use dApps With Peace of Mind?

At Ledger, our mission is to bring absolute transparency and security to every one of your transactions – that means being able to read your contract data each time you sign. Our latest upgrade achieves that by providing clear signing for every integrated dApp. This eliminates the vulnerability faced by users to bring the most secure and fluid experience possible.

Our upgrade sees two big improvements that make this possible. Not only can your Nano now read and display smart contract information for a range of dApps; the recent launch of our App Catalogue within Ledger Live enables you to access a number of DeFi and dApps from within the security of your Ledger device, so you can use Ledger’s ecosystem as a secure gateway to the dApps and services you love. 

Let’s make blind signing a thing of the past!

Take a look at a ParaSwap transaction to show what this means for you:

As shown in the example above, instead of simply showing “Data Present”, the Nano can show full transaction details within the absolute security of its Trusted Display – so instead of trusting, you can now verify. 

With new integrations happening constantly, our Ledger’s App Catalogue is leading the industry for dApps security.

What if the dApp I Need Isn’t Integrated?

Since Ledger Live is an open source and open platform – no matter the project, you can write your own plugin to make it Ledger Live compatible and allow your users to clear sign. So why wait? 

In the mean-time, while our integrations expand, we understand that some transactions still need an intermediary wallet. If you’re verifying transactions through middlewares, you may still be asked to blind sign. Where this is the case, there are still a number of steps you can take to mitigate your risk of being scammed.

  • Don’t use dApps that you’ve never heard of before, always double check authenticity.
     
  • Be skeptical of DM’s on social media: if someone you don’t know is actively reaching out to you, consider the reasons why. Remember, it could be anyone (don’t link on links). 
  • No matter what type of transaction you’re doing, Ledger Nano is still a valuable tool for keeping your private keys offline at all times. Using it adds a layer of security to all of your interactions.
  • Oh…And never ever ever disclose your recovery phrase to anyone, save it on a device connected to the internet or enter in a software wallet, your ledger recovery phrase is only meant to be entered in your Ledger device  – one more time for the people at the back!

The Gatekeeper is You

Blind signing has two elements: it’s a technological gap that invites human error. That’s why your own judgement has never been so crucial.

No matter how advanced your wallet is, you are the last point of defense for your crypto assets. But by ensuring that every part of the transaction can be scrutinized by you, Ledger’s expanding App Catalogue empowers you to enjoy the incredible new options made possible by crypto, without submitting yourself to chance.

If you want to understand crypto scams – and how to avoid them – check out our School of Block episode getting In the Head of a Scammer.


Related article

Share this article