Cryptocurrency wallets have become the primary gateway to decentralized applications, yet users often face significant difficulty in discerning what a wallet signature actually does or entails. Prior work has mainly focused on mitigating protocol vulnerabilities, with limited attention to how users perceive and interpret what they are authorizing. To examine this usability-security gap, we conducted two formative studies investigating how users interpret authentic signing requests and what cues they rely on to assess risk. Findings reveal that users often misread critical parameters, underestimate high-risk signatures, and rely on superficial familiarity rather than understanding transaction intent. Building on these insights, we designed the Signature Semantic Decoder -- a prototype framework that reconstructs and visualizes the intent behind wallet signatures prior to confirmation. Through structured parsing and semantic labeling, it demonstrates how signing data can be transformed into plain-language explanations with contextual risk cues. In a between-subjects user study (N = 128), participants using the prototype achieved higher accuracy in identifying risky signatures, improved clarity and decision confidence, and lower cognitive workload compared with the baseline wallet interface. Our study reframes wallet signing as a problem of interpretability within secure interaction design and offers design implications for more transparent and trustworthy cryptocurrency wallet interfaces.
翻译:加密货币钱包已成为去中心化应用的主要入口,然而用户在辨识钱包签名的实际功能或含义时常常面临显著困难。先前研究主要集中于缓解协议漏洞,对于用户如何感知和解读其所授权内容关注有限。为探究这一可用性与安全性之间的差距,我们开展了两次形成性研究,调查用户如何解读真实的签名请求以及依赖何种线索评估风险。研究发现,用户常误读关键参数、低估高风险签名,并依赖表面的熟悉度而非理解交易意图。基于这些发现,我们设计了“签名语义解码器”——一种在确认前重构并可视化钱包签名背后意图的原型框架。通过结构化解析与语义标注,该框架展示了如何将签名数据转化为带有情境风险提示的通俗语言解释。在一项组间用户研究(N = 128)中,与基线钱包界面相比,使用该原型的参与者在识别高风险签名方面准确率更高,决策清晰度与信心得到提升,且认知负荷更低。本研究将钱包签名重新定义为安全交互设计中的可解释性问题,并为构建更透明、可信赖的加密货币钱包界面提供了设计启示。