See what you sign — stop worrying about blind signing
The first rule of safety is: Don't trust blindly, verify yourself.
Although hardware wallets have effectively protected users' private keys from being stolen in recent years, because transaction information is complex and unreadable, many users still perform "blind signing" and mistakenly transfer assets or grant approvals to phishing contracts, causing irreversible losses.
These scams are not due to flaws in the smart contracts themselves, but because users cannot understand the transaction content or identify risks before signing.
This is the original intention behind OneKey's SignGuard — we want every user to truly achieve "see what you sign": understand the transaction before signing and identify risks before clicking confirm.
What is SignGuard?
SignGuard is OneKey's proprietary signature protection system, jointly operated by the software app and the hardware device. It fully parses and displays transaction information before signing to help users make safe judgments and confirmations.
How does SignGuard work?
1) App side: clear signing and risk detection
The OneKey App simulates key elements of on-chain transactions, including:
Smart contract methods (transfer, approve, permit, delegatecall)
Approval amounts and target addresses
Contract names (to replace complex, hard-to-read addresses)
It also integrates risk control capabilities from GoPlus and Blockaid, enabling detection of malicious contracts, fake tokens, phishing sites, and suspicious contract methods, and providing real-time risk alerts before the user signs.
2) Hardware side: offline clear signing and final confirmation
The hardware wallet independently simulates the transaction locally and displays a trustworthy, readable summary on the device screen:
Method, amount, recipient or approver, and contract name.
Even if the user operates on a compromised computer or browser, they can confirm the transaction intent on an independent secure hardware device.
The user must complete the final signature on the hardware device, ensuring the true meaning of "see what you sign", and the entire process is fully verifiable and secure.
Why is SignGuard necessary?
Many users mistakenly believe that "using a hardware wallet means you won't be scammed," but that's not the case.
In real cases, attackers will lure you into signing a transaction on a phishing site or fake DApp that "looks normal," but in reality it may:
Grant approvals for all your token assets in bulk (approve all)
Approve a malicious address (you can't see it)
Seem to be claiming an NFT but actually transfer or approve funds
Because most wallets only display a "hash" or vague operation details, users cannot judge the transaction intent and can only blind sign — exactly the vulnerability hackers love to exploit.
Blind signing is like signing a check without seeing the amount or the payee; anyone can become a victim.
Not all "signature previews" are trustworthy
Some wallets on the market claim to support "transparent signing" or "clear previews," but many only support parsing on specific chains or contracts, and do not have real-time risk detection capabilities, nor can they ensure the "App and hardware screens show the same content."
Only OneKey's SignGuard achieves all three of the following simultaneously:
Feature | Ordinary Wallets | OneKey SignGuard |
Transaction field parsing | Partially supported | ✅ Supports major chains & methods |
Phishing risk detection | ❌ Not supported | ✅ Real-time alerts (supports major DApps) |
Hardware screen preview | ❌ No | ✅ See what you sign (supports most scenarios) |
Note: OneKey SignGuard continues to expand its support range and currently covers major chains like Ethereum, BNB, Tron, and most common methods; some complex or niche calls are not yet supported.
How to use SignGuard?
Using SignGuard is very simple:
Install or update to the latest OneKey App (supported on iOS, Android, and desktop)
Connect your OneKey Pro or OneKey Classic 1S
When performing any on-chain operation (transfer, approval, connecting to a DApp), the system will automatically launch SignGuard
and display the full parsed content and risk warnings in real time
After confirming everything is correct, complete the signature on the hardware device
Supported chains include Ethereum, BNB Chain, Polygon, Arbitrum, Optimism, Base, Scroll, and other major networks, with more ecosystems continuously being added.
Signing is not the final step, but the security watershed
We used to think of "signing" as merely the final confirmation step,
but in today's crypto world full of scams, signing is the most critical line of defense.
OneKey SignGuard is not an auxiliary tool but a core guardian.
Through clear, readable transaction parsing + real-time risk warnings,
SignGuard gives every user the ability to judge risk and avoid traps,
truly achieving "see what you sign, verifiably secure."
Upgrade your OneKey App and device firmware now to start a safer on-chain journey: