The Safe team, one of the most widely used multi-signature wallet protocols on Ethereum, announced the launch of Safenet Beta on April 2nd. It is a decentralized network of validators designed to verify transactions before they are executed in a Safe account, moving security from external warnings to the execution process.
Safenet’s goal is to bridge the gap between what users intend when they sign a transaction and what they actually allow. According to the team, this attack vector has caused more than $20 billion in losses since 2017. The emblematic event was the Bybit hack in February 2025.by Lazarus Group, cost the exchange approximately $1.5 billion. In this incident, the vulnerability occurred when signing malicious transactions after the executive’s Safe wallet was previously compromised.
In the early stages of the Safenet Beta, Establishment of validator groupThis includes organizations such as Gnosis, Blockchain Capital, and other ecosystem actors associated with Safe.
How does Safenet work?
Uses of Safenet Cryptographic verification These are recorded and can be publicly audited. When a user submits a transaction from their Safe account, the Safenet validator evaluates the transaction against a set of security rules in real time.
Generate a cryptographic certificate if it is determined to be secure. This is a collective certificate that is registered and publicly auditable. A component called “Guard” that is installed on a user’s account (wallet) verifies the certificate before allowing execution. Without valid authentication, the transaction will not be processed, Safe explains.
If the transaction is marked as risky and the user decides to proceed anyway, it can proceed, but Explicit additional approvals and waiting periods.
But what The statement did not elaborate on what safety rules are in place. It does not explain the detailed validators applied nor how the system deals with more complex or new attack vectors.
On the other hand, it also says that Safenet is tolerant to Byzantine failures, which means that Safenet may continue to function correctly even if some validators misbehave.
The long-term goal is for this validation network to protect all operations performed through Safe, extending the level of security without sacrificing the control that is the hallmark of self-management.
Role of SAFE token
This release also introduces new features for SAFE tokens. Previously used primarily for governance, it now plays an active role within the network.
According to Safe, Validators must be blocked (stake) token is safe Other users can delegate their tokens to support these validators and receive rewards. This model aims to harmonize economic incentives and network security.
Bybit hacking as background
As reported by CriptoNoticias, in February 2025, the Lazarus group carried out the largest hack in the history of the cryptocurrency ecosystem. It was the theft of approximately US$1.5 billion from the Bybit exchange, which operated a cold wallet in Safe.
attack Safe’s smart contract flaw was not exploited However, on the human and operational levels, Bybit signers approved the transaction believing it to be legitimate, without knowing that the interface had been manipulated to display incorrect information about what they were approving. Funds moved because the signature was obtained, not because the code failed.
Although Safenet did not exist at the time and the Safe statement does not explicitly mention the Bybit hack, the mechanism it presents directly points to the type of attack that made it possible. So the gap between what was signed and what was executed was the central vulnerability.
