From e691eaf7a71b027f0d7cff8d7a17da7999c68c26 Mon Sep 17 00:00:00 2001
From: zuochengzhangzju-byte <zuochenzhangzju@gmail.com>
Date: Wed, 20 May 2026 10:13:02 +0800
Subject: [PATCH] =?UTF-8?q?checkin:=20zuochengzhangzju-byte=202026-05-20?=
 =?UTF-8?q?=20=E6=AF=8F=E6=97=A5=E6=89=93=E5=8D=A1?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 notes/zuochengzhangzju-byte.md | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/notes/zuochengzhangzju-byte.md b/notes/zuochengzhangzju-byte.md
index eab7b8489..08f9c55ec 100644
--- a/notes/zuochengzhangzju-byte.md
+++ b/notes/zuochengzhangzju-byte.md
@@ -19,4 +19,15 @@ AI x Web3 School
 <!-- DAILY_CHECKIN_2026-05-19_START -->
 学习了如何用hermes控制管理github，体验感受了自动化流程
 <!-- DAILY_CHECKIN_2026-05-19_END -->
+
+# 2026-05-20
+<!-- DAILY_CHECKIN_2026-05-20_START -->
+## Web3 钱包签名安全
+
+- EIP-712：将「盲签」升级为「结构化可读签名」，钱包能展示类型化域名和字段，用户能看清签了啥
+- eth_sign 被禁用：原始签名只签哈希，钱包无法解析 → 钓鱼重灾区
+- EIP-712 局限：可视化≠可理解，用户仍可能看不懂字段含义
+- Simulation as Safe Layer：交易确认前先模拟执行，预览资产变化，比依赖用户读懂签名更可靠
+- 对 AI Agent 意义：程序化解析 simulation 结果，自动判断风险，不盲目执行
+<!-- DAILY_CHECKIN_2026-05-20_END -->
 <!-- Content_END -->