This page describes the signing RPC methods in MetaMask. Learn how to use the recommended signing methods.
- Cheap to verify on chain.
- Protected against phishing signatures.
If onchain verifiability cost is a high priority,
- Displays human-readable text when UTF-8 encoded, making it a popular choice for site logins (for example, Sign-In with Ethereum).
- Is protected against phishing signatures.
The text prefix of
personal_sign makes signatures expensive to verify on-chain.
If onchain verifiability cost is not a priority, you can
Deprecated signing methods
eth_signTypedData_v3 are deprecated.
eth_sign allows signing an arbitrary hash, which means it can be used to sign transactions, or any other
eth_sign is a dangerous phishing risk.
eth_sign by default and does not recommend using
eth_sign in production.
Some applications (usually internal administrator panels) use
eth_sign for ease of
use, or due to an inability to change the associated dapp.
If a wallet user must interact with a dapp that uses
eth_sign and accepts the risks,
the wallet user can re-enable
eth_sign through advanced settings.
eth_signTypedData_v1 and eth_signTypedData_v3
eth_signTypedData was introduced by EIP-712.
The EIP-712 specification changed several times resulting in multiple versions
The earlier versions are:
eth_signTypedData_v1– The same as
eth_signTypedData. Read the introductory blog post to this method.
eth_signTypedData_v3– A highly used version of the EIP-712 specification. Read the introductory blog post to this method.
v2 represents an intermediary design that the Cipher browser implemented.
All early versions of this method lack later security improvements.
Use the latest version,