Signing DApp transactions for EVM chains is a security nightmare, as it's very common for users to blindly approve a signature request, typically some undecipherable hex string, while being completely oblivious to what it means. This remains a very popular attack vector, taking advantage of the lack of information available to users while signing transactions.
In this talk, we'll develop an understanding of Ethereum calldata, learn how you can decode it and reveal insights about seemingly opaque transactions. I'll also present some of our recent efforts at Brave to bring more safety and transparency to the transaction approval process in Brave Wallet.