Ledger Enterprise
Help Center
Help Center
  • Welcome to the Help Center
  • Fundamentals
    • Getting set up
      • Sign in and out
      • For Administrators
      • For Operators
  • Supported Networks
  • What's new
  • CORE
    • Workspace administration
      • Admin Rule
        • Edit the admin rule
      • Accounts
        • Create an account
        • Solana SPL token account
        • Direct Access EVM Accounts
        • Edit an account
        • Activate a view-only account
        • Generate a receiving address
      • Groups
        • Create a group
        • Edit a group
        • Delete a group
      • Whitelists
        • Create a whitelist
        • Edit a whitelist
      • Entities
        • Create an entity
        • Edit an entity
        • Delete an entity
    • Users
      • User Roles and Permissions
      • New users
      • Register on the Ledger Vault
    • Your Device
      • Initialize your Personal Security Device (PSD)
      • Update your Personal Security Device (PSD)
      • Configure the Ledger Cryptosteel
      • Device pairing: View your partition ID
    • Managing requests
      • Approve or reject a request
      • Track the status of a request
      • Recreate a rejected or failed request
    • Transactions
      • Create a transaction
      • Transaction fees & speed
      • UTXOs
      • Replace by Fee
      • Export transaction history
      • Vault Raw Signing Overview
    • Compliance capabilities
      • Proof of Reserve - Enable Message Signing on an account
      • Proof of Researve - Sign Messages
      • Address Screening and KYT
    • Using Vault Signer
      • Create a Vault Signer account
      • Connect your Signer account to the Ledger Live extension
      • Craft a transaction on Ledger Live with your Vault Signer account
    • Overview of the Ledger Enterprise API
    • Public Key Infrastructure (PKI) Implementation
    • Ledger Enterprise mobile application
      • Terms of Use
  • staking
    • Stake Cardano
      • Overview
      • Enable ADA Staking
      • Stake ADA with Figment
      • Reporting
    • Stake Cosmos
      • Overview
      • Enable ATOM Staking on your Ledger Cosmos Enterprise accounts
      • How to stake ATOM
    • Stake Ethereum
      • Overview
      • Enable ETH Staking on your Ethereum accounts
      • Stake ETH with Kiln
      • Stake ETH with Figment
      • Stake ETH with Blockdaemon
    • Stake Solana
      • Overview
      • Enable SOL Staking on your Solana accounts
      • Stake SOL with Figment
      • Solana Staking Reporting
    • Stake Polkadot
      • Overview
      • Enable DOT Staking
      • Stake DOT with Figment
    • Stake Polygon
      • Overview
      • Enable MATIC Staking
      • Stake MATIC with Figment
      • Stake MATIC with Kiln
    • Stake Tezos
      • Overview
    • Staking Providers
      • Stake with kiln
      • Stake with Figment
      • Stake with Blockdaemon
  • Web3: DeFi & NFT
    • Web3: DeFi & NFT Interactions
      • Web3 governance & configuration
        • Enable Smart Contract Interactions on EVM accounts
        • Enable Message Signatures on EVM accounts
        • Enable Contract Deployments on EVM accounts
        • Customize DApps catalog on EVM accounts
      • Vault DApps
        • DApp Provider Guide
        • Lido
        • Paraswap
        • Yearn
      • Interact with an external DApp via WalletConnect
      • Deploy a Smart Contract
      • Sign DApp messages
      • Interact with a smart contract
    • Raw Signing Best Practices
  • TRADELINK
    • Introduction
    • Best Practices
    • Run Tradelink as an Administrator
    • Operate Tradelink as a Custodian
    • Operate Tradelink as an Asset Manager
    • Operate Tradelink as an Exchange
    • Ledger Tradelink Terms of Use
  • Support
    • Troubleshooting
    • Security best practices
      • Ledger Stax Best Practices
    • Recovering your Vault Master Seed
    • Recover your Ledger Vault's master seed on a Nano S Plus
Powered by GitBook
On this page
  • Overview
  • Instructions
  1. Web3: DeFi & NFT
  2. Web3: DeFi & NFT Interactions

Sign DApp messages

This section is for Operators only.

Overview

Signing messages serves a crucial purpose in the web3 ecosystem. It allows users to confirm their identity, authenticate transactions, and interact with smart contracts without the need to share their private keys.

The EIP-191 and EIP-712 formats are Ethereum Improvement Proposals that standardize signed messages:

  • EIP-191 provides a basic signed data scheme. It is mostly used to let users prove that they control an address without revealing their private key, typically when logging into a DApp.

