Gnosis Safe allows secure management of blockchain assets.
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Go to file
Mikhail 8ffae95faa
Merge pull request #657 from jhoenicke/certoraOwnerReach
[Certora]: Add counter of owners  to specification
2 weeks ago
.github tests fix 1 month ago
.husky Closes #201: Allow storage to be read on-chain (#269) 3 years ago
.vscode Support debug in visual studio code 4 years ago
benchmark fix benchmarks 1 month ago
certora Fix one failing rule 4 weeks ago
contracts Merge pull request #658 from owl11/patch-1 2 weeks ago
docs change code block language identifier 2 months ago
src Merge pull request #641 from safe-global/deps-bump 1 month ago
test Add a 1.3.0 -> 1.4.1 migration contract (#649) 2 weeks ago
tests_deprecated Closes #251: Update solc compiler (#271) 3 years ago
types add linting 8 months ago
.env.sample Remove gasleft in setupModules, add erc4337 compatibility test 4 months ago
.eslintrc.js tests fix 1 month ago
.gitattributes Create .gitattributes 6 years ago
.gitignore bump hardhat & fix tests 1 month ago
.nvmrc Fix erc4337 test 1 month ago
.prettierrc Fix erc4337 test 1 month ago
.solcover.js add prettier formatting for ts & format files 8 months ago
.solhint.json Fix linter errors 1 month ago Add 1.5.0 changelog 1 month ago
LICENSE Create LICENSE 5 years ago tests fix 1 month ago
hardhat.config.ts remove ewc and volta from the hardhat config 1 month ago
package-lock.json Add a 1.3.0 -> 1.4.1 migration contract (#649) 2 weeks ago
package.json Add a 1.3.0 -> 1.4.1 migration contract (#649) 2 weeks ago
tsconfig.json fix benchmarks 1 month ago Fix typechecking in test files (#573) 4 months ago

Safe Contracts

npm version Build Status Coverage Status

⚠️ This branch contains changes that are under development To use the latest audited version make sure to use the correct commit. The tagged versions that are used by the Safe team can be found in the releases.


Install requirements with npm:

npm i


To run the tests:

npm run build
npm run test

Optionally, if you want to run the ERC-4337 compatibility test, it uses a live bundler and node, so it contains some pre-requisites:

  1. Define the environment variables:
  1. Pre-fund the executor account derived from the mnemonic with some Native Token to cover the deployment of an ERC4337 module and the pre-fund of the Safe for the test operation.


A collection of the different Safe contract deployments and their addresses can be found in the Safe deployments repository.

To add support for a new network follow the steps of the Deploy section and create a PR in the Safe deployments repository.


⚠️ Make sure to use the correct commit when deploying the contracts. Any change (even comments) within the contract files will result in different addresses. The tagged versions that are used by the Safe team can be found in the releases.

Current version: The latest release is v1.3.0-libs.0 on the commit 767ef36

This will deploy the contracts deterministically and verify the contracts on etherscan using Solidity 0.7.6 by default.


  • Set MNEMONIC in .env
  • Set INFURA_KEY in .env
npm run deploy-all <network>

This will perform the following steps

npm run build
npx hardhat --network <network> deploy
npx hardhat --network <network> sourcify
npx hardhat --network <network> etherscan-verify
npx hardhat --network <network> local-verify

Custom Networks

It is possible to use the NODE_URL env var to connect to any EVM based network via an RPC endpoint. This connection then can be used with the custom network.

E.g. to deploy the Safe contract suite on that network you would run npm run deploy-all custom.

The resulting addresses should be on all networks the same.

Note: Address will vary if contract code is changed or a different Solidity version is used.

Replay protection (EIP-155)

Some networks require replay protection, making it incompatible with the default deployment process as it relies on a presigned transaction without replay protection (see

Safe contracts use a different deterministic deployment proxy ( To make sure that the latest version of this package is installed, make sure to run npm i before deployment. For more information, including how to deploy the factory to a new network, please refer to the factory repo.

Note: This will result in different addresses compared to hardhat's default deterministic deployment process.

Verify contract

This command will use the deployment artifacts to compile the contracts and compare them to the onchain code

npx hardhat --network <network> local-verify

This command will upload the contract source to Etherescan

npx hardhat --network <network> etherscan-verify


Audits/ Formal Verification

Security and Liability

All contracts are WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.


All smart contracts are released under LGPL-3.0