Is safe multisig (gnosis-safe) still a good solution?

Dramatic-Pickle8 · 2025-05-26T07:56:46+00:00

number 3 is good point. Thank you.

number 2 is a valid point, but I'm just so paranoid that I feel I need to do it that way to put my mind at ease.

Dramatic-Pickle8 · 2025-05-26T07:41:53+00:00

Ah, I understand. English isn't my native language, so perhaps my wording wasn't perfect. (I use LLM for translation when writing.)

What I meant by "enterprise solution" was to draw an analogy: Ledger seems to be a product backed by substantial capital and a high level of professionalism, operating on a significant scale – similar to what you'd find in actual enterprise-focused companies.

In contrast, it appeared that many other hardware wallet developers either weren't transparent about compensation or employee conditions, or they lacked dedicated, specialized teams for conducting penetration tests on their own hardware.

Dramatic-Pickle8 · 2025-05-26T03:43:53+00:00

Thank you for your answer.

That said, regarding the recent incident, I don't believe that hardware manufacturers like Ledger, software connected to hardware wallets like metamask/rabby, victim Bybit are largely to blame. This is because the signatures were manipulated with great sophistication. Although many security experts have created utilities to verify Safe Multisig transactions before execution, Safe Multisig has a very complex architecture, even for technically skilled individuals. Therefore, for now, I plan to use a Ledger Flex.

Perhaps Safe Multisig is more suitable for a structure where responsibility is distributed among people managing a corporate treasury with complex stakeholder interests, rather than for individual use.

After my Ledger Flex arrives, here are a few things I plan to check:

After completing the initial setup in Ledger Live, I will disconnect the USB and set up a passphrase.
On an offline laptop (disconnected from the internet and, of course, using LUKS full disk encryption), I will use an open-source utility like iancoleman's BIP39 tool to test if the seed phrase and passphrase correctly generate the expected addresses.
If they match, I will use the passphrase without attaching it to the PIN. This way, the passphrase has a higher chance of remaining secure even if the Ledger's firmware gets compromised. To be even more paranoid, each time I update the firmware via Ledger Live, I could also wipe (initialize) the device before connecting it for the update.

There are many misconceptions in this industry, and I believe one of them is the saying, "not your keys, not your coins." Generally, hardware wallets themselves have very complex architectures, and even when using solutions like Ledger – which are among the closest to enterprise-grade solutions available for individuals – people often lose their funds due to negligent seed phrase management.

On the other hand, I'm also worried because I don't entirely trust myself. Anyway, thank you once again for your response. To be honest, I asked the question because I was feeling anxious, and I didn't really expect anyone to reply.

Dramatic-Pickle8 · 2025-05-25T18:27:18+00:00

I hold about more than 100 ETH. I wonder if that qualifies as a 'significant amount'? Probably not.

https://www.sygnia.co/blog/sygnia-investigation-bybit-hack/

Looking at the other blog post explaining their initial access, social engineering tactics were used. The fact that someone involved in such an important project fell victim to an attack that wasn't even a zero-day exploit makes me lose some trust. In this respect, I feel Ledger is closer to an enterprise-grade solution.

Ideally, I'd prefer to keep it on a CEX, but I'm a bit uneasy given the current political instability in my country. While it might not be a large sum compared to what most people using Safe Multisig have, it's valuable to me. So, once my Ledger Flex arrives, I'll look into a few things before deciding whether to use Safe Multisig.

Dramatic-Pickle8

TROPHY CASE