ClearSignKit

Problem Statement

Problem: The $1.4 Billion Blind Signing CrisisOn 21 February 2025, hackers drained $1.4 billion—including 401,347 ETH—from Bybit's cold wallet by tampering with the on-screen data shown to signers. This catastrophic event highlights the critical security vulnerability of blind signing, where users approve transactions without understanding what they're actually signing.Blind signing exposes users to:Malicious smart contractsthat drain fundsPhishing attacksdisguised as legitimate transactionsSocial engineering scamsexploiting transaction complexityApproval farmingwhere users unknowingly grant unlimited token accessSolution: ClearSignKit - AI-Powered Transaction TransparencyClearSignKitis a comprehensive toolkit that automates the generation of human-readable transaction schemas using Ledger's ERC-7730 Clear Signing standard. Our solution addresses the adoption barrier by eliminating most of the manual work required to create these schemas.Core InnovationAI-Powered Schema Generation: Using LLM models, we automatically analyze smart contract ABIs and generate compliant ERC-7730 JSONs that translate complex transaction data into human-readable formats.Developer-First Tooling: Our Hardhat 3 plugin integrates seamlessly into existing development workflows, automatically generating clear signing schemas during deployment. Alternative the website builder can be used to generate and review the JSON. Both options allow to directly publish to The Graph's GRC-20 Knowledge Graph.Decentralized Schema Repository: Using The Graph's GRC-20 Knowledge Graph, we create an open, queryable repository of verified schemas that any wallet or dApp can access.User JourneyFor Developers:Install our Hardhat plugin → Deploy contracts → Run generate command → Schemas automatically generated and publishedOr use our web interface to generate schemas for existing contractsFor End Users:Wallet fetches schema from our knowledge graph → Displays human-readable transaction details → User signs with confidenceFor Wallet Developers:Query our knowledge graph for any contract → Get structured transaction display data → Implement clear signing without building schemas from scratch

Solution

Architecture OverviewClearSignKit consists of three interconnected repositories that work together to provide a complete clear signing automation solution:1.p(Python Library)This repository serves as the core AI-powered engine that analyzes smart contracts and generates ERC-7730 clear signing schemas automatically. It extends Ledger's official python-erc7730 library.Key Enhancements:AI Integration: Added OpenAI SDK support with custom base URLs (OpenRouter compatibility)Sourcify Integration: Replaced Etherscan with Sourcify API for access to large database of verified contracts with already parsed documentation and without requiring an API keyProxy resolution: Automatically detects proxies and resolves their functions as wellLocal Mode: Added support for local artifact processing from Hardhat deploymentsEnhanced Prompting: Implemented sophisticated prompt engineering with source code analysis, providing the AI with the functions source code and documentation for better understanding2.c(Web Interface)This repository provides a user-friendly web interface that allows developers to generate, review, and publish ERC-7730 schemas through a visual builder tool. It integrates our AI engine with Ledger's existing builder interface and adds The Graph's GRC-20 Knowledge Graph publishing capabilities for decentralized schema storage.Key Enhancements:AI Toggle: Added automatic schema generation mode using our Python backendKnowledge Graph Publishing: Integrated The Graph's GRC-20 library for decentralized schema storageChain Support: Added multi-chain dropdown with popular networksReal-time Validation: Automatic validation of AI-generated schemasTechnical Stack:Frontend: Next.js 15 with TypeScript and Tailwind CSSBackend: FastAPI Python server with tRPC for type-safe API callsState Management: Zustand for client-side stateKnowledge Graph: The Graph's GRC-20-ts library for entity publishing3.h(Hardhat Plugin)This repository contains a Hardhat 3 plugin that seamlessly integrates clear signing schema generation and publishing into existing development workflows.Key Features:Hardhat 3 Compatibility: Built specifically for Hardhat 3s new plugin systemIgnition Integration: Seamlessly works with Hardhat Ignition deployment IDs to fetch relevant deployment dataAutomatic Generation: Post-compilation hooks for schema generationKnowledge Graph Publishing: Direct integration with The Graph's GRC-20 library for publishingTechnical Stack:Plugin System: Hardhat 3 native plugin architectureTask System: Custom tasks for generate-7730, publish-kg, and fetch-kgTypeScript: Full TypeScript support with modern ES modulesTechnical InnovationAI-Powered Schema GenerationOur LLM inference system analyzes:Function Signatures: Parameter types and namesSource Code: Actual implementation for contextNatSpec Documentation: Developer comments and specificationsConstants & Enums: Contract constants for better labelingKnowledge Graph ArchitectureUsing The Graph's GRC-20 standard, we created a "Contract Metadata" Space with structured entities for individual contracts:Contract Entities: Basic contract information like chain id, address, nameSchema Entities: ERC-7730 JSON schemasRelation Entities: Linking contracts to their schemasNotable Technical AchievementsPrompt Engineering: Developed sophisticated prompts providing AI with relevant context dynamicallyMulti-Chain Support: Support all EVM compatible chainsType Safety: Full TypeScript integration across all componentsHardhat 3 Plugin: One of the first plugins built for Hardhat 3 alpha architectureDecentralized Storage: No centralized databases - everything stored on The Graph