WTF Am I Signing? Docs

Learn how to install, configure, and integrate with the Chrome extension that translates crypto transactions into plain English.

How to Install

Get up and running in under a minute. Follow these steps to add WTF Am I Signing to your Chrome browser.

Open the Chrome Web Store

Navigate to the Chrome Web Store or click the "Add to Chrome" button on our homepage. The extension is listed under the "Productivity" category.

Click "Add to Chrome"

On the extension page, click the blue "Add to Chrome" button in the top right. A dialog will appear asking you to confirm the permissions.

Approve Permissions

The extension requires permission to read transaction data from dApp pages. It does NOT access your private keys, seed phrases, or wallet passwords. Click "Add Extension" to proceed.

Pin the Extension

Click the puzzle piece icon in Chrome's toolbar, then click the pin icon next to "WTF Am I Signing?" so it is always visible and accessible.

Connect to a dApp

Visit any dApp (Uniswap, OpenSea, Aave, etc.) and initiate a transaction. The extension will automatically intercept the signing request and display a plain English explanation with a risk score.

Review and Sign (or Reject)

Read the explanation and risk assessment. If the transaction looks safe, proceed to sign. If something looks off, reject it. The extension never blocks you from signing -- it only informs you.

You are all set

The extension works automatically in the background. No configuration needed. Every transaction you encounter will be analyzed before you sign it.

Supported Wallets

WTF Am I Signing works with any browser-based wallet that uses the standard Ethereum provider API (EIP-1193). Here are the wallets we have tested and fully support.

MetaMask

Full Support

Browser extension and mobile. All EVM transaction types supported.

Rabby

Full Support

Full interception of all transaction and signature requests.

Coinbase Wallet

Full Support

Browser extension supported. Mobile via WalletConnect coming soon.

Rainbow

Full Support

Browser extension with complete transaction decoding.

Trust Wallet

Full Support

Browser extension supported. All standard EVM interactions.

Phantom (EVM)

Full Support

EVM mode fully supported. Solana support coming in a future update.

Other wallets: Any wallet that injects a standard Ethereum provider (window.ethereum) should work out of the box. If your wallet is not listed and you encounter issues, open an issue on our GitHub repository.

Supported Chains

All major EVM-compatible chains are fully supported. Transaction decoding, risk scoring, and contract intelligence work across every chain listed below.

Ethereum

Chain ID: 1

Base

Chain ID: 8453

Arbitrum

Chain ID: 42161

Polygon

Chain ID: 137

Optimism

Chain ID: 10

Avalanche

Chain ID: 43114

BSC

Chain ID: 56

Solana Support Coming Soon

Solana transaction decoding is currently in development and will be available for Pro users in an upcoming release.

How Risk Scoring Works

Every transaction is analyzed and assigned one of three risk levels. The score is based on multiple factors including contract verification, age, transaction type, known threat patterns, and on-chain intelligence.

SafeLow risk -- proceed with confidence

The transaction interacts with a well-known, verified contract. The operation is straightforward and matches expected behavior for the protocol.

Criteria

Contract is verified on a block explorer (Etherscan, Basescan, etc.)

Contract has been deployed for more than 30 days

The function being called matches known, safe patterns (swap, transfer, stake)

No unlimited token approvals or setApprovalForAll

Contract is recognized in our trusted protocol database

CautionMedium risk -- review carefully before signing

The transaction has some characteristics that warrant closer inspection. It may be legitimate, but one or more risk factors are present.

Criteria

Contract is verified but deployed less than 30 days ago

The function involves a token approval with a specific (non-unlimited) amount

Interaction with a protocol not in our trusted database

Contract has low transaction count or few unique users

Transaction involves sending ETH/tokens to an unfamiliar address

DangerHigh risk -- strongly consider rejecting

The transaction exhibits patterns commonly associated with scams, drainers, or exploits. Signing this transaction could result in loss of funds.

Criteria

Unlimited token approval (uint256 max) to an unverified contract

Contract is unverified on any block explorer

Contract deployed within the last 24 hours

Known malicious contract address in our threat database

setApprovalForAll granting access to entire NFT collection

Interaction matches known drainer or phishing patterns

Contract uses delegatecall to an unknown implementation

Scoring is additive. Multiple risk factors compound the score. A transaction with one CAUTION-level factor is flagged as CAUTION, but a transaction with three or more CAUTION-level factors may be escalated to DANGER. The scoring engine is continuously updated based on new threat intelligence.

API Documentation

Integrate WTF Am I Signing into your own application or service. The REST API provides programmatic access to transaction decoding, risk scoring, and contract intelligence.

Base URL

https://api.wtfamisigning.com/v1

Authentication

All API requests require an API key passed in the request header. You can generate an API key from your dashboard after signing up for a Pro account.

bash

curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.wtfamisigning.com/v1/analyze

POST/analyze

Submit a raw transaction for analysis. Returns a plain English explanation, risk score, and contract metadata.

Request Body

json

{
  "chainId": 1,
  "to": "0x68b3465833fb72A70ecDF485E0e4C7bD8665Fc45",
  "data": "0x095ea7b3000000000000000000000000...",
  "value": "0x0",
  "from": "0x742d35Cc6634C0532925a3b844Bc9e7595f2bD35"
}

Response

json

{
  "risk": "DANGER",
  "riskScore": 92,
  "title": "Approve unlimited USDC spending",
  "explanation": "This contract can drain ALL your USDC at any time. The approval never expires and the contract is unverified.",
  "contract": {
    "address": "0x68b3465833fb72A70ecDF485E0e4C7bD8665Fc45",
    "verified": false,
    "age": "2 hours",
    "deployer": "0x9aF1...8bD3",
    "transactionCount": 12
  },
  "flags": [
    "UNLIMITED_APPROVAL",
    "UNVERIFIED_CONTRACT",
    "NEW_CONTRACT"
  ],
  "function": {
    "name": "approve",
    "signature": "approve(address,uint256)",
    "args": {
      "spender": "0x68b3...Fc45",
      "amount": "unlimited"
    }
  }
}

GET/contract/{address}

Retrieve intelligence about a specific contract address, including verification status, age, risk flags, and known protocol association.

Example Request

bash

curl -H "Authorization: Bearer YOUR_API_KEY" \
  https://api.wtfamisigning.com/v1/contract/0x7a250d5630B4cF539739dF2C5dAcb4c659F2488D?chainId=1

Response

json

{
  "address": "0x7a250d5630B4cF539739dF2C5dAcb4c659F2488D",
  "chainId": 1,
  "name": "Uniswap V2: Router 2",
  "verified": true,
  "deployedAt": "2020-05-05T12:00:00Z",
  "age": "5+ years",
  "protocol": "Uniswap",
  "riskLevel": "SAFE",
  "transactionCount": 48239102,
  "uniqueUsers": 3841920,
  "flags": []
}

POST/analyze/batch

Submit multiple transactions for analysis in a single request. Useful for analyzing multicall or batched transactions. Maximum 10 transactions per request.

Request Body

json

{
  "chainId": 1,
  "transactions": [
    {
      "to": "0xA0b86991c6218b36c1d19D4a2e9Eb0cE3606eB48",
      "data": "0x095ea7b3...",
      "value": "0x0"
    },
    {
      "to": "0x7a250d5630B4cF539739dF2C5dAcb4c659F2488D",
      "data": "0x38ed1739...",
      "value": "0x0"
    }
  ]
}

Response

json

{
  "results": [
    {
      "index": 0,
      "risk": "CAUTION",
      "riskScore": 45,
      "title": "Approve 10,000 USDC spending",
      "explanation": "Approving a specific amount of USDC..."
    },
    {
      "index": 1,
      "risk": "SAFE",
      "riskScore": 8,
      "title": "Swap tokens on Uniswap V2",
      "explanation": "Standard token swap on a verified protocol..."
    }
  ],
  "overallRisk": "CAUTION"
}

Rate Limits

Plan	Requests / min	Requests / day
Free	10	100
Pro	60	10,000
Enterprise	Unlimited	Unlimited

Rate limit headers are included in every response: X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset.