When I want to sign a smart contract transaction, that includes script UTxOs that do not belong to my account, my device includes the coins in those UTxOs telling me I am about to send that. Which is unsafe to sign, what if I get a fake transaction that presents itself this way on my computer, but actually would replace that UTxO with my own coins and I would lose them by signing it. Even if that doesn't happen, it's scary signing a Tx that tells me I'm about to send more coins than I'm actually sending. Verifying the send amount is one of the main reasons why it's safe to use the device, so the amounts should match what I'm sending, and ignore any UTxOs that do not belong to me and I'm not signing those.
Example:
A transaction that will add 100 ADA to an ADA pool that belongs to a script:
2 Inputs: 300 ADA (My account), 1000000 ADA (Script addr)
2 outputs: 1000100 ADA (Script addr), 200 ADA (Change)
My device then asks me to confirm sending 1000100 ADA, it should be 100, as I am only sending out 100.
When I want to sign a smart contract transaction, that includes script UTxOs that do not belong to my account, my device includes the coins in those UTxOs telling me I am about to send that. Which is unsafe to sign, what if I get a fake transaction that presents itself this way on my computer, but actually would replace that UTxO with my own coins and I would lose them by signing it. Even if that doesn't happen, it's scary signing a Tx that tells me I'm about to send more coins than I'm actually sending. Verifying the send amount is one of the main reasons why it's safe to use the device, so the amounts should match what I'm sending, and ignore any UTxOs that do not belong to me and I'm not signing those.
Example: A transaction that will add 100 ADA to an ADA pool that belongs to a script: 2 Inputs: 300 ADA (My account), 1000000 ADA (Script addr) 2 outputs: 1000100 ADA (Script addr), 200 ADA (Change) My device then asks me to confirm sending 1000100 ADA, it should be 100, as I am only sending out 100.