Alex signs ten transactions a week. He reviews his Safe transaction. He reads the decoded simulation: token transfers, contract calls, destination addresses. It looks right. He plugs in his Ledger, navigates to the signing screen, and sees a hash.
Not the token transfer. Not the destination address. A hash.
He approves it. He always does.
The Bybit Signing Session
In February 2025, Bybit lost $1.5 billion in a single signing session. The signers reviewed the Safe transaction. The decoded transaction looked like a routine multisig upgrade. They approved it on their Ledgers. What their devices actually signed was something else entirely.
This wasn’t a failure of attention. It was the logical endpoint of a workflow built around trust instead of verification. Blind signing was enabled. The Ledger showed a hash. There was no way to confirm that what the interface displayed matched what the hardware was committing to.
The simulation said one thing. The hardware signed another. And they had no way to know.
This wasn’t isolated. In April 2026, Drift Protocol was compromised in a similar pattern. A months-long social engineering operation. All multisig signers used cold wallets. The private keys were never stolen. The attackers didn’t need them. They needed the signers to approve a transaction they had no way to verify.
Two Trust Problems
Professional signers today rely on a workflow with two distinct points of unverified trust.
The first is simulation. Before you sign, your wallet calls a third-party simulation service. A cloud black box that receives the transaction, runs it, and returns decoded results to your browser. You see a human-readable summary: what tokens will move, what approvals will be granted. But you have no way to verify those results. The service could be returning false data. Your wallet displays whatever it receives. You are trusting a black box.
The second is hardware verification. After reviewing the simulation, you approve on your Ledger. But for Safe transactions, blind signing must be enabled. The device displays a raw hash, not decoded transaction details. There is no moment where you can confirm that the hash on your hardware screen corresponds to what the simulation showed you. You are trusting the UI completely.
Two steps. Two points of unverified trust. Bybit is what happens when both fail at once.
Safe OpenSig
Safe OpenSig is a verification instrument for professional treasury managers and foundation signers. It doesn’t replace Safe. It eliminates both trust problems.
Local EVM simulation. Safe OpenSig runs a Rust EVM implementation (REVM) directly on your device. Not a cloud service. Not a black box API. Before executing, it fetches the prestate and verifies it cryptographically against multiple independent RPC nodes, requiring unanimous agreement on the state root. If any node disagrees, the simulation is rejected. Only after the prestate is verified does Safe OpenSig execute the transaction locally on your machine. The decoded result is generated by your own EVM, not returned by a service you have no visibility into.
Multi-node cryptographic consensus. The prestate verification isn’t a formality. Safe OpenSig queries multiple independent nodes and requires every one of them to agree before proceeding. A single disagreement aborts the simulation. This is the mechanism that prevents a compromised data source from quietly feeding manipulated state into your verification workflow. For the full technical design, see the research paper.
Hardware screen emulation. This is what closes the verification gap Bybit exposed. Safe OpenSig renders a pixel-perfect mirror of your Ledger Nano S, S+, or X before you sign. Not a summary, not an approximation. Exactly what will appear on your hardware screen, character for character. You see the decoded simulation. You see the Ledger screen. You confirm they match. Then you sign.
Blind signing becomes unnecessary. You know what your hardware is committing to before it commits.
Built for Real Stakes
Safe OpenSig was developed in collaboration with the World Foundation to secure their Safe signing operations. The World Foundation manages significant digital assets across complex multisig workflows. The cost of a wrong signature is catastrophic. The margin for error is zero.
That’s what shaped the product. Not a theoretical security layer, but a practical tool built around how professional signers actually work.
What Safe OpenSig Is Not
It is not a wallet. It does not replace Safe. It does not require new hardware.
It works with the Ledger you already own: Nano S, S+, and X. No forced upgrades. No enterprise procurement process.
It does add a step to your signing workflow. You review the transaction in OpenSig before confirming on your Ledger. For signers managing real treasury operations, that extra minute is not overhead. It’s the only moment in the process where you actually verify what you’re signing.
Available on iOS and Android.
Try It
Unlike percentage-based alternatives that charge $2,500 on a $5M signature, Safe OpenSig is a flat monthly subscription. The cost is the same whether you’re signing a $500 reimbursement or a $5,000,000 treasury operation.
Pro is free right now. No account gates, no feature limits. Download the app, connect it to your existing Safe, and run it on real transactions.
We built this for signers managing real assets. The right way to evaluate it is to use it on real work.