Ramiro Vazquez

100 ETH were assumed lost but could eventually be recovered. Here's what happened, how it became a happy ending and what's needed to prevent this from happening again. Context A user of Safe{Wallet} wanted to bridge 100 ETH from Mainnet to Base. But then they realized that they can't actually access the funds on the Base. The Safe on Base had a different set of signers than their original Safe, meaning they had no control over it. How can this happen? Unlike EOAs (Externally Owned Accounts), smart accounts like Safe are governed by deployed smart contract code. It's technically possible to deploy a smart account with the same deployment config (same signers) on different chains at the same address (using counterfactual deployment). So normally bridging to a chain where the smart account is not deployed yet is merely an annoyance as the user first has to deploy the smart account before they can access the bridged funds. But this case was different. The user used their @Safe smart account since 2020. The smart account version from back then (v1.1.1.) was not yet written with multichain in mind, so it was possible for anyone to deploy a smart account on a different chain with completely a different config at the same address. Something that has been changed since the v.1.2.0. version. Rescue Once the Safe team became aware of the incident, @tschubotz took immediate ownership. He examined the Safe on Base and noticed that the address had been deployed by an account that had preemptively deployed many other v1.1.1 Safes on Base. Through further onchain analysis, the trail led to @protofire. As it turns out, the Protofire team was aware of this edge case for older Safes and white-hat deployed Safes to frontrun a malicious hacker taking advantage of it. So just two hours after the incident was reported, there was hope that the funds could indeed be recovered. And few minutes later, a first test transaction and then a full transfer of the 100 ETH back to the user could be done. This is commendable anticipation of @protofire, strong leadership from @tschubotz and fantastic support by the wider @Safe team to get the funds safely back to the user. 💪 Learnings The root cause was the use of an older Safe version (v1.1.1), which didn’t account for multichain deployments. Since version v1.2.0, Safe includes protections that prevent conflicting deployments across chains by modifying how the CREATE2 salt is constructed. To bridge, the user chose the native bridge integration which is essentially a @lifiprotocol widget but with some optimizations for smart accounts. For example, the bridging feature warns users explicitly if there is NO code at the destination chain, meaning that no smart contract was deployed there. However, there was no warning in place for there being different code deployed on the destination chain. This additional layer of protection has now been introduced to cover the edge-case for old v.1.1.1. accounts. The deeper fix lies in improved keystore infrastructure (like keystore rollups) that can guarantee a consistent account config across chains. Until then, deployment behavior will remain difficult to reason about for developers and end-users. Finally, we are still at a point where users are expected to do test transactions before moving bigger funds. This is not scalable and shouldn't be expected from users. There needs to be more innovation around hooks, guards, and other safety mechanisms that allow strong protections for users. I'm glad this case could be resolved with a happy end and there is important learnings for wallet developers, especially ones using smart accounts. But it also clearly showed once again that a lot more work is ahead of us to truly make self-custody easy and secure for everyone.

Two words changed my life (and may change yours): Nobody cares. Here's a harsh truth: You aren't afraid of failure (at least not really). You're afraid of what other people will think of you if you fail. The fear is in the judgment. The fear is in the embarrassment. The fear is in the whispers. This type of fear has a damning impact on your life: • You don't hit send on the post • You shy away from sharing your ideas • You wait to start until you have the perfect plan • You do things to try to impress others But there is an antidote... Two words: Nobody cares. What does it mean to say nobody cares? The Spotlight Effect describes the psychological phenomenon whereby we overestimate the degree to which other people are noticing or observing our appearance, actions, behaviors, or results. Basically, we think everyone else is noticing and judging us, but they aren't. Even if they are, they quickly forget about it. Nobody cares. It doesn't mean nobody loves you. It just means nobody cares about your life as much as you do. It just means that you are in control. It's on you. It's not depressing. It's liberating. It's empowering. It's energizing. There are two big mistakes in life: 1. Worrying about what other people think about you 2. Believing that other people think about you in the first place That thing you've always wanted to do: • That story you've always wanted to tell • That idea you've always wanted to pursue • That person you've always wanted to talk to • That weird hobby you've always wanted to try • That leap of faith you've always wanted to take Nobody cares. So, go do the damn thing. My 7x NYT Bestselling book is a guide to doing just that. Build your life around the things that you truly care about. You can order it now to take advantage of a limited time sale offer. Get your copy here: amazon.com/Types-Wealth-T… P.S. Email your receipt to sahil@sahilbloom.com and I'll send you a 50+ page companion workbook to go deeper on the most important exercises.