- The CTO of Ledger, Charles Guillemet, has warned cryptocurrency users about the risks of “blind signing” transactions.
- The interview with Guillemet follows the recent phishing attack on the OpenSea NFT Marketplace.
- Guillemet mentioned a possible solution to blind signing.
Charles Guillemet, the CTO of Ledger – a well-known cryptocurrency hardware wallet manufacturer, has warned users about the risks of “blind signing” transactions.
Guillemet defined “blind signing” as “consenting to a transaction to be signed blindly, without understanding what it means.” He also relayed the problems as well as highlighted some of the key issues with blind signing transactions in a recent interview with Cointelegraph today. This follows after a recent attack on OpenSea.
The recent attack on OpenSea was a phishing attack which, through blind signing. As a result, cyber criminals who orchestrated the attack walked away with $1.7 million worth of non-fungible tokens, as 17 NFT holders were duped into selling their NFTs for 0 ETH.
The CTO and security expert had noted that consenting to transactions requires signing a message on the blockchain, and that a user is the only one capable of signing transactions with their private key. The issue with these messages, according to Guillemet, is that they are not “intelligible by default”.
When asked in the interview what he believes the solution to blind signing is, the CTO relayed the age-old cryptocurrency saying, “don’t trust, verify”. He also advised cryptocurrency users to always double check the details of a transaction before signing it.
The cryptocurrency space is a popular target for cyber criminals because of the associated high level of autonomy of transacting with cryptocurrencies.
Signing transaction requests is something that every cryptocurrency user will encounter. Therefore it is important that all cryptocurrency users practice extreme caution when asked to sign transactions while navigating the cryptocurrency ecosystem.