Guardrail: Locking Down Delegate Calls in Safe

remedcu · August 7, 2025, 2:29pm

Meet Guardrail - our new project at Safe Research, which introduces a simple, composable Guard that blocks unauthorized DELEGATECALLS in your smart wallet flow

Think of it this way:
Multisig = multiple keys to your vault
Guardrail = a security officer at the door, double-checking every transaction even after it’s signed

Guardrail focuses on one high-risk area: DELEGATECALL
This opcode lets your Safe run external code as if it were its own. Super flexible, but also dangerous if misused

Guardrail only lets your Safe DELEGATECALL into contracts on a specific allowlist.

You control the list.
New additions are time-delayed
Removals are instant

This gives you time to catch any malicious/dangerous transaction attempts.

For more information, read our blog post.

adamhurwitz.eth · August 9, 2025, 8:25pm

It will be great when the Safe native accounts from app.safe.global and ecosystem built Safes offer easy to set up and audited Safe Guards in the UI.

This is important for transactions txs where the tx data is not easily readable in the Safe app to automatically check for certain conditions.

≤ Specified quantity of asset(s)
Specify specific assets or number of assets that can be transacted with at a given time
Allow and deny lists
etc.

Safe Guards are automated multifactor verification MFV.

remedcu · August 21, 2025, 1:55pm

We just dropped Part 2 of our Safe Guard series. Read more about it in this thread: Fiducia - Onchain Trust Rules and Cosigning

Topic		Replies	Views
Is there an example of a wallet using daily limits yet? Safe Ecosystem	0	337	July 17, 2023
Safe contract v1.5.0 Contracts	1	678	June 14, 2023
Non-proxy safe deployments and compat Contracts	1	442	January 31, 2023
Token Approval Manager - Gnosis Safe app Safe Ecosystem	3	1550	May 6, 2022
Draft: The Motivation and Future of Safe Contracts Contracts	1	1484	December 29, 2022

Guardrail: Locking Down Delegate Calls in Safe

Related topics