Back to blogs
Written by
Cyfrin
Published on
April 2, 2025

Hardware Wallet Security: What Your Device Must Show You

Learn what your hardware wallet must display before you sign. Verify key details in messages and transactions to avoid scams because security starts with you.

Table of Contents

In the blockchain security landscape, hardware wallets remain one of the most robust defenses against unauthorized access to digital assets. However, as recent high-profile breaches have shown, their security hinges on more than the devices themselves—it depends on how well users verify the transactions they’re signing on those devices.

In a recent video, Cyfrin CEO and security researcher Patrick Collins explained what every hardware wallet user should know: the essential details that must appear on-screen when signing transactions or messages

Understanding these cues could mean the difference between protecting your assets and falling victim to a hack.

The critical role of verification

The recent $1.4 billion Bybit hack is a stark reminder of what’s at stake. Even with a multi-signature wallet setup, requiring three separate approvals, the exchange was compromised by a sophisticated attack that deceived the signers. On screen, the interface showed clean, legitimate-looking transaction details. But the data actually sent to hardware wallets contained hidden, malicious instructions.

This exploit drives home a cardinal rule in blockchain security: never sign a transaction based solely on what you see on screen. Always verify the actual operations your hardware wallet is being asked to approve.

Note: While messages and transactions may look similar in the wallet interface, they serve different purposes. Messages are off-chain signatures used for things like Safe approvals, while transactions trigger actual on-chain actions. Both require careful verification but for different reasons.

Signing messages: understanding EIP-712

Most modern blockchain signatures follow the EIP-712 standard, which organizes message data into a structured, human-readable format. When you sign a message, the process involves three components:

  1. Domain: Identifies the context, usually the app or service requesting the signature.

  2. Types: Defines the structure and data types used in the message.

  3. Message: Holds the actual values being signed, matched to the defined types.
A visual breakdown of the three components required for EIP-712 data: domain, types, and message.
Three things needed for EIP-712 data; Source: YouTube video: What are YOU signing on your hardware wallet??


These three components, domain, types, and message, are hashed together to produce a final digest. That digest is what your private key actually signs. In the case of Safe multi-sig wallets, this digest is called the Safe transaction hash, or SafeTxHash.

An infographic showing how the domain and message hashes are derived and combined to produce the EIP-712 digest (SafeTxHash).
How a SafeTxHash is constructed; Source: YouTube video: What are YOU signing on your hardware wallet??

What your hardware wallet should show when signing messages

When signing a message, hardware wallets should provide sufficient information to verify what's being signed. Any of the following are acceptable, though some make verification easier than others:

  1. Ideal: The final digest or SafeTxHash
    • This is the single hash value that your key will sign
    • Easiest to verify using external tools

  2. Good: The message hash and domain hash separately
    • When combined, these produce the final digest
    • Nearly as easy to verify as the final hash

  3. Acceptable but cumbersome: The entire data structure
    • Shows all domain, types, and message data
    • Contains all necessary information but requires significant reading and manual verification
Diagram illustrating that full EIP-712 data is harder to verify than domain and message hashes, which produce a more readable SafeTxHash.
What’s needed to verify a signature?; Source: YouTube Video: What are YOU signing on your hardware wallet??

For example, Ledger Flex shows both the domain and message hashes as well as the full data structure in a readable format.

A Ledger hardware wallet screen showing both domain and message hashes, with text explaining this is good practice for signature verification.
Source: YouTube Video: What are YOU signing on your hardware wallet??

Tools for verifying signatures

For users who need to verify signature data, especially in multi-signature setups like Safe, several tools can help:

  • Safe provides a web interface for calculating expected transaction hashes.
A UI screenshot from Safe Wallet showing detailed transaction parameters, including hashes, destination, and raw calldata for user verification.
Verify transaction data in Safe{Wallet}; Source: Safe

  • If you prefer fewer dependencies, Cyfrin offers a command-line tool, allowing users to generate hashes independently.
Source: Cyfrin’s safe-tx-hashes GitHub repo

Signing transactions: the importance of calldata

When you send a transaction, you're not just confirming identity—you’re authorizing actual instructions to be executed on the blockchain. That makes calldata crucial to inspect and understand.

Transaction signing introduces a unique set of verification challenges compared to simple message signing. While both involve cryptographic signatures, they serve different purposes. 

In some systems, such as Safe multi-sigs, signing a message is part of a multi-step process that ultimately results in an on-chain transaction. In others, such as logging into an app or signing an off-chain vote, the message signature is never followed by an on-chain transaction.

What must be displayed when signing transactions

At a minimum, hardware wallets must show:

  • Destination (“to”) address: The smart contract or wallet receiving the transaction. Always confirm that it's the intended recipient.

  • Network information: The blockchain you're interacting with (e.g. Ethereum mainnet, Arbitrum, etc.) to ensure you're on the correct network.

  • Network fee: The total cost of executing the transaction, typically shown in ETH or a blockchain’s native token.

  • Gas parameters: Includes gas limit and gas price; these control how much computation the transaction can use and how quickly it's processed.

  • Nonce: A unique number that keeps transactions in order and prevents replay attacks.

  • Calldata: The low-level instructions your transaction will execute, review for function calls, parameters, and potential red flags such as DelegateCall.

Ideally, wallets should also decode the calldata into a human-readable format. However, since decoding isn’t always perfect, some security researchers may prefer access to both the decoded and raw versions.

Hardware wallet transaction examples

Source: YouTube Video: What are YOU signing on your hardware wallet??

  • Grid Lattice Plus goes further by decoding the calldata (though it ideally would offer an option to view the raw data as well).
Source: YouTube Video: What are YOU signing on your hardware wallet??

The Bybit hack: a case study in missed verification

This guidance takes on added urgency in light of the recent Bybit exchange hack. Despite using a multi-signature setup, Bybit's signers approved a malicious transaction that contained multiple red flags that might have been caught with proper hardware wallet verification:

  • The destination address pointed to an unverified smart contract created only days earlier.

  • An operation parameter was set to 1, indicating a DelegateCall, a risky and sometimes abused function.

  • The input data was crafted to look legitimate while quietly executing malicious code.

Had the signers reviewed the full calldata on their hardware wallets and known what to watch for, they may have spotted the anomalies before the damage was done.

Best practices for secure transaction signing

Based on this information, several best practices emerge for hardware wallet users, especially those managing assets:

  1. Always verify signature data: When signing messages (e.g., in a Safe multi-sig), confirm that the domain, types, and message hashes (or the SafeTxHash) match your expectations.

  2. Check calldata thoroughly: For transactions, examine the raw calldata. Understand what the function does, who it calls, and what parameters it uses.

  3. Use independent verification tools: Don’t rely solely on your computer screen. Use trusted tools or explorers to decode and verify transaction details.

  4. Know what to look for: Learn enough about common Ethereum operations (like DelegateCall, token transfers, and contract creation) to recognize when something looks off.

  5. Choose the right hardware wallet: Use a device that clearly displays all relevant details: destination address, network, gas fees, and raw calldata. Bonus points for wallets that also provide decoded summaries and let you toggle between views.

Conclusion

When signing messages, your hardware wallet must provide enough detail to verify exactly what you're approving. At a minimum, it should display the:

  • Domain: the app or service requesting the signature
  • Types: data structure definitions
  • Message: the values being signed

Ideally, it should show the final SafeTxHash or the domain hash and message hash component, giving you an extra layer of assurance.

When signing transactions, the requirements go deeper. Your hardware wallet should display:

  • The destination (“to”) address
  • Network information
  • Gas parameters
  • The calldata: the actual instructions being sent to the blockchain

The most secure wallets decode calldata into clear, human-readable actions. But access to the raw calldata remains essential for advanced users who want full control and transparency.

As sophisticated attacks continue to target major protocols, these verification capabilities are essential security requirements. Understanding what to look for and how to verify the information your wallet displays could be the difference between security and compromise.

With this foundation in place, you may want to learn how to verify calldata with Cyfrin’s safe-tx-hashes.

For those looking to enhance their blockchain security skills, Cyfrin's Security & Auditing course on Updraft provides comprehensive training on identifying and preventing these types of attacks.

Stay safe out there, and always verify your transactions.

Secure your protocol today

Join some of the biggest protocols and companies in creating a better internet. Our security researchers will help you throughout the whole process.
Stay on the bleeding edge of security
Carefully crafted, short smart contract security tips and news freshly delivered every week.