Ethereum wallets can include messages with data that users can verify. EIP 3224 presents itself as a model that seeks to reinforce user security.
There is an adage in the cryptocurrency ecosystem that tells users not to trust but verify the messages in their wallets. However, many of them sign them to process their transactions even if they do not understand them. They find this practice confusing and insecure, which has led developers to simplify the syntax of the programming language. This improves the usability and experience of those who interact with decentralized apps (dApps).
Developer Richard Moore has incorporated a new programming standard into the Ethereum Enhancement Proposals (EIP) repository, called EIP 3224. He introduced this method so that app developers allow wallets to generate human-readable descriptions of what smart contracts claim will happen.
The new proposal has been under development and discussion since its introduction last January before its incorporation into the protocol. Moore uses it to optimize other similar proposals seeking to display data in a structured and readable format in user signature requests.
Increased Security for Ethereum Users
The method is a model that strengthens the security of users, who can verify data through accurate information before approving transactions. Its implementation would allow users to wait until the dApps show the binary data strings to sign them before processing transactions.
If a user enters a decentralized exchange to conduct a transaction today, he must sign an order associated with his wallet address. However, those without technical knowledge will view this order as nothing more than an incomprehensible hexadecimal string. Therefore, most of them choose to blindly trust the data that the platform on which they operate provides. Of course, they will not have any possibility of verifying what they are signing.
Users are not able to verify that the data of their operation corresponds to their request, so they run security risks. For that reason, they could become victims of malicious actors and would transfer all their Ether to the latter’s accounts. To avoid this, Moore proposes that users know exactly what they are signing.
Through the proposal, users receive a detailed and readable message of what the smart contract of the dApps will process. This will allow them to verify the correspondence between some aspects and the order that they have requested. They will check the address receiving the funds, the address from which they operate, the amount to transfer, and the fee rate. If these correspond with the order, they will proceed to sign to process the operation. Otherwise, they will have to abort the signing protocol.
This proposal is an example of how the ecosystem has evolved to reach more people. This new method that Moore introduced represents a great step for the security and usability of dApps. In the past, there was a similar step when the hexadecimal addresses in the Bitcoin blockchain became human-readable addresses. In this way, a service on the Ethereum network allows assigning domain names to wallet addresses.
By Alexander Salazar
