"What I Sign Is Not What I See": Towards Explainable and Trustworthy Cryptocurrency Wallet Signatures
- URL: http://arxiv.org/abs/2601.16751v1
- Date: Fri, 23 Jan 2026 13:56:07 GMT
- Title: "What I Sign Is Not What I See": Towards Explainable and Trustworthy Cryptocurrency Wallet Signatures
- Authors: Yuyang Qin, Haihan Duan,
- Abstract summary: We investigate how users interpret authentic signing requests and what cues they rely on to assess risk.<n>Findings reveal that users often misread critical parameters, underestimate high-risk signatures, and rely on superficial familiarity rather than understanding transaction intent.<n>A prototype framework reconstructs and visualizes the intent behind wallet signatures prior to confirmation.
- Score: 2.5717964450615614
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: Cryptocurrency wallets have become the primary gateway to decentralized applications, yet users often face significant difficulty in discerning what a wallet signature actually does or entails. Prior work has mainly focused on mitigating protocol vulnerabilities, with limited attention to how users perceive and interpret what they are authorizing. To examine this usability-security gap, we conducted two formative studies investigating how users interpret authentic signing requests and what cues they rely on to assess risk. Findings reveal that users often misread critical parameters, underestimate high-risk signatures, and rely on superficial familiarity rather than understanding transaction intent. Building on these insights, we designed the Signature Semantic Decoder -- a prototype framework that reconstructs and visualizes the intent behind wallet signatures prior to confirmation. Through structured parsing and semantic labeling, it demonstrates how signing data can be transformed into plain-language explanations with contextual risk cues. In a between-subjects user study (N = 128), participants using the prototype achieved higher accuracy in identifying risky signatures, improved clarity and decision confidence, and lower cognitive workload compared with the baseline wallet interface. Our study reframes wallet signing as a problem of interpretability within secure interaction design and offers design implications for more transparent and trustworthy cryptocurrency wallet interfaces.
Related papers
- Poster: Privacy-Preserving Compliance Checks on Ethereum via Selective Disclosure [9.47737368469032]
This work proposes a general Selective Disclosure Framework built on, designed to decouple attribute verification from identity revelation.<n>By utilizing client-side zk-SNARKs, the framework enables users to prove specific eligibility predicates without revealing underlying identity documents.<n>Preliminary results indicate that strict compliance requirements can be satisfied with negligible client-side latency.
arXiv Detail & Related papers (2026-02-20T14:54:22Z) - Blockchain Signatures to Ensure Information Integrity and Non-Repudiation in the Digital Era: A comprehensive study [0.8021197489470758]
A key requirement is non-repudiation, which prevents denial of transaction authorship and supports integrity of recorded data.<n>This work surveys digital signature schemes used in blockchain platforms and analyzes how they deliver non-repudiation.
arXiv Detail & Related papers (2025-10-26T07:39:55Z) - TokenSwap: Backdoor Attack on the Compositional Understanding of Large Vision-Language Models [57.32952956674526]
We introduce TokenSwap, a more evasive and stealthy backdoor attack on large vision-language models (LVLMs)<n>Instead of enforcing a fixed targeted content, TokenSwap subtly disrupts the understanding of object relationships in text.<n> TokenSwap achieves high attack success rates while maintaining superior evasiveness and stealthiness.
arXiv Detail & Related papers (2025-09-29T10:19:22Z) - VoxGuard: Evaluating User and Attribute Privacy in Speech via Membership Inference Attacks [51.68795949691009]
We introduce VoxGuard, a framework grounded in differential privacy and membership inference.<n>For attributes, we show that simple transparent attacks recover gender and accent with near-perfect accuracy even after anonymization.<n>Our results demonstrate that EER substantially underestimates leakage, highlighting the need for low-FPR evaluation.
arXiv Detail & Related papers (2025-09-22T20:57:48Z) - CryptoGuard: An AI-Based Cryptojacking Detection Dashboard Prototype [1.5238808518078566]
This paper presents a front-end prototype of an AI-powered security dashboard, namely, CryptoGuard.<n>Developed through a user-centered design process, the prototype was constructed as a high-fidelity, click-through model from Figma mockups.
arXiv Detail & Related papers (2025-09-11T17:25:06Z) - Evaluating Language Model Reasoning about Confidential Information [95.64687778185703]
We study whether language models exhibit contextual robustness, or the capability to adhere to context-dependent safety specifications.<n>We develop a benchmark (PasswordEval) that measures whether language models can correctly determine when a user request is authorized.<n>We find that current open- and closed-source models struggle with this seemingly simple task, and that, perhaps surprisingly, reasoning capabilities do not generally improve performance.
arXiv Detail & Related papers (2025-08-27T15:39:46Z) - Usability of Token-based and Remote Electronic Signatures: A User Experience Study [0.0]
This study empirically evaluates and compares two major e-signature systems -- token-based and remote signatures.<n>Remote e-signatures perceived as significantly more usable than token-based ones.<n>More participants preferred remote e-signatures for document signing, but preference did not reach statistical significance.
arXiv Detail & Related papers (2025-05-24T18:21:06Z) - WalletProbe: A Testing Framework for Browser-based Cryptocurrency Wallet Extensions [8.064056857526813]
WalletProbe is a mutation-based testing framework based on visual-level oracles.<n>We have identified 13 attack vectors that can be abused by attackers to exploit cryptocurrency wallets and exposed 21 concrete attack strategies.
arXiv Detail & Related papers (2025-04-16T03:24:30Z) - Privacy-Preserving Biometric Verification with Handwritten Random Digit String [49.77172854374479]
Handwriting verification has stood as a steadfast identity authentication method for decades.<n>However, this technique risks potential privacy breaches due to the inclusion of personal information in handwritten biometrics such as signatures.<n>We propose using the Random Digit String (RDS) for privacy-preserving handwriting verification.
arXiv Detail & Related papers (2025-03-17T03:47:25Z) - VELLET: Verifiable Embedded Wallet for Securing Authenticity and Integrity [0.6144680854063939]
This paper proposes a new protocol to enhance the security of embedded wallets.
Our VELLET protocol introduces a wallet verifier that can match the audit trail of embedded wallets on smart contracts.
arXiv Detail & Related papers (2024-04-05T03:23:19Z) - Provably Secure Disambiguating Neural Linguistic Steganography [66.30965740387047]
The segmentation ambiguity problem, which arises when using language models based on subwords, leads to occasional decoding failures.<n>We propose a novel secure disambiguation method named SyncPool, which effectively addresses the segmentation ambiguity problem.<n> SyncPool does not change the size of the candidate pool or the distribution of tokens and thus is applicable to provably secure language steganography methods.
arXiv Detail & Related papers (2024-03-26T09:25:57Z) - Token-Level Adversarial Prompt Detection Based on Perplexity Measures
and Contextual Information [67.78183175605761]
Large Language Models are susceptible to adversarial prompt attacks.
This vulnerability underscores a significant concern regarding the robustness and reliability of LLMs.
We introduce a novel approach to detecting adversarial prompts at a token level.
arXiv Detail & Related papers (2023-11-20T03:17:21Z) - FedSOV: Federated Model Secure Ownership Verification with Unforgeable
Signature [60.99054146321459]
Federated learning allows multiple parties to collaborate in learning a global model without revealing private data.
We propose a cryptographic signature-based federated learning model ownership verification scheme named FedSOV.
arXiv Detail & Related papers (2023-05-10T12:10:02Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.