Documentation

Verifying the Signing Message on your Hardware Device

Blind Signing Protection

Suggest Edits

Blind signing in multisig wallets refers to signing a transaction on your hardware device without being able to review the transaction details before approving the transaction.
With Blind signing protection, you can now verify the transaction by reviewing the domain hash and message hash. These values are displayed on the device and signers can cross-verify these messages on their hardware devices with Gnosis Safe UI.

⚠️ This step reduces the risk of signature mismatch and eliminates accidental or malicious approvals of transactions trying to drain your wallet.

The second signer and other consequent signers (transaction approvers) can independently verify the message hash and domain hash values, ensuring that transactions are not tampered with.

The second signer can cross-check the message hash, domain hash, safe transaction hash, input data, and other transaction parameters, such as balance changes on the Gnosis Safe UI or a third party safe utils tool to verify transactions

Prerequisite: Enable blind signing in your Ledger device

  • Connect and unlock your Ledger device.
  • Open the Ethereum application.
  • Press the right button to navigate to Settings. Then press both buttons to validate.
  • In the Blind signing settings, press both buttons to enable blind signing in transactions. The device displays Enabled.

Refer to the Ledger website to learn more.

Verify signing messages on Ledger

Once a transaction is initiated (signed by the first signer), as a second signer or a consequent signer, perform the following steps to verify signing messages and sign a transaction.

  1. Log into Vaults.
  2. On your Home, under Pending Actions, select View for a pending transaction.

  1. Copy the Message hash and Domain hash on a notepad like application using the Copy Button so that you can cross verify it later.
  2. Select the Safe link to go to the Safe UI. You will see the queued up transactions on the Safe dashboard.

  1. Select the transaction to expand its details. Verify the transfer amount (eg. 0.05 ETH in the screenshot below) and then select Advanced details.

  1. Scroll down to the domain hash and message hash values.

  1. Go to Liminal Vaults UI and select Approve.

  1. Select Sign to sign the transaction using your Ledger device.

Ensure that both domain and message hash values in the Ledger device match the values given on the Safe UI as well as the one that you have copied on your notepad in Step 3. Once verified, sign the transaction to confirm it.

Additional Manual Verification

You can also generate the Message hash and Domain Hash manually by inputting the transaction details in a safe utils application. You can also cross verify this message hash and domain hash on the ledger device before signing the transaction.

Updated 7 days ago