Installation
This guide will take you through adding Venn’s Guard to your Safe in 4 simple steps.
Overview
To protect your Gnosis Safe with Venn, you will need to:
Download Venn's smart contracts and install their dependencies
Deploy a new instance of the Venn Safe Guard smart contract
Add Venn Safe Guard to your Gnosis Safe
Use your Safe with the Venn Guard available interfaces (API or UI)
Step 1 - Download Venn's smart contracts
Clone the Venn's Smart Contracts GitHub repo
Start by cloning our smart contracts, which will allow you to build and deploy a new instance of the Venn Safe Guard.
git clone https://github.com/ironblocks/onchain-firewall-v2This command clone Venn's Smart Contracts to the a new folder named `onchain-firewall-v2`
Install dependencies
Run the following command to install the project's dependencies:
cd onchain-firewall-v2
npm installThis command will install all the required to complete this installation guide
Step 2 - Deploy a new instance of the Venn Safe Guard
Create a configuration file
First, you'll need to create a .env file based on the existing .env.example, and modify it's configuration to fit your setup.
cp .env.example .envThis command creates a new copy of the configuration file at `.env`. In the steps below we'll update some of the configurations to your needs.
Configuring the guard
Open the newly created .env file, and find the Venn Safe Guard section which looks like this:
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# Venn Safe Guard #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# Bypass Transactions Timelock (in seconds)
#
BYPASS_GUARD_WAIT_TIME =
# Safe Address
# The Safe address that the Guard is protecting
#
SAFE_ADDRESS = Paste the address of your
Gnosis Safein theSAFE_ADDRESSfieldSet the desired timelock period for Bypass Transactions in the
BYPASS_GUARD_WAIT_TIMEfield
For Production deployments, the recommended timelock duration is one day, which is 86400 seconds
For security reasons, these configuration cannot be changed once the Venn Safe Guard is deployed. Any needed changes will require a new deployment of the Venn Safe Guard.
These configurations create a one-to-one relationship between the Venn Safe Guard and your Gnosis Safe - so that the guard cannot be used by