A Safe (formerly Gnosis Safe) is a smart contract wallet on Ethereum and other EVM chains. Unlike a regular wallet like MetaMask — which is controlled by a single private key — a Safe is controlled by a smart contract that you configure with your own rules.

The most common rule: multi-signature approvals. You set a list of owners and a threshold. For example, 2-of-3 means any 2 of the 3 owners must sign before a transaction executes.

EOA vs Smart Contract Wallet#

To understand why Safe exists, it helps to know what it replaces.

An Externally Owned Account (EOA) — MetaMask, Rabby, a Ledger — is controlled by a single private key. Whoever holds the key controls the funds. If the key is lost or stolen, the wallet is gone.

A smart contract wallet like Safe is just a contract deployed on-chain. It doesn’t have a private key of its own. Instead, it has logic that decides when a transaction is valid — usually by checking signatures from a set of owner addresses.

The owners themselves are still EOAs. The Safe is the vault; the EOAs are the keys that open it.

Owners Only Control the Safe’s Funds#

An important clarification: being an owner of a Safe gives you a say over the Safe’s funds, not over the other owners’ personal wallets.

Say Alice, Bob, and Carol are owners of a 2-of-3 Safe holding 100 ETH:

• The 100 ETH in the Safe: any 2 of the 3 must co-sign to move it.
• Alice’s personal MetaMask with 5 ETH: only Alice controls it. Bob and Carol have zero access — they don’t see it, can’t touch it, can’t sign for it.

The Safe contract only knows about its own balance. Each owner’s personal EOA is a completely separate wallet with its own funds and its own private key. Co-ownership is scoped to the Safe and nothing else.

Does a Safe Have an Address?#

Yes. A Safe is a smart contract, so it has its own on-chain address — something like 0xAbC1...789. This is the address you send funds to. The Safe holds the balance; the owners never hold it directly.

A few things worth knowing about that address:

• It’s different from any owner’s address. If Alice (an owner) has 0x111... and Bob has 0x222..., the Safe might live at 0x999.... Funds sit at 0x999..., not at Alice’s or Bob’s address.
• Same address across chains. Safe uses CREATE2 for deployment, which means the address is deterministic — derived from the owners, threshold, and a salt. So you can deploy the same Safe address on Ethereum, Arbitrum, Optimism, Base, etc. Your Safe at 0x999... on mainnet can be 0x999... on Arbitrum too. Useful for cross-chain treasuries.
• The address exists before deployment. Because CREATE2 addresses are predictable, you can know your Safe’s future address before any contract is actually deployed. Some teams even receive funds at that address first and deploy the contract later (called counterfactual deployment).

How to Create a Safe#

The easiest way is the official web app at app.safe.global.

The steps:

1. Connect an EOA (MetaMask, Ledger, Rabby, WalletConnect). This EOA just signs the creation transaction — it doesn’t have to be an owner of the Safe.
2. Pick a network — Ethereum, Arbitrum, Optimism, Base, Polygon, etc.
3. Add owners — paste in the EOA addresses that should control the Safe. You can add yourself plus co-signers, or just yourself with multiple devices.
4. Set the threshold — how many owners must approve each transaction (e.g. 2 out of 3).
5. Confirm — the connected EOA pays gas to deploy the Safe contract. Once mined, you get the Safe’s address.

You can also deploy Safes programmatically via the Safe SDK — useful if you’re building an app that creates Safes for users.

Is a Safe Controlled via MetaMask?#

Kind of — but not directly. MetaMask doesn’t own the Safe. It’s one of the owner EOAs that can sign on the Safe’s behalf.

Here’s the distinction:

• MetaMask controls an EOA. That EOA has a private key stored in your browser.
• The EOA is an owner of the Safe. The Safe contract has a list of owner addresses, and your MetaMask address is one of them.
• When you use the Safe, you connect MetaMask to app.safe.global, which prompts MetaMask to sign Safe transactions. The signature is then combined with the other owners’ signatures and submitted on-chain.

So MetaMask is just the signing tool. The Safe could equally be controlled by a Ledger, a Rabby wallet, WalletConnect on a phone, or any mix of these — as long as those EOAs are in the owner list.

This also means:

• Losing MetaMask ≠ losing the Safe. If your threshold is 2-of-3 and MetaMask is just one of the three, the other two owners can remove the compromised key and add a new one.
• You can use a Safe from a dapp too. Many dapps (OpenSea, Uniswap, etc.) detect when you’re connected as a Safe and show the transaction in the Safe UI for co-signer approval instead of executing immediately.

Why Use a Safe#

No single point of failure#

With a 2-of-3 Safe, losing one key doesn’t lose the funds. The other two owners can still sign transactions and can also rotate out the lost key.

This is the main reason teams, DAOs, and treasuries use Safes. A single EOA holding millions of dollars is a disaster waiting to happen.

Shared custody#

If a company treasury is held in a Safe with the CEO, CFO, and CTO as owners (2-of-3), no single person can drain it. Every payment needs at least two of them to sign.

This is useful for:

• DAOs managing treasury funds
• Teams holding project funds
• Individuals who want to split keys across multiple devices (laptop + hardware wallet + phone)

Programmable rules#

Beyond multi-sig, Safe supports modules and guards — contracts you can plug in to extend what the Safe can do.

• Spending limits: allow a specific address to spend up to X USDC per day without needing full multi-sig approval.
• Recovery modules: if you lose access, trusted addresses can help recover the Safe after a time delay.
• Transaction guards: add extra checks that run before every transaction (e.g., block transfers to unknown addresses).

None of this is possible with an EOA.

Gasless signing#

Owners sign transactions off-chain. Signatures are collected and then submitted on-chain in a single transaction by any one of the owners (or a relayer). The owners who only sign don’t pay gas.

How a Safe Transaction Works#

1. Someone proposes a transaction (e.g., send 100 USDC to address X).
2. The Safe’s UI or SDK generates a hash of the transaction.
3. Each required owner signs that hash off-chain with their EOA.
4. Once enough signatures are collected to meet the threshold, anyone can submit the transaction + signatures to the Safe contract.
5. The contract verifies the signatures match the owners and threshold, then executes.

The execution happens as if the Safe itself made the call — the Safe is msg.sender, not any of the owners.

Safe and ERC-1271#

Because a Safe is a contract, it can’t sign messages the way an EOA does (no private key). This is a problem for dapps that want to verify signatures — “did this wallet agree to these terms?”

ERC-1271 solves this. A Safe implements isValidSignature(hash, signature) — a function dapps call to ask “is this signature valid for this hash, according to your rules?” The Safe checks whether the signature contains enough owner approvals and returns yes or no.

This is what lets Safes sign into OpenSea, sign permits, log into dapps, etc.

When Not to Use a Safe#

Safes are overkill for most everyday use. A few reasons to stick with an EOA:

• Gas cost: deploying a Safe costs gas. Every transaction from it also costs slightly more than an EOA transaction because of the signature verification.
• Speed: coordinating multiple signers takes time. Bad fit for active trading.
• Complexity: more moving parts, more ways to misconfigure.

If you’re one person holding a small amount for daily use, an EOA with a hardware wallet is fine. Safes shine when the stakes are high or the custody is shared.

Summary#

Safe turns a wallet from “whoever holds this key wins” into “whoever satisfies these rules wins” — and that’s a much safer model once there’s real money at stake.

This blog post was written with the help of Claude.