How to verify Safe{Wallet} transactions on a hardware wallet

You are a Safe Wallet user.

You created your transaction via Safe{Wallet}.

You are about to hit “sign” and confirm on your hardware wallet.

This is a guide on how to perform a check of the transaction on your hardware wallet with a 3rd party command line tool.

For a basic guide on how to verify transaction data on e.g. Metamask or Rabby, refer to this guide.

If you can’t verify it, don’t sign it.

Security Best Practices

Multi-Device Verification

🔒 Use separate devices for enhanced security:

Sign transactions using software accounts (MetaMask, Rainbow, Rabby) on a different device than where you're using Safe Wallet
Create multi-factor authentication by combining software accounts with dedicated device accounts (Ethereum Phone, GridPlus, Hito)
A dedicated verification device provides the strongest security

🔬 Transaction Simulation Before Signing

Use Tenderly's Transaction Simulator to preview execution and analyze expected outcomes
Safe{Wallet} has integrated Tenderly simulations, but you can also simulate directly in Tenderly dashboard
Simulations allow you to check transaction execution without requiring multiple signatures

Tool Selection

🛠️ Use multiple verification tools:

Transaction decoders:
- @rimeissner's decoder provides readable and detailed information
- Etherscan decoder, Dethcrypto tools
Simulators:
- Tenderly: Use "Contracts" and "Events" tabs for detailed transaction analysis
- Can simulate Safe transactions by adding your SafeProxy contract to Tenderly
- Bypass multisig requirements using state overrides for testing
- Run simulations via dashboard or Tenderly Node RPC
- Can be run on a separate device from Safe for additional security
Hash verification:
- OpenZeppelin's Safe Utils: User-friendly UI using original code
- @pcaversaccio's safe-tx-hashes-util for command line verification

Contract Verification

📋 Maintain a list of trusted contracts:

Bookmark contracts you regularly interact with for quick verification
Find official contracts on Etherscan directly from project teams
Verify using multiple sources (team websites, CoinGecko, social channels)
Check for social verification signals (mutual followers on X/Warpcast)
Some apps (like CoW Swap) include contract information directly in their interface

⚠️ Key principle: Always verify transaction data across multiple tools and devices before signing. If anything seems suspicious or cannot be verified, do not sign the transaction.

Verifying data on a Hardware Wallet

Step 1: Verify transaction data in Safe{Wallet}

Before you hit sign, from the Safe{Wallet} interface, get the following and verify that this is what you expect:

to - set to the recipient for Ether transfers, the ERC20 token contract for token transfers, or the smart contract to interact with for contract interactions.
value - usually 0 for contract interactions and > 0 for Ether transfers.
data (“Raw data”) - Use a call data decoder such as this one from Etherscan, this one from @rimeissner, or this one from @dethtools to actually check the entire call data.
call_type - Usually you should see a simple “call”. You should only see something else such as “create”, or “delegate_call” if you actually know what you are doing.
nonce - index of the next transaction you want to execute

Step 2 : Verify with Tenderly via Safe Simulations

Now, when expanding the simulation directly from your transaction , you will be presented with the following screen;

This allows you to ;

Check the domain and message hashes from your wallet
Compare it directly with the Safe transaction data shown in Step 1.
View the full transaction trace.

This is offers enhanced security as you can now verify transaction data in three separate , isolated places. The Safe{Wallet} , Tenderly and finally your hardware wallet.

With deeper integration with Tenderly , you can also add your own Safe and simulate more complex actions.

Step 3: Verify typed data on hardware wallet

Newer hardware wallets from Trezor, Ledger, GridPlus, and others display typed structured data via EIP712, or support some form of clear signing. In this way you can directly verify the transaction data on your hardware wallet:

to
- Does this match to from step 1?
- Is it set to an address you recognize?
value
- Does this match value from step 1?
- Is it 0 for contract interactions and the correct amount for Ether transfers?
data (“Raw data”)
- Does this match data from step 1?
operation
- Is this set to 0? This means a simple call
- 1 would mean delegatecall which is dangerous and you should check with a technical person.
nonce
- Does this match nonce from step 1?
- Is this the index of the next transaction you want to execute?
safeTxGas, baseGas
- Are both 0 for your Safe with version 1.3.0 or higher? Otherwise this can be higher.
baseGas, gasPrice
- Are both 0?
gasToken, refundReceiver
- Are both 0x0000000000000000000000000000000000000000?
ONLY when ALL of the above checks out, confirm on your wallet.

In case the Safe API is currently unavailable, consider using one of the the following options to pass all transaction data manually instead of fetching them from the API:

Interactive mode of the safe-tx-hash-util tool above.
Offline mode of the safe-tx-hashes fork by Patrick Collins.

Why do I see an "unexpected delegate call" warning in my transaction?

What is the Safe transaction hash (safeTxHash)?

Verify Safe creation

How to create a Safe App with Safe Apps SDK and list it

How to perform basic transactions checks on Safe{Wallet}