Skip to main content

Safe Wallet Security with Tenderly & Blockaid

R
Written by Rudy Dube
Updated over 5 months ago

Overview

Safe Wallet integrates two key security tools:

Tenderly: A transaction simulation system showing step-by-step outcomes before execution.

Blockaid: Real-time security scanning that validates transactions, checks for scams, and provides color-coded alerts (yellow for potential risks, red for known threats).

Below we will outline these tools and how they work within the product. This combination protects against phishing websites, malicious contracts, fake tokens, suspicious approvals, and rug pulls—empowering informed decisions in Web3.

Tenderly

Tenderly is an infrastructure application that allows you to simulate web3 transactions. We have incorporated this directly within our wallet. This will will allow you to not only check the outcome of a transaction but also see in detail each transaction step.

  • Provides detailed, step-by-step preview of potential transaction outcomes

  • Allows users to understand exactly what will happen before executing a blockchain transaction

  • Integrated directly into wallet infrastructure

  • Offers transparent transaction examination before confirmation

Tenderly empowers users by providing a clear window into the potential results of their blockchain transactions.

Blockaid

Blockaid is your real-time security guardian in Safe Wallet, protecting your assets by scanning every transaction before it happens. Think of it as having a security expert checking each action you take to ensure it's safe and legitimate.

How Blockaid Protects You

Real-Time Transaction Scanning

Every time you interact with a DApp or try to make a transaction, Blockaid automatically:

  • Validates the authenticity of the application or website

  • Checks if the addresses involved have been associated with scams

  • Simulates the transaction to understand exactly what will happen to your assets

  • Alerts you immediately if anything suspicious is detected

Protection Against Common Threats

Blockaid safeguards you from:

  • Phishing websites impersonating legitimate DApps

  • Malicious smart contracts that could drain your wallet

  • Fake tokens designed to steal your assets

  • Suspicious approval requests that could compromise your wallet

  • Honeypot schemes and potential rug pulls

Smart Contract Analysis

Before you interact with any smart contract, Blockaid:

  • Analyzes the contract's code for suspicious patterns

  • Verifies the contract against known legitimate contracts

  • Checks for unusual permission requests

  • Identifies potentially harmful contract interactions

Security Alerts Explained

When Blockaid detects a potential threat, you'll see one of these alert types:

Warning Alerts (Yellow)

  • Indicate potentially risky transactions

  • Provide details about why the transaction might be unsafe

  • Allow you to proceed with caution if you understand the risks

Danger Alerts (Red)

  • Signal highly suspicious or known malicious activity

  • Strongly recommend against proceeding

  • Provide detailed explanation of the detected threat

Common Security Scenarios

1. Token Approvals

Blockaid checks:

  • If the approval amount is reasonable

  • Whether the requesting contract is legitimate

  • If similar approval patterns have been used in scams

2. Token Transfers

Blockaid verifies:

  • The legitimacy of the token contract

  • Whether the recipient address is associated with scams

  • If the transfer amount seems suspicious

3. Smart Contract Interactions

Blockaid analyzes:

  • The reputation of the contract

  • The specific functions being called

  • The potential impact on your wallet's security

Best Practices

  1. Always review Blockaid security alerts carefully before proceeding

  2. Take extra caution when interacting with new or unfamiliar DApps

  3. Be especially vigilant when approving token permissions

  4. Double-check transaction details even if no warnings appear

  5. If unsure about a warning, it's better to err on the side of caution

Technical Note

In some cases, you might see a "GS013" error which may limit Blockaid's full security check capabilities. In these situations, you'll receive a warning alert instead of a comprehensive security assessment. Always exercise additional caution when you see this error.

Remember: While Blockaid provides advanced security protection, it works best when combined with your own vigilance and good security practices. If something feels suspicious, trust your instincts and proceed with caution.

You can see examples of warnings in various contexts below;

Malicious approval:

Malicious approval with Blockaid:

Malicious Permit:

Malicious Permit with Blockaid:

Malicious transfer:

Malicious transfer with blockaid:

Malicious set approval for all (ERC721)

Blockaid:

Malicious Native transfer:

Blockaid:

By leveraging Blockaid's security infrastructure, Safe Wallet helps protect you from the most common attack vectors in Web3, including phishing attempts, malicious smart contracts, and fraudulent tokens. This integration is part of our commitment to providing a secure environment for managing your digital assets.

Related Articles
Why do I see an "unexpected delegate call" warning in my transaction?
What is address poisoning and how does Safe{Wallet} battle it
Safe{Wallet} Native Swaps
How to perform basic transactions checks on Safe{Wallet}
How to verify Safe{Wallet} transactions on a hardware wallet
Did this answer your question?