Leading cryptocurrency cold wallet provider, Ledger, announced that it will fully discontinue blind signing on Ledger devices by the end of June next year and replace it with clear signing to enhance security. After suffering an attack last week, Ledger revealed that it plans to improve security by implementing clear signing instead of blind signing on its devices. The attack occurred on December 14th when malicious code was implanted into Ledger’s Connect Kit, affecting several projects in the Web3 space. Ledger advised its users to temporarily refrain from interacting with any decentralized applications (Dapps). In a recent post on its website, Ledger disclosed the details of the attack and announced its decision to suspend the use of blind signing and adopt clear signing by June 2024. The attack timeline included a phishing attack on a former Ledger employee, the release of malicious versions of Ledger Connect Kit, and the freezing of stolen funds by Tether, the issuer of the stablecoin USDT. Ledger stated that the total amount of compromised funds is approximately $600,000, and it pledged to assist users in recovering their stolen assets by the end of February 2024. In addition to this, Ledger emphasized that it will completely prohibit blind signing on its devices by June 2024 and replace it with clear signing to ensure that users can verify all transactions on Ledger devices before signing. Blind signing is a cryptographic digital signature method in which the signer cannot see the content of the information before signing. It offers the characteristics of the signer not being able to see the content being signed and the signature information being untraceable. Ledger highlighted the risks associated with blind signing, which arise from the increasing complexity of user interactions with NFTs, DeFi, and Dapps. Users who blindly sign transactions without understanding the full signature content provide opportunities for hackers to steal their assets.