Safe

You created your transaction via Safe{Wallet}.

You are about to hit “sign” and confirm via Metamask or Rabby.

This is a guide on how to perform basic checks of the transaction in your wallet.

For a complete end-to-end guide on how to verify transaction data on your hardware wallet trustlessly, refer to <a href="https://help.safe.global/en/articles/276344-how-to-verify-safe-txs-trustlessly-on-a-hardware-wallet">this guide</a>.

If you can’t verify it, don’t sign it.

Step 1: Verify transaction data in Safe{Wallet}

Before you hit sign, from the Safe{Wallet} interface, get the following and verify that this is what you expect:

<code>to</code> - set to the recipient for Ether transfers, the ERC20 token contract for token transfers, or the smart contract to interact with for contract interactions.

<code>value</code> - usually 0 for contract interactions and &gt; 0 for Ether transfers.

<code>data</code> (“Raw data”) - Checking this requires technical understanding. Refer to <a href="https://help.safe.global/en/articles/276344-how-to-verify-safe-wallet-transactions-trustlessly-on-a-hardware-wallet">this guide</a> for details.

<code>call_type</code> - Usually you should see a simple “call”. You should only see something else such as “create”, or “delegate_call” if you actually know what you are doing.

<code>nonce</code> - index of the next transaction you want to execute

- <code>to</code> - set to the recipient for Ether transfers, the ERC20 token contract for token transfers, or the smart contract to interact with for contract interactions.
- <code>value</code> - usually 0 for contract interactions and &gt; 0 for Ether transfers. 
- <code>data</code> (“Raw data”) - Checking this requires technical understanding. Refer to <a href="https://help.safe.global/en/articles/276344-how-to-verify-safe-wallet-transactions-trustlessly-on-a-hardware-wallet">this guide</a> for details.
- <code>call_type</code> - Usually you should see a simple “call”. You should only see something else such as “create”, or “delegate_call” if you actually know what you are doing.
- <code>nonce</code> - index of the next transaction you want to execute

Now you hit “sign” which sends the transaction data to your wallet such as Rabby, Metamask, or the wallet you connected via WalletConnect.

Your wallet should display the following and prompt you to sign typed data. If your wallet does not display this data, we recommend you to switch to another wallet.

- Does this match <code>to</code> from step 1?
- Is it set to an address you recognize? Use <a href="https://etherscan.io/" rel="nofollow noopener noreferrer" target="_blank">https://etherscan.io/</a> to double check.

- Does this match <code>value</code> from step 1?
- Is it 0 for contract interactions and the correct amount for Ether transfers?

- Does this match <code>data</code> from step 1?

- Is this set to <code>0</code>? This means a simple <code>call</code>
- <code>1</code> would mean delegatecall which is dangerous and you should check with a technical person.

- Does this match <code>nonce</code> from step 1? 
- Is this the index of the next transaction you want to execute?

<code>safeTxGas</code>, <code>baseGas</code>

- Are both <code>0</code> for Safes with version 1.3.0 or higher? Otherwise this can be higher.

<code>baseGas</code>, <code>gasPrice</code>

<code>gasToken</code>, <code>refundReceiver</code>

- Are both <code>0x0000000000000000000000000000000000000000</code>?

ONLY when ALL of the above checks out, confirm on your wallet.

1. <code>to</code>
 - Does this match <code>to</code> from step 1?
 - Is it set to an address you recognize? Use <a href="https://etherscan.io/" rel="nofollow noopener noreferrer" target="_blank">https://etherscan.io/</a> to double check.
2. <code>value</code>
 - Does this match <code>value</code> from step 1?
 - Is it 0 for contract interactions and the correct amount for Ether transfers?
3. <code>data</code> (“Raw data”)
 - Does this match <code>data</code> from step 1?
4. `operation`
 - Is this set to <code>0</code>? This means a simple <code>call</code>
 - <code>1</code> would mean delegatecall which is dangerous and you should check with a technical person.
5. <code>nonce</code>
 - Does this match <code>nonce</code> from step 1? 
 - Is this the index of the next transaction you want to execute?
6. <code>safeTxGas</code>, <code>baseGas</code>
 - Are both <code>0</code> for Safes with version 1.3.0 or higher? Otherwise this can be higher.
7. <code>baseGas</code>, <code>gasPrice</code>
 - Are both <code>0</code>?
8. <code>gasToken</code>, <code>refundReceiver</code>
 - Are both <code>0x0000000000000000000000000000000000000000</code>?
9. ONLY when ALL of the above checks out, confirm on your wallet.

Step 1: Verify transaction data in Safe{Wallet}

Step 2: Verify data in your wallet