Blind signing scams remain prevalent in decentralized finance today. It’s an exploit where scammers create deceptive smart contracts to steal assets from crypto wallet users. But why is it called blind signing, and how can you avoid these exploits?
Smart contracts and blind signatures
Smart contracts are the building block of many dApps, NFTs, and sectors of DeFi. Suppose you wish to stake your cryptocurrency in a liquidity pool to earn a monthly yield. The liquidity protocol operates through smart contracts, which require access to the tokens in your wallet. Therefore, you need to grant their smart contracts access to your tokens.
When you sign this approval transaction with your hardware wallet's private key, it implies you agree with the smart contract’s terms and conditions and fully trust its code.
A blind signature means giving a smart contract access to tokens in your wallet without knowing the contract’s full details. In traditional finance, signing a contract implies understanding and agreeing to its terms. So, you can assume that blind signing is similar to signing a paper contract without fully reading its terms and conditions.
What if the smart contract does not provide its full information during signing?
Crypto wallets often face difficulties in displaying important information because of the complex code used in smart contracts. These contracts usually contain crucial contact details that cannot be easily extracted and presented in a language that users can understand.
Initially designed for simple blockchain transactions, hardware wallets now allow users to interact with complex smart contracts for DeFi through protocols such as WalletConnect. However, these protocols may not always present information in an easy-to-understand manner.
This can lead to situations where you have to sign transactions based on trust without a definitive guarantee of its contents.
Does a trusted display prevent blind signing scams?
Some might argue that using a trusted display wallet minimizes the risk of falling prey to blind-signing scams. In other words, a trusted display shows the user exactly what they’re signing.
A trusted display is a digital display that shows verified and authentic information, ensuring the presented information is accurate, reliable, and secure.
Here's an exciting thought. Can a trusted display present information that is simply not there? Such displays inherit the inherent drawbacks of a hardware wallet — smart contract code can be too complex. In addition, these displays can only show you whatever information the wallet’s chip can parse/decode from the smart contract — making it not so different from your mobile phone’s screen.
Unlike your mobile phone, which is one of the millions manufactured for various users, crypto wallets with “trusted displays” can be targeted and compromised by supply chain attacks—e.g., by replacing or reprogramming a non-secure chip inside the wallet.
How Tangem works around this issue
One critical advantage of Tangem Wallet over other hardware wallets is its durability. Our wallet has been subjected to ridiculous tests, including freezing, burning, gunfire, and the hydraulic press, yet it has remained functional. After all, the crypto space is in its Wild West phase — if you decide to be your own bank, you must ensure your vault is not easily broken into.
Adding a “trusted display” directly to the Tangem card poses a great risk to its reliability and security. These additional components often lack security certifications and might be prone to external influences, increasing the likelihood of failure. For instance, a supply chain attack could involve hackers substituting a genuine wallet display with a compromised counterfeit display.
The absence of a built-in display also offers Tangem Wallet users several advantages:
- A minimum service life of 25 years;
- Full IP68+ waterproof and dustproof;
- Extreme temperature resistance;
- Lightweight, similar to a bank card.
99% of attacks on wallet users aim to obtain seed phrases, private keys, or signatures without user authorization. Tangem offers the best possible protection against all of these attack vectors.
What if a fake Tangem app gets into the app stores?
How can you trust the Tangem app to show you the correct information if your smartphone is compromised?
Unlike web apps, desktop platforms, and browser extensions, compromising client-side mobile apps and/or device firmware en-masse is impossible. No known mobile malware can exploit apps like Tangem with a robust security architecture.
Mobile devices are 100% safe if bought from trusted vendors. Install official apps, and don't jailbreak the OS.
Reminder: Your private keys are stored on the card, which is not connected to the internet.
What if the smartphone's OS is compromised?
While Tangem doesn't control the underlying operating system—iOS or Android—we can vouch for the Tangem app and cards. It’s theoretically impossible to inject malicious code into the Tangem app or create a fake Tangem card. The Tangem app can function on an infected device, but we don’t recommend using it on one. Maintaining a secure environment is important for optimal protection.
What about keyloggers as an attack vector?
Keyloggers are malicious software that records and monitors keystrokes on a computer or mobile device. Their primary purpose is to capture sensitive information such as usernames, passwords, credit card numbers, and other personal data users enter.
When you generate seed phrases using the Tangem wallet, the app displays the seed on your smartphone's display and instructs you to write it down. Once written, the app prompts you to confirm by tapping some seed words correctly. In conclusion, keyloggers are not a real threat here.
Additionally, you should regularly perform antivirus checks on your phone and remain vigilant for signs of malware/spyware, such as fast battery drainage, a hot phone, lag, or unexpected app openings.
How to avoid blind signing scams
You can avoid becoming a victim of blind signing scams by taking the following measures:
- Avoid interacting with unfamiliar decentralized applications.
- Always do your own research and verify any project online.
- Avoid interacting with direct messages on social media, especially when a project’s “team member” contacts you.
- Don't click on links from unknown sources.
- Don't experiment with your smartphone’s OS by jailbreaking it.
- Do not enter your seed phrase (if any) anywhere or reveal it to anyone.
Self-custody means being in control of your private keys; therefore, you are the last point of defense for your crypto assets, and your judgment is essential.
Final thoughts
At Tangem, we take great care in ensuring the security of our app development and deployment processes. This is the foundation of our product and reputation, and we take it seriously. We guarantee that no malicious code will find its way into the final version of our app. For those who wish to verify this, you can always check the latest code on GitHub and build the app yourself.|
When adding extra buttons or screens to verify or authorize transactions, increased complexity will lead to more vulnerabilities and risks for most users. Devices that require multiple buttons and displays create new ways for attackers to exploit multiple interfaces, in-field firmware updates, and supply chains. Therefore, Tangem's approach to transaction signing remains the best option.
More from Tangem
