Safe responds to blind signature security incident: multi-device signature is recommended

Odaily News The Safe team reviewed the security incident mentioned in Radiant Capital's post-mortem report and pointed out that the Safe {Wallet} front-end functioned normally, but the external device was compromised during the signing process, allowing hackers to replace transaction data and trick signers into signing malicious transactions. The Safe team believes that this incident highlights the risks of blind signatures, where users approve transactions with full view of transaction details, especially when using hardware wallets. To address this issue, Safe recommends using multiple signature devices from different vendors (for example, a combination of Ledger and Trezor) and connecting these devices through a trusted interface to improve transaction visibility and security. In addition, Safe has explored technologies such as conditional signatures to provide more contextual information without sacrificing security. The Safe team is considering calculating Ledger hashes directly in its interface so that users can verify the hash displayed on the hardware wallet and the interface. The Safe team emphasizes that all parties in the ecosystem need to work together to solve the blind signature problem and promises to work with hardware wallet providers and the community to improve the transaction and message signing process.