  • EIP-712 improves upon EIP-191 and makes the process of data signing more user-friendly. It displays the data in a structured and readable format, improving user understanding and control over what they are signing.

Ledger Enteprise supports the signature of messages in the EIP-191 and EIP-712 formats, and enables operators to review their content on the Trusted Display of their Personal Security Devices.

The signature of messages with Ledger Enterprise accounts opens up multiple opportunities in the web3 ecosystem.

Follow the instructions below to sign messages when interacting with DApps.

Instructions

Step 1: Connect to a DApp

  • Use Vault DApps to connect to a DApp directly from your workspace

  • Connect to a DApp via WalletConnect .

Step 2: Initiate the message signature on the DApp

You can connect to various DApps which will eventually require the signature of messages. Signed messages can serve various purposes:

  • Log in with the DApp by proving the ownership of your Ledger Enterprise EVM account

  • Decentralized Finance (DeFi) apps such as MakerDao, Aave or Curve Finance will require you to sign transactions for lending, borrowing, or trading assets with your Ledger Enterprise EVM account

  • Decentralized Exchanges (DEXs) such as Uniswap or Sushiswap's trading process involve signing messages with your Ledger Enterprise EVM account to authorize trades and liquidity provisions

  • NFT Marketplaces such as OpenSea, Rarible or Blur involve transactions where users purchase, bid for, or transfer digital assets. These marketplaces will require message signatures from your Ledger Enterprise EVM accounts to ensure these transactions are secure and valid.

  • Identity and social apps such as ENS (Ethereum Name Service) or Lenster will require signatures from your Ledger Enterprise EVM accounts to verify identities, prove ownership or facilitate secure communication

  • DAOs and governance apps such as Snapshot or Aragon will require your Ledger Enterprise EVM accounts to sign messages to participate in voting and other governance actions.

Once you've clicked the DApp's prompt to initiate a message signature, the DApp sends a message signature request to Ledger Enterprise. The message signature request will undergo your orginazation's security and governance checks.

Step 3: Create the message signature request

As the operator initating the message signature process with the DApp, you are creating a message signature request on your Ledger Enterprise workspace.

You are prompted with a message signature request modal, which helps you review the content of the message to sign.

  • EIP-191 messages usually present basic data to sign, typically a login message

  • EIP-712 messages present data in a structured format, to help users interpret more complex orders & operations, such as a bid on an NFT marketplace or a token spend authorization on a DEX.

Click Review on PSD to examine the message on the Trusted Display of your Personal Security Device. Tap the arrows to expand the different sections of the message. If the message is accurate and corresponds to your intention, you can approve its signature on your PSD.

The message signature request is created and will undergo the message signature governance checks which admins have defined for the account.

  • If the message signature governance rule requires further operator approvals, see Step 4

  • If the message signature governance rule does not require further operator approvals, see Step 5

You should only trust the message displayed on your PSD. Ensure that the message is accurate and corresponds to your intention before approving its signature. Reject the message signature and contact the Ledger Enterprise support if you notice discrepancies.

Step 4: Review and approve a message signature request

When a message signature request requires your approval, it will appear in the request panel. Click on the message signature request to examine its content. Click Review on PSD to check the message on the Trusted Display of your Personal Security Device (see step 3 for more details).

Step 5: Sign the message and return the signed message to the DApp

Once the message signature requests has passed all the required governance checks, it will be signed by the Hardware Security Module. The signed message is then communicated to the DApp, which unlocks the pending user flow, whether it is a login, an NFT bid or a trade order.

We recommend the following good-practices to ensure the message reaches the DApp after all approvals have been collected:

  • Once an operator initiates a message signature process through a DApp, they should maintain the connection with the DApp through the Ledger Enterprise message signature process. Whether they use a Vault DApp or connect to an external DApp via WalletConnect, operators who create message signing requests should leave their UI focused on the Vault DApp or WalletConnect, and avoid initiating other parallel operations.

  • If approvals from other operators are required for a message signature request, make sure that approvals are provided fast enough, i.e. while the operator who initiated the message signature process is still connected to the DApp.

Please note that the signature of messages is a time-sensitive process. The connection between Ledger Vault and the DApp must be maintained between the time the DApp requests a message signature, and the time Ledger Vault returns a signed message.

Step 6: Reporting - monitor and audit the message signature request

You can monitor and audit your entire history of messages signed when interacting with DApps.

Ledger Enterprise records the message that was signed, as well as the message siging governance rule's audit logs.

PreviousDeploy a Smart ContractNextInteract with a smart contract

Last updated 28 days ago