Cronos Developer Series: Use the “Safe” Multisig Wallet to Enhance the Security of your dApps

As any smart contract developer knows, the owner and admin addresses of a dApp represent acute points of vulnerability, since they often have special permissions such as the ability to launch the pre-sale or public sale of a token of NFTs, or the ability to modify key parameters, to freeze transactions, etc. The ultimate goal of most dApps is to delegate the control of these addresses to DAOs.

In the early days of development of a dApp, before full decentralization, it is common to use multi-signature smart contract wallets to secure these addresses.

By assigning a multi-signature smart contract wallet as the owner/admin of a dApp, dApp developers can protect themselves against the potentially disastrous consequences of the compromise of a single private key.

The Safe suite, formerly known as Gnosis Safe, is the gold standard in terms of multi-signature smart contract wallets in the EVM world. The first release dates back to 2018, and Safe multi-signature wallets have been used to store tens of billions of US Dollars in value.

Safe does not support Cronos chain officially yet, but dApp developers can consider using Cronos Safe, an implementation of the Safe user interface and smart contracts on the Cronos chain.

Note that the Cronos Safe implementation is provided by the open-source community with the support of Protofire. Cronos Safe is provided “as is”, with no guarantees. While you can verify independently that the Cronos Safe smart contracts are identical to the official Safe smart contracts, keep in mind that you are using them at your own risk. Cronos Safe is not officially supported by Cronos or Cronos Labs.

Please refer to the Appendix section of this blog post for additional information about the smart contracts.

In this blog post, we outline the key steps involved in setting up a Cronos Safe wallet. For detailed documentation, please refer to the Safe website and documentation.

Step 1 — Design the governance of the wallet

Each Safe wallet is going to require a set of owners, and a transaction approval policy:

• The owner set is the list of wallet addresses who are authorized to sign confirmations for any transaction emanating from the Safe wallet.
• The transaction approval policy specifies how many confirmations are needed to authorize a transaction. For example, the policy may specify that 3 confirmations out of 5 owners are needed in order to authorize a transaction.

It is important to be thoughtful about the approval policy and the operational measures in place in order to safeguard the security of the private keys of each of the owner addresses.

The policies can be modified after creation.

Step 2 — Create the Safe and configure owners and policies

You can visit cronos-safe.org to access the user interface of the Safe deployment on Cronos chain.

Click “Create Safe”, connect your wallet, and follow the instructions. You can connect to the Cronos Safe dApp with MetaMask, or with the Crypto.com DeFi Wallet via WalletConnect.

As an additional safety measure, please make sure that you check the addresses of the smart contracts that you are interacting with when you are asked to sign transactions. (See the Appendix).

Step 3 — Integrate the Safe with your dApp

The Cronos Safe dashboard shows the Cronos address of your newly created Safe:

Test a few small transfers on your end to verify that you are able to control the Safe wallet. You can now send more funds to this address, or assign this address as owner/admin of your dApp smart contracts as required.

When you click on “New transaction” the Safe user interface allows you to send CRO, ERC20 tokens or NFTs. You can also call smart contract methods by declaring the ABI of your smart contract:

That’s it. You may follow the @cronossafe Twitter account to keep track of updates and new releases.

Appendix — Cronos Safe smart contracts

Cronos Safe smart contracts were deployed using deterministic deployment proxy factory and create2 op_code. The address of each smart contract is calculated based on the proxy address and the contract bytecode.

As a result, Cronos Safe contract addresses are the same as on the other chains that have Gnosis Safe deployments, which means that their bytecodes are identical.

The addresses of deployed contracts can be found in the Gnosis Safe deployments repository (https://github.com/safe-global/safe-deployments/tree/main/src/assets/v1.3.0)

The smart contracts deployed to Cronos mainnet have been verified on Cronoscan.com:

• CompatibilityFallbackHandler: 0x017062a1dE2FE6b99BE3d9d37841FeD19F573804
• CreateCall: 0xB19D6FFc2182150F8Eb585b79D4ABcd7C5640A9d
• DefaultCallbackHandler: 0x3d8E605B02032A941Cfe26897Ca94d77a5BC24b3
• GnosisSafe: 0x69f4D1788e39c87893C980c06EdF4b7f686e2938
• GnosisSafeL2: 0xfb1bffC9d739B8D520DaF37dF666da4C687191EA
• GnosisSafeProxyFactory: 0xC22834581EbC8527d974F8a1c97E1bEA4EF910BC
• MultiSend: 0x998739BFdAAdde7C933B942a68053933098f9EDa
• MultiSendCallOnly: 0xA1dabEF33b3B82c7814B6D82A79e50F4AC44102B
• SignMessageLib: 0x98FFBBF51bb33A056B08ddf711f289936AafF717
• SimulateTxAccessor: 0x727a77a074D1E6c4530e814F89E618a3298FC044