SAFE is a multi -signing smart contract wallet designed for the management of digital assets. The wallet requires a pre -defined owner signature threshold before running the transaction. To improve the feature, SAFE supports expansion through modules and polar back handlers.
Safe Akee Blockchain Security to conduct security review of safe smart accounts with a total time donation of the 20th engineering day between April 14 and May 12, 2025. 6 engineering days Wake up Test framework.
Second, the revision review was conducted between May 20 and May 27, 2025.
methodology
We have been grateful for the manual review of Codebase. Wake up Test framework. We used it for static analysis Wake up Vulnerability and code quality detector.
During the review, we focused on the following guarantees:
- The basic concept of safety (e.g. owner management and signature inspection) has been implemented correctly.
- Memory-Regrocured assembly blocks indicated by safety are actually memory-safety.
- Re -creation and front execution attacks are not possible.
- Standards like this ERC-165,,, ERC-1271 and EIP-712 It is implemented correctly.
- Integer Overflow and Underflo do not lead to security vulnerabilities.
- The contract is compatible with the following ERC-4337 Smart account;
- Compatibility is completely achieved backwards
CompatibilityFallbackHandlercontract; and - There is no common problem such as data verification.
range
The audit was performed in the commit b115c4c at Safe Smart-Account repository. The scope of gratitude included all solidified files. contracts Directory, excluding contracts/examples and contracts/test.
d89d156 It was initially used as a target commit, but later updated to include changes. CompatibilityFallbackHandler contract.
Second, the revision review was performed at COMMIT 5d26505 In the Safe-Smart-ACCount repository.
Security discovery classification is determined by two grades. influence and What can be. This two -dimensional classification helps to clarify the seriousness of individual problems. The problem to be evaluated middle It is severe, but the possibility of being found only by the team is generally reduced according to the possibility. wAnnings or menFormational Severe rating.
Our review led to 19 discoveries, from information to intermediate seriousness. The most serious discovery M1 It was found through manually induced pursing. This problem reveals the possibility of a front execution attack that allows the attacker to deploy new vaults on behalf of the user without running the intended callback. There is a problem SafeProxyFactoryIt is not a safe account itself. It is associated with (now confiscated). CreateProxywithCallback Methods, existing safes are not affected. This problem was not identified by the initial official verification check and previous audit.
The M1 problem has been found in the already deployed contract of version 1.4.1 (and lower) over all supported chains. Ackee Blockchain Security has been confirmed to alleviate possible risks. The feasibility of the discovery was immediately recognized by the safety team, and this problem has never been used. no way FIX is scheduled for the upcoming V1.5.0 release of SAFE.
The code is well documented and describes possible warning and security considerations. There is room for improvement in terms of user experience (W1,,, W7,,, i4,,, i5). SAFE’s reviewed version is not compatible. EIP-7702 Smart account.
Threshold
There was no important serious problem.
The severity is high
There is no high severe serious problem.
Intermediate
M1: The full execution attack can bypass the callback execution during the safe deployment.
Low severity
L1: CompatibilityFallbackHandler It does not provide complete compatibility
L2: Strict CallData Check on masterCopy call
Significance of warning
W1: Event emissions with misunderstandings
W2: Use of pre -calculation msg.data
W3: Suppose the scratch space is zero
W4: Safe setup You can release old information
W5: onlyNonceZero Can be confirmed Bypass
W6: Possibility of locked tokens
W7: ProxyCreationL2 The Nonce value is not the argument provided by the user.
Information seriousness
I1: Document Problem
I2: Unnecessary type cast payable
i3: code optimization
I4: Factory initializer The error has not spread
i5: No view function FallbackManager Handler address
i6: SafeStorage Can be defined abstractly
i7: L2-omission createChainSpecificProxyWithNonce
i8: Interface type used for parameters that allow zero address
i9: ChangedThreshold The event is released unconditionally
Trust model
The owner of the safe can completely control the safe. The attached module should be trusted because it can run any transaction in the safe. The attached polka can be confirmed as you can confirm it. ERC-1271 Signature on behalf of the safe.
Safe proxy factories can provide full execution protection when using correctly. In other words, the pre -calculated safe address will belong to the intended owner as long as the safe settings are performed as the initialization stage of the proxy deployment.
conclusion
AcKee Blockchain Security is safe.
Document that safe accounts are not completely compatible EIP-7702;
Clearly display the file below Contract/Yes As a non -production code;
Document function that is not supported
CompatibilityFallbackHandler; andSolve all identified problems.
The entire safety audit report of AcKee Blockchain Security can be found here..
We are always happy to work with SAFE’s world -class team, and we look forward to thank you again.