Building a secure Web3 future with Protofire using Safe’s Modular Architecture

In Web3, freedom and control come with real risks. Lose your seed phrase, compromise your key, make a wrong transaction, and there’s no password reset or support line to call. Every access is final. Every action is permanent.

Standard wallets don’t fix this. They offer basic features but no way to adjust access rules, delegate control, or automate safeguards. One key means total control, and a single mistake or breach can wipe everything out.

Web3 security is built through architecture, not just the interface. It requires the ability to manage permissions, set limits, and define account logic at the smart contract level. Safe makes this possible.

What Is Safe, and How Does Its Modular Architecture Work?

Safe is a contract system that can be shaped to fit any purpose. At its core is a modular smart account, built on a strict separation between logic and state.

Safe account is a proxy that stores data, including owner information, spending limits, and the addresses of connected modules. The logic sits in a single shared contract across the network. This reduces deployment costs and allows updates without changing the wallet’s address.

Accounts are deployed through a factory using the CREATE2 opcode, making the address predictable even before the account is created, a key advantage for integrations and automated systems.

Safe expands its capabilities through four types of interfaces:

  • Plugins — connect custom logic like limits, streaming, or off-chain APIs.
  • Hooks — run validations before and after transactions.
  • Function Handlers — manage nonstandard calls and extend compatibility.
  • Signature Verifiers — verify signatures using standards such as EIP-1271.

Safe’s architecture is a foundation for building what standard wallets were never designed to handle.

Read more about Safe’s architecture on their official website.

Why Doesn’t Safe Use the Diamond Proxy?

Safe was built with a modular design from the beginning. While working on the second version of the contracts, the team looked into using the Diamond Proxy. It also allows new features to be added through modules, but it does so in a different way.

The Diamond Proxy is a pattern for smart contracts where a single main contract delegates its functions to several smaller modules, known as facets. Each facet handles a different part of the logic but shares the same storage.

It might seem like a neat solution, you can keep adding features without needing to redeploy the entire contract. But with that flexibility comes added complexity and a higher chance of things going wrong.

If one module accidentally alters data that another relies on, the contract can start to misbehave. This kind of clash is called a storage conflict. In the worst case, it can block access to the account or disrupt how it handles assets.

Auditing is another challenge. To assess the security of a Diamond contract, you need to account for every attached module, how they interact, and which variables they touch. Even for a seasoned team, this is no small task, especially when each user might run a different setup.

The Safe team decided that flexibility should never compromise security. Instead of adopting the Diamond Proxy, they kept an architecture where:

  • each module is its contract
  • data remains isolated
  • interfaces are strictly defined

This approach is more straightforward to review, simpler to test, and more reliable to maintain. Security stays the priority, no matter how Safe is used or who uses it.

What Sets Safe Apart: Security, Flexibility, and Modular Transparency

Safe makes it possible to tailor a smart account to a specific purpose without sacrificing security. New features are added through standalone modules, each with its own logic, storage, and tightly controlled access to the core contract.

In many architectures, adding features raises the risk of failure. Safe avoids this by keeping modules isolated. They don’t share memory and can’t change the contract without explicit access. This approach makes the code easier to review and helps prevent security flaws.

Modules use narrow interfaces and can be:

  • inspected in the open;
  • tested independently;
  • turned off when not needed.

The architecture is open and flexible. Safe adapts easily to different needs: managing treasuries and roles in DAOs, automating tasks securely in DeFi, or handling access and transfers in NFT projects.

There’s no need to rewrite the code. Add the right module, and the account takes on a new role.

Safe continues to evolve. Ahead of the v2 release, the team took a fresh look at the architecture, explored other approaches, including the Diamond Proxy, and once again chose a path that favors simplicity, predictability, and security.

How Protofire Powers Safe Integrations Across Web3?

Protofire is an official infrastructure partner of Safe and a member of the Safe Guardians program. We develop real solutions on top of the Safe architecture, bringing it into real projects.

With our support, Safe has been integrated into more than 100 networks, including zkSync, Blast, Linea, Scroll, Mantle, Berachain, Astar, Moonbeam, Arbitrum, and Gnosis. We went beyond wallet deployment, creating custom frontends and configuring transaction services such as:

  • Blast Safe, the first multisig with native support for Blast Yield and Gas Claiming
  • Astar Safe Hub, a Safe Apps center built for the Astar ecosystem
  • Moonbeam Multisig, a fully customized solution for the Moonbeam and Moonriver networks

Over 70 projects rely on solutions we have developed. We integrated Safe Apps directly into user interfaces, allowing users to interact with decentralized applications without leaving Safe. Some of the key integrations include Zenlink on Moonbeam, WalletConnect support, the Spending Limits module, and CSV Airdrop functionality.

Protofire does more than deploy. We provide continuous technical support, update Safe contracts, monitor infrastructure, and adapt solutions to the needs of each network.

Our experience is not about counting networks. It is about shaping Safe to fit DeFi protocols, DAOs, NFT projects, and enterprise use cases across Web3 ecosystems.

How Protofire Turned Safe Into a Core Part of the Moonbeam Ecosystem

Our partnership with Moonbeam started in 2021 with the deployment of a Safe-based multisig wallet. At the time, the network needed a secure asset management solution that was compatible with the Ethereum ecosystem and tailored to Polkadot’s specific needs.

From the start, we focused on more than basic functionality. Ongoing development became a core part of the project.

We enhanced the user experience by redesigning the interface:

  • added support for light and dark modes
  • improved mobile performance
  • introduced additional security layers

We expanded functionality through modular integration. Spending Limits allowed users to control expenses, Safe Apps enabled direct interaction with decentralized applications from within the wallet, and new tools supported building complex transactions and running large-scale airdrops.

In late 2024, we integrated Zenlink Protocol, one of the leading DeFi protocols on the Moonbeam network. This gave users the ability to swap tokens securely without leaving their multisig wallet.

We expanded support across the entire ecosystem:

  • Moonbeam (primary network).
  • Moonriver (the canary network).
  • Moonbase (the testnet environment).

This way, we ensured compatibility, regular updates, and prompt technical support for the network.

Beyond infrastructure work, we provided active maintenance, including pulling updates from the main Safe branch, supporting migrations such as the transition to WalletConnect v2, responding to incidents, and developing new features based on community needs.

Moonbeam Multisig is a crucial part of the ecosystem’s infrastructure, enabling efficient asset management, complex DeFi operations, and contributing to the network’s overall TVL.

This case demonstrates that with the Safe architecture and team, a crypto wallet can become a powerful tool for strategic growth.

Build A Secure Web3 Future With Protofire

If you’re building applications, managing assets, or developing blockchain projects, the Safe architecture will offer you new levels of flexibility and security.

Protofire assists teams in integrating Safe for real-world use cases: from custom multisigs and Safe Apps to full support for new networks. We know how to turn architecture into a reliable product that operates smoothly and scales with the ecosystem.

When it comes to safeguarding digital assets, nothing matches the security and flexibility of multisignature wallets. At Protofire we deliver a seamless, end-to-end solution for deploying Safe{Wallet} — the gold standard in non-custodial multisig wallets-across more than 100 EVM-compatible networks.As official Safe partner and Safe Guardian, Protofire ensures your treasury, protocol, or DAO is protected by infrastructure trusted by industry leaders.

Start your multisignature journey: https://safe.protofire.io/
List of 100+ Safe deployments: https://safe.protofire.io/safes/