Skip to main content
Safe Guards were introduced in Safe contracts version 1.3.0.
Safe Guards add an additional security layer on top of Safe’s n-out-of-m multi-signature scheme. They allow Safe owners to define custom rules that determine whether a transaction should be allowed to execute. A Safe Guard can perform checks:
  • Before execution, to validate the transaction parameters and context
  • After execution, to verify the final state of the Safe once the transaction has completed
Pre-execution checks can inspect all transaction parameters—such as the target address, calldata, value, and operation type—and decide whether the transaction should proceed.
Post-execution checks run at the end of the transaction and can be used to assert invariants or detect unexpected state changes. Guards are commonly used to:
  • restrict interactions to approved contracts
  • enforce protocol-specific invariants
  • add additional safety checks around sensitive operations
To explore real-world examples of Safe Guards, see: Safe Guards diagram
Important: Safe Guards are security-critical. Because a Guard can block transaction execution entirely, a faulty or malicious Guard can cause a denial of service and lock funds in a Safe. Only use well-reviewed and audited Guards, and always consider recovery mechanisms.