Cobo Safe: A Secure and Trusted On-Chain Asset Management Solution
TechFlow Selected TechFlow Selected
Cobo Safe: A Secure and Trusted On-Chain Asset Management Solution
Is there a way to securely manage your assets without having to worry about losing everything due to a single private key compromise?
Navigating Web3 tides with focused insightsAs the cryptocurrency winter sets in, hacking incidents have gradually shifted from traditional on-chain protocol attacks to targeting individual wallets. At the same time, amid a strong cycle of interest rate hikes and significant liquidity withdrawal, an increasing number of centralized institutions have collapsed, causing severe damage to user assets. With recent security incidents occurring frequently and more asset theft cases emerging, ensuring personal asset security has become particularly important. As a result, users are placing greater emphasis on various decentralized solutions for secure asset management.
Why Should You Control Your Own Assets?
For a long time, due to the operational experience offered by centralized platforms resembling traditional Web 2.0 services, many users have chosen to enter the cryptocurrency industry through these centralized services. However, there's an old saying in the blockchain world: Not your keys, not your coins (only by controlling your private keys can you truly control your assets).
When users opt for convenience by relying on centralized institutions, they also sacrifice a certain degree of security. If a centralized institution faces a crisis, user assets may be completely wiped out.
Take the recent FTX incident as an example. In this case, FTX misappropriated user funds, resulting in a nearly $6 billion shortfall. As risks spread, reports emerged that other centralized institutions with ties to FTX subsequently collapsed. The global number of affected individuals is estimated to reach up to one million. Had users initially learned to manage their assets using their own private keys and stored most of their assets in decentralized setups (such as hardware wallets, multisig contracts, etc.), they could have largely avoided losses in this event.
However, managing private keys is not easy—it involves multiple aspects of security measures and best practices, including key generation, storage, management, and usage.
On September 22, 2022, the well-known market-making firm Wintermute suffered a loss of nearly $160 million because it used Profanity’s private key generation tool, which led to the exposure of the owner private key associated with its contract.
Similarly, on November 22, 2022, Bo Shen, partner at Fenbushi Capital @boshen1011, tweeted that his wallet had been hacked, with approximately $42 million stolen at the time. Security firms later confirmed that the root cause was leakage of the recovery phrase from the Trust Wallet he used. From these two incidents, it's clear that private key management is actually a complex discipline. Yet, in today’s environment, relying on services provided by centralized institutions introduces significant trust issues. So, is there a way to securely manage your own assets without risking total loss due to a single private key compromise?
Gnosis Safe – A Mature Multisig Solution
Due to Ethereum’s native account structure not supporting multisignature functionality, Ethereum users cannot create multisig addresses like Bitcoin users do.
However, since Ethereum supports smart contracts capable of executing complex logic, multisig wallets can be implemented via smart contract programming. It should be noted that smart contract code itself may contain security vulnerabilities, and historically there have been numerous attacks exploiting such flaws. Therefore, when selecting a smart contract wallet, we must choose solutions that have undergone multiple audits and stood the test of time. Gnosis Safe is undoubtedly one of the better options available.
With Gnosis Safe, users can deposit assets into a multisig contract and customize signature rules according to their needs. Instead of being controlled by a single private key, assets in a multisig wallet are jointly managed by multiple addresses. Every transaction requires signatures from multiple parties, and only when the number of valid signatures meets or exceeds a predefined threshold will the transaction proceed (for example, the figure below shows a transfer requiring confirmation signatures from three users). This approach successfully eliminates the risk of losing all assets due to the compromise of a single private key.
However, while Gnosis Safe improves asset security, it does come with certain usability drawbacks:
-
Each transaction requires participation and approval from multiple signers, leading to lower execution efficiency compared to single-signature accounts.
-
It lacks support for fine-grained permission delegation—each member address holds equal power within the wallet.
-
It does not allow configuration of specific risk control policies for interacting with contracts.
So, is there a better multisig product that maintains Gnosis Safe’s high level of security while addressing these shortcomings?
Cobo’s answer is Cobo Safe.
Cobo Safe – A Flexible On-Chain Delegation and Risk Control Solution
Built as a secondary development based on Gnosis Safe, Cobo Safe leverages Gnosis Safe’s module extension capabilities to enable flexible customization of interactions between multisig wallets and project contracts.
Specifically, Cobo Safe offers the following features.
Single-Signature Delegation
Cobo Safe currently supports function-level granular delegation, allowing different user roles to be configured with distinct permissions for interacting with specific functions. Simply through a web interface, users can assign a role to grant specific call rights over designated contracts and functions.
For instance, the "harvesters" role shown below is allowed—and only allowed—to call the collect function of the Uniswap V3 NonfungiblePositionManager contract, meaning it can only perform the operation of collecting trading fee rewards from Uniswap V3 LP positions.
When adding members to Cobo Safe, previously defined roles with restrictions can be assigned. Once an address is granted a specific role, it can initiate contract calls involving particular functions on behalf of the multisig wallet.
The image below assigns the "harvesters" role to the address 0x20XX, authorizing it to initiate a collect function call transaction on behalf of the multisig wallet.
After completing this configuration, the user at 0x20XX can interact with the Uniswap V3 DApp via WalletConnect and execute LP fee collection operations. Thanks to Cobo Safe’s delegation feature, when a collect transaction is initiated by 0x20XX, it no longer requires every Gnosis owner to individually sign off—only a single signature from 0x20XX is needed for the transaction to succeed. This avoids the cumbersome process of gathering multiple signatures inherent in standard multisig wallets.
Moreover, since 0x20XX cannot perform any actions beyond calling the collect function on Uniswap V3, even if the account suffers a hack or private key leak, the principal assets in the multisig wallet remain unthreatened. In this way, operational risks arising from interactions with external protocols and those stemming from private key exposure are minimized.
Later, the wallet owners can simply reconfigure the settings and remove the 0x20XX member entirely to eliminate any residual risk. By leveraging this flexible delegation mechanism, common low-risk on-chain operations can be safely delegated to single-signature addresses, significantly improving operational efficiency without compromising the original wallet’s security.
ACL Risk Control
In addition to function-level permission delegation, Cobo Safe also provides a more granular ACL (Access Control List) contract-based risk control mechanism. Users can customize various delegation and risk control rules tailored to their business scenarios. Through the ACL contract, a wide range of flexible rules can be set, such as:
-
Setting flexible delegation and risk control rules via the ACL contract, such as:
-
Restricting parameter ranges during contract calls (e.g., limiting swaps to only specific types of token assets);
-
Limiting the number of times a specific contract function can be called;
-
Performing risk checks on contract interactions (e.g., ensuring slippage in a swap does not exceed a specified percentage);
It is worth noting that Cobo Safe, as a core component of Argus, Cobo’s decentralized custody solution, has fully open-sourced its on-chain contract code.
This allows users and third parties to audit the source code of Cobo Safe and its ACL contracts, ensuring there is no risk of malicious behavior from centralized entities.
Conclusion
Recent security incidents serve as a wake-up call: whether storing assets in centralized institutions or managing private keys and recovery phrases independently, there are still inherent risks to asset security.
These risks are driving demand for better asset custody solutions. Recently, major centralized custodians have rolled out proof-of-reserves schemes based on Merkle Trees. Dr. Changhao Jiang, co-founder of Cobo, has also published an analysis discussing limitations and potential improvements of current approaches.
Cobo Argus, as a decentralized custody solution, integrates the Cobo Safe module, which extends the industry-proven Gnosis Safe multisig framework by adding customizable features such as role-based delegation and ACL-based risk controls. It better balances the inherent trade-off between asset security and ease of use, making it a promising new choice for both institutions and individuals managing funds during this capital winter and preparing for the next cycle of growth.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
Cobo
