What is a "signature request" in MetaMask and when should I sign it?

Understanding Signature Requests in MetaMask

A signature request in MetaMask is a security feature that prompts users to digitally sign a message using their private key. This process does not involve sending cryptocurrency or interacting with a smart contract directly. Instead, it verifies your identity or approves specific off-chain actions. When a decentralized application (dApp) asks you to sign a message, MetaMask displays a pop-up window showing the content of the message and requesting confirmation.

The core purpose of a signature request is to authenticate that you control a specific Ethereum address. Unlike transaction requests that require gas and modify blockchain state, signature requests are free and do not result in on-chain activity. The signature itself is a cryptographic proof generated from your private key, confirming your identity without exposing the key.

It's crucial to understand that not all signature requests are safe. Malicious dApps may attempt to trick users into signing harmful messages, such as those granting access to digital assets or authorizing unintended actions. Always inspect the message content before confirming.

Types of Messages You May Be Asked to Sign

MetaMask supports signing various types of messages, each serving a different purpose:

• Plain text messages: These are simple strings of text, such as 'Welcome to DApp XYZ.' Signing them proves you own the address but carries minimal risk if the content is benign.
• Structured data (EIP-712): This format organizes data into typed fields (e.g., name, wallet, nonce), making it easier to read and reducing phishing risks. EIP-712 signatures are commonly used for off-chain transactions, login systems, or voting mechanisms.
• Personal sign (eth_sign): This method signs raw data prefixed with '\x19Ethereum Signed Message:\n' + length. It's older and less secure, as it can be exploited if misused.
• Typed data (eth_signTypedData): This is the recommended method for signing structured data. MetaMask displays the fields clearly, allowing you to verify each value before signing.

When a dApp uses EIP-712, the signature request window in MetaMask will show labeled fields instead of hexadecimal code. This transparency helps users understand exactly what they are approving.

When Should You Sign a Message?

You should sign a message only when you trust the requesting dApp and understand the purpose. Common legitimate scenarios include:

• Logging into a dApp: Some platforms use signature-based authentication instead of passwords. By signing a unique challenge, you prove ownership of your wallet without revealing sensitive information.
• Claiming airdrops or NFTs: Projects may require a signature to verify eligibility and prevent bot claims.
• Participating in decentralized governance: Signing a vote off-chain reduces gas costs while still recording your intent.
• Authorizing off-chain actions: Marketplaces like OpenSea use signature requests to list NFTs without immediate blockchain transactions.

Before proceeding, ensure the dApp's domain is correct and the message content matches expectations. If the request asks for permissions beyond authentication—such as spending allowances or access to funds—do not sign.

How to Safely Handle a Signature Request in MetaMask

When MetaMask displays a signature request, follow these steps to ensure security:

• Check the dApp’s URL: Confirm you are on the official website. Phishing sites often mimic legitimate platforms.
• Review the message details: Look for readable content in EIP-712 format. If you see only hex code, exercise caution.
• Verify the requesting domain: MetaMask shows the origin (e.g., app.uniswap.org). Ensure it matches the dApp you intend to use.
• Assess the risk: If the message includes terms like 'approve,' 'spend,' or references tokens, it may be a disguised authorization.
• Use a secondary wallet for testing: If uncertain, connect a wallet with minimal funds to evaluate the request.

To inspect a hex-encoded message, you can decode it using tools like Etherscan’s ABI decoder or online hex-to-text converters. However, never input sensitive data into untrusted websites.

Differences Between Signing and Approving Transactions

It's essential to distinguish between signature requests and transaction approvals:

• Signature requests do not cost gas, occur off-chain, and only prove identity.
• Transaction approvals (e.g., ERC-20 approve) are on-chain, require gas, and grant smart contracts permission to spend your tokens.

A common scam involves presenting a signature request that mimics a transaction approval. For example, a message might claim, 'By signing, you approve 100 DAI for Uniswap,' but since no actual approve function is called, the danger lies in potential misuse of the signed data. Always remember: a signature cannot transfer funds directly, but it can be used to authorize actions if the dApp backend is compromised.

Another key difference is reversibility. On-chain approvals can be revoked via blockchain transactions, while signatures cannot be undone. Once signed, the cryptographic proof exists and could be used according to the dApp’s logic.

Frequently Asked Questions

What happens if I sign a malicious message?Signing a harmful message can allow attackers to impersonate you on certain platforms or execute unauthorized actions if the dApp relies on signatures for permissions. For example, a signed message granting trading rights on a decentralized exchange could be replayed to execute trades. Disconnect your wallet immediately and monitor connected dApps if you suspect compromise.

Can a signature request drain my wallet?A signature request cannot directly drain funds because it doesn’t execute a transaction. However, if the signed message authorizes a dApp to act on your behalf—such as in a phishing attempt that mimics a permit function—it could indirectly lead to loss if the dApp’s contract is malicious. Always verify the context.

How do I revoke a signature after signing?You cannot revoke a digital signature once it’s created. The cryptographic proof remains valid. Your best action is to disconnect the dApp from your wallet via MetaMask’s connected sites settings and avoid reusing signatures on untrusted platforms.

Why does MetaMask show hex instead of readable text?MetaMask displays hex when the dApp uses raw eth_sign instead of structured eth_signTypedData. This makes verification harder. Prefer dApps that implement EIP-712 for better transparency. If you see hex, consider declining unless you fully trust the source and understand the payload.