A signature request is a wallet prompt that asks a user to sign a message with their crypto wallet. It can be used to prove wallet ownership, log in to a Web3 app, confirm intent, accept terms, or authorize an off-chain action. To understand the wider system behind wallets and digital assets, start with What Is Cryptocurrency?.

Signature requests matter because they can look harmless, but they still deserve careful review. Some signatures are simple login messages, while others may approve actions that affect wallet permissions, listings, orders, claims, or interactions with smart contracts. This guide explains what users see, what to check, and how signature requests connect to wallet addresses, blockchain networks, DEXs, token contracts, explorers, and common beginner safety mistakes.

Quick answer

A signature request is a wallet message that asks the user to sign data with their wallet to prove control or approve an action. It matters because a signature can represent agreement, identity, or permission inside a crypto app. Before signing, users should check the official source, connected site, selected wallet, message content, network, and expected result.

Simple example: A Web3 app may show a wallet popup that says “Sign this message to log in.” If the message only proves that the user controls the wallet address, it may not move funds. But if the text is unclear, hidden, unreadable, or connected to a suspicious page, the user should stop and verify the source first.

Why this matters

Crypto wallets often use signatures as a way to prove that a user controls a wallet address without asking for a password. This is useful for wallet login, account linking, claim eligibility, governance participation, and app-specific actions. A signature can connect a public wallet address to a user session, a request, or a decision inside a crypto app.

The risk is that users may sign without reading the request. A fake site can copy a familiar brand, ask for a wallet connection, then present a confusing signature request that the user does not understand. Safer usage starts with verifying the official site, reading the wallet prompt, and refusing unclear requests. For a broader safety checklist, read How to Avoid Crypto Scams.

Useful next step: If this topic feels unfamiliar, read What Is Blockchain? and Wallet Address vs Private Key first. Those pages explain the basic structure behind wallets, public addresses, private control, transactions, and many Web3 actions.

The basic idea

A signature request is not always the same as a blockchain transaction. A transaction usually sends data to the blockchain and may require a network fee. A signature request may simply sign a message off-chain, meaning it may not immediately appear as a transaction on a block explorer. However, it can still be important because the signed message may be used by an app, market, contract system, or backend service.

1. The wallet proves control of an address

When a user signs a message, the wallet uses private-key control to create a cryptographic signature. The app can then check that the signature matches the public wallet address. This lets the app confirm that the person using the site controls the wallet address without needing the user to reveal a private key or seed phrase.

2. The message explains what is being signed

A safer signature request should show readable information, such as the site name, purpose, wallet address, nonce, expiration time, or statement of intent. Users should avoid signing messages that are blank, unreadable, unexpectedly complex, or unrelated to the action they intended. If a page asks for a seed phrase instead of a normal signature, leave immediately and read What Is a Seed Phrase?.

3. Signing does not always mean sending funds

Many signature requests do not directly transfer assets. For example, a wallet login signature may only prove that the user owns the address. However, users should not assume every signature is harmless. Some signatures can approve off-chain orders, permissions, listings, claims, or actions that a platform may later submit or use.

How it works in practice

A signature request usually appears after a user connects a wallet to a website or app. The wallet popup asks the user to review and sign a message. The safest habit is to treat the prompt as a real approval screen, not as a routine button click.

  1. The user opens a crypto app, DEX interface, claim page, presale page, governance page, or wallet-connected tool.
  2. The app asks the user to connect a wallet and may display the selected wallet address and network.
  3. The wallet shows a signature request with a message, domain, request type, or structured data.
  4. The user checks whether the message matches the intended action before signing or rejecting it.
  5. After signing, the app may log the user in, confirm eligibility, prepare an order, or continue to a separate transaction request.

Related guide: If the action involves sending funds, checking balances, connecting a wallet, signing a message, importing a token, or using a wallet-connected site, also read Wallet Address vs Private Key and How to Check Official Links.

What users should check

Signature requests should be reviewed with the same calm attention as other wallet prompts. The goal is to confirm that the request came from the expected source, matches the intended action, and does not ask for more authority than the user understands.

  • Official source: Confirm the website, app, documentation, and social links before connecting a wallet or signing anything. Use How to Check Official Links if the link came from search results, ads, direct messages, comments, or social media.
  • Network: Check whether the app expects a specific blockchain network. Some signatures are network-specific, while others may only prove wallet ownership. The selected network should still match the user’s intended action.
  • Address or contract: Check the wallet address being used and any contract, token, marketplace, or app referenced by the request. A familiar name does not prove that the connected site or contract is official.
  • Wallet request: Read the visible message, requested action, domain, nonce, deadline, amount, permission, or structured data. Reject the request if it is blank, confusing, unexpected, urgent, or unrelated to the page action.
  • Result: After signing, check what changed. The app may log the user in, show the next step, request a transaction, or update a status. If a transaction follows, review it separately before confirming.

Common mistakes

Crypto mistakes are common because many interfaces show technical information in compressed ways. A user may see a wallet popup, site logo, token symbol, network name, approval request, transaction hash, or explorer page and assume it means more than it actually proves. Safer usage starts with slowing down and checking the same information from more than one trusted place.

Mistake 1: Treating every signature as harmless

Some signatures are simple login messages, but others can represent orders, permissions, listings, claims, or other meaningful actions. Users should read the message and understand the context before signing. If the request appears on a page that was reached through an unknown link, verify the official source first.

Mistake 2: Signing on the wrong website

A fake site can copy a real interface and ask for a signature that appears routine. The safest habit is to check the domain spelling, official links, documentation, and wallet connection before trusting the prompt. A valid wallet popup does not prove that the website itself is safe.

Mistake 3: Confusing a signature request with a transaction request

A signature request may not pay a network fee or appear on a block explorer, while a transaction request usually submits an on-chain action. Both can matter. Users should review each wallet prompt separately and avoid clicking through because a previous request looked safe.

When to be extra careful

Some crypto actions deserve more caution because they can expose funds, permissions, personal wallet history, or access to token approvals. Users should slow down when a page asks them to connect a wallet, sign a message, approve token spending, bridge assets, claim rewards, join a presale, import a custom token, or follow a link from social media.

  • Before signing a login message: Check the domain, site name, wallet address, nonce, and whether the login request matches the page you intended to use.
  • Before signing structured data: Review amounts, token names, contract references, deadlines, permissions, and any order-like language before approving.
  • Before signing after a social media link: Verify the official website through trusted sources. Be careful with urgent claims, fake support, fake airdrops, copied presale pages, and shortened links.

FAQ

What is a signature request in crypto?

A signature request is a wallet prompt that asks the user to sign a message with their wallet. It is often used to prove wallet ownership, log in to a Web3 app, confirm intent, or approve an off-chain action.

Can a signature request move my crypto?

A basic message signature usually does not directly move funds by itself. However, some signatures can approve meaningful off-chain actions, orders, permissions, or later interactions. Users should read the request and verify the source before signing.

Is signing a message the same as confirming a transaction?

No. A transaction usually sends data to a blockchain and may require a network fee, while a message signature may happen off-chain. Both should be reviewed carefully because both can affect how a crypto app treats the wallet.

Why does a website ask me to sign a message?

A website may ask for a signature to prove that you control a wallet address without asking for a password. This is common in wallet-based login flows. The request should still match the official site and the action you intended.

Should I sign a message from a random link?

No. Users should avoid signing messages from unknown links, direct messages, fake support accounts, copied websites, or urgent claim pages. Check the official source first with How to Check Official Links.

Related concepts

This topic connects to several nearby crypto concepts. Understanding these pages can help readers move through the Eonwell archive in a safer order, especially if they are learning how wallets, networks, token contracts, transactions, explorers, and Web3 apps fit together.

Summary

A signature request is a wallet prompt that asks a user to sign a message with their crypto wallet. It is commonly used for wallet login, ownership proof, intent confirmation, or off-chain app actions. A signature request is not always the same as an on-chain transaction, but it can still carry important meaning. Users should check the official source, connected site, wallet address, message content, network, and expected result before signing. Safer wallet use means treating signature prompts as real approval screens instead of routine clicks.

Eonwell does not recommend any specific wallet, token, exchange, protocol, service, or transaction. This page is for neutral crypto education only.

Topics

End of record

Build judgment before taking action.

Eonwell is designed to help users understand wallets, DEXs, tokens, presales, and on-chain safety before they click, connect, approve, or send.

Back to Guides Open Safety Guides