In the NFT sector of cryptocurrency, an increasing number of phishing websites are exploiting the eth_sign signature function for blind signature fraud. It is crucial to remind or even disable this low-level signature method to protect user safety. Many Web3 wallets have taken measures to provide security warnings and limitations for this dangerous signature method.
SlowMist security team sampled 20 popular crypto wallet apps and 20 browser extension wallets on the market according to popular searches and downloads.
According to tests on 20 popular cryptocurrency wallet apps on Google Play, eth_sign support:
- 4 cryptocurrency wallet apps choose to disable eth_sign support.
- 16 cryptocurrency wallet apps support eth_sign.
- Among them, 4 cryptocurrency wallet extensions provide eth_sign security warnings, and the other 12 do not provide security warnings.
According to tests on 20 cryptocurrency wallet Chrome extensions in the Chrome Web Store, eth_sign support:
- 5 cryptocurrency wallet extensions choose to disable eth_sign support.
- 15 cryptocurrency wallet extensions support eth_sign.
- Among them, 6 cryptocurrency wallet extensions provide eth_sign security warnings, and the other 9 do not provide security warnings.
It can be found that a large number of cryptocurrency wallets still support eth_sign, and a small number of wallets provide eth_sign security warnings. If users want to use eth_sign, they can choose a cryptocurrency wallet that supports this feature. However, users still need to pay attention to security warnings when using these wallets to ensure the security of their transactions.
SlowMist is a blockchain security firm established in January 2018. The firm was started by a team with over ten years of network security experience to become a global force. Our goal is to make the blockchain ecosystem as secure as possible for everyone. We are now a renowned international blockchain security firm that has worked on various well-known projects such as Huobi, OKX, Binance, imToken, Crypto.com, Amber Group, Klaytn, EOS, 1inch, PancakeSwap, TUSD, Alpaca Finance, MultiChain, O3Swap, etc.