Inititive Title:
[SEP 54][OBRA: Strategy 4] Lucid Safe - Lucid - Clear Signing for Safe Wallets
Abstract
The recent Bybit exploit, which resulted in $1.5 billion in losses, exposed a critical risk in the safe ecosystem — blind signing. Attackers exploited a UI spoofing vulnerability, tricking signers into unknowingly approving a malicious contract upgrade. Since the transaction details weren’t displayed on their hardware wallets, signers blindly trusted the UI. We propose to build Lucid Safe, a mobile app paired to your laptop that acts as a secure verification layer to enable clear signing of Safe Wallet transactions. This approach strengthens security by providing a dedicated second screen for transaction simulation and hardware wallet information verification.
Aligned strategy
Which pre-approved strategy is this initiative driving forward?
Strategy 4: Research decentralization of Safe tech stack
Funding request
What resources are being requested from SafeDAO in USDC?
20k USDC
If applicable, upfront funding
Indicate if upfront funding is needed. Refer to 'Payout’ under [Get funding from SafeDAO] for lump sum payment options.
Not needed
Relation to budget
State the requested funding as a percentage of the total initiative budget (e.g. if you ask for 50k for Strategy 1: 25%)
Based on what was said in OBRA retro, 10% of Strategy 4 budget and 13.3% of the remaining budget.
Metrics and KPIs
Which metrics and KPIs will the initiative be measured against?
- Transaction Volume secured using Lucid Safe
- Number of transactions secured using Lucid Safe
- Quality Feedback and adoption from Safe signers
Initiative description
What is the initiative about?
Problem
Recently, a critical exploit on Bybit resulted in $1.5 billion in losses due to a UI spoofing attack on the official Safe Wallet front-end. Attackers tricked signers into unknowingly approving a Safe Wallet contract upgrade instead of a simple token transfer. Since the transaction details were not displayed on their hardware wallets, each signer blindly approved the request, trusting the UI as they had no other choice.
Example of Safe EIP-712 message on a ledger Nano S
Several ideas have been proposed to mitigate these risks:
- Front-end diversity: Hosting Safe interfaces on multiple domains reduces single points of failure but doesn’t eliminate UI deception.
- Multi-layer validation tools: Third-party validation scripts can analyze transactions but they rely on the thesis that the user device isn’t compromised
While securing the Safe infrastructure is important, the ultimate safeguard lies in the signer’s device. Every front-end, even if decentralized, would show malicious transactions if the signer device is compromised. A secure device with clear signing is essential to ensure transaction integrity.
Solution
Our solution — Lucid Safe — introduces a dedicated mobile app that serves as a secure verification screen. Phones are trusted devices that people always have with them, easier to set up, and safer than using a second laptop.
Lucid Safe introduces two core features to improve signing security:
- Simulation Screen: Simulates transactions using
eth_simulateV1(native Geth RPC call) to provide accurate transaction previews on a secure second screen. - Hardware Wallet Verification: Helps signers confidently verify that what they’re signing on their hardware wallet matches what they simulated on their phone.
By splitting the signing and verification process across two secure devices, this solution dramatically raises the attacker’s cost, requiring them to compromise both the laptop and the phone of all signers.
Here is a demo of what the Lucid Safe flow would look like in practice:
Here is a video demo of what the Lucid Safe flow would look like in practice
- Step 1: link your laptop with your app
- Step 2: Trigger a transaction normally (on your laptop)
- Step 3: Review it on your mobile app (on your mobile)
- Step 4: Sign your transaction (on your hardware wallet or hot wallet)
Current status
Does the offering (product/service) already exist or is the funding used to create it?
The Lucid Safe MVP is currently in development (started in the last 7 days). The requested grant will fund:
- Finalizing the mobile app’s development (design, back-end, simulation enhancements …)
- Marketing to onboard Safe signers (videos, one-to-one calls for feedbacks…)
You can find the repos here:
Risks
What risks does the initiative entail?
- Risk of suboptimal execution: Safe has to trust that the contributors can complete the proposal successfully to avoid losing resources.
- User adoption: Clear signing might not be as important for safe signers as we think it is or adoption could be slow if users are reluctant to install a new app on their mobile (especially without Safe promotion)
Timeline and milestones
Provide a detailed timeline or roadmap, include key milestones
| Week | Focus | Outcomes | USDC |
|---|---|---|---|
| 2-3 | Finalizing mobile app design and development | Lucid Safe MVP ready | 10k |
| 4 | Marketing resources and user feedbacks | Launch the app and get first user feedbacks | 5k |
| 5-7 | Adding new features and debugging based on first feedbacks | Lucid Safe Full Product in production | 5k |
Initiative lead
Who is the accountable initiative lead? (individual or organization)
LFG Labs – A fully on-chain company building web3 tools from design to code represented by Ben
Team
How many individuals in total will be working on this initiative and what role do they have? Please provide a brief background of the team members, highlighting their relevant experience and expertise.
We’ll have 4 people working on this initiative
- Th0rgal (Cofounder & dev) – Building on-chain company for +3 years at lfglabs.dev, former Ledger employee who contributed to the Starknet Ledger app with strong expertise in web3 and account abstraction.
- Ben (Cofounder & dev) – Building a fully on-chain company for +3 years at lfglab.dev with 300K users over 5 products, and 8 collaborators.
- Iris (dev) - Senior developer at lfglabs.dev for 2 years
- Kevin (Design) - Designed +30 apps among them starknet.io or kakarot.org
Additional support/resources
Are there any resources (non-financial) requested from the Safe Ecosystem Foundation or the core contributors?
- Support promoting the Lucid Safe app to the Safe community.
- Product feedback
Implementation dependencies
Does the implementation of this initiative require any prior changes in the current governance processes, e.g., updates to the governance framework, or have any other dependency? If yes, please specify these.
No changes are required. The Lucid Safe app will integrate with existing Safe Wallet workflows without contract upgrades or new hardware purchases.
Summary
- The Bybit hack showed that UI spoofing and blind signing pose serious risks to Safe Wallets.
- Lucid Safe offers a simple solution by introducing clear signing on a dedicated mobile app.
- By requiring an attacker to compromise both a laptop and a phone, Lucid Safe significantly raises the difficulty and cost of attacking Safe Wallet signers.
We request 20,000 USD to fund this initiative and improve security for all Safe Wallet signers.
