Battle-tested smart account / multisig protocol. SDKs to deploy Safes, propose and confirm transactions, and add ERC-4337 account abstraction across EVM chains.
- 01multisig wallets
- 02DAO treasuries
- 03smart accounts
- 04ERC-4337 account abstraction
- 05deterministic counterfactual deployment
- pnpm add @safe-global/protocol-kit @safe-global/api-kit
- pnpm add @safe-global/relay-kit
- pnpm add @safe-global/safe-react-hooks
| Variable | Scope | Description |
|---|---|---|
| NEXT_PUBLIC_SAFE_TX_SERVICE_URL | Client | Optional override for the Safe Transaction Service URL when targeting a chain that does not run an official service (most mainnets are auto-detected by chainId). |
| SAFE_SIGNER_PRIVATE_KEY | Server | Private key of an owner used by server-side scripts that sign and propose Safe transactions. Server-only; never expose. |
Use Safe for smart-account / multisig functionality. Initialize the SDK with `await Safe.init({ provider, signer, safeAddress })` from `@safe-global/protocol-kit` (or pass `predictedSafe` with `safeAccountConfig` to work with a counterfactual Safe before deployment). Build a transaction with `safe.createTransaction({ transactions: [{ to, value, data }] })`, sign it with `safe.signHash`, then propose it to other owners via `new SafeApiKit({ chainId }).proposeTransaction(...)` from `@safe-global/api-kit`. Once the threshold is met, call `safe.executeTransaction(safeTx)`. For gasless / ERC-4337 flows use `@safe-global/relay-kit`. In React, the `@safe-global/safe-react-hooks` package exposes `useSafe`, `useSendTransaction`, and `useConfirmTransaction` hooks.
- ⚑Proposing a transaction to the API Kit is NOT execution — it only stores the proposal off-chain; nothing happens on-chain until enough owners sign and one of them calls `executeTransaction` (or you use a relayer).
- ⚑Safe addresses are deterministic across chains only when you redeploy with the same `safeAccountConfig` and `saltNonce` — never assume an address that exists on mainnet exists on every L2; check before sending funds.
- ⚑The Transaction Service is chain-specific: pass the right `chainId` to `SafeApiKit`, and for chains without an official service set `txServiceUrl` explicitly or proposals will silently fail.
- ⚑`signTypedData` from some hardware/embedded wallets returns signatures that are not compatible with Safe's expected `signMessageHash` format — fall back to `signHash` (eth_sign) when you see signature verification failures.
- ⚑Do not hardcode contract addresses for Safe singletons / factories; resolve them via `getSafeContract` / `getSafeProxyFactoryContract` so deployments stay in sync with the latest audited release.
- ⚑When using ERC-4337 via the Relay Kit, the bundler and paymaster are separate services — misconfigured paymaster policies are the #1 cause of `AA33 reverted` errors.