Message and packet signing
The wallet may be asked to sign ordinary messages or Quorum-specific packets. Treat them differently.
Message signing
Message signing proves control of an identity over some displayed text or bytes. It should not be used as a substitute for Quorum proposal approval unless the message is a protocol-defined preimage.
Packet signing
Packet signing is Quorum-specific. It signs canonical data with domain tags and action context so the signature is bound to a multisig, proposal, action, and signer scheme.
What to review
- Requesting app.
- Identity being used.
- Domain or action type.
- Multisig address.
- Proposal index or settings action.
- Whether the displayed payload is human-readable enough to approve.
Prefer structured prompts
If a signing prompt cannot explain what the signature authorizes, reject and investigate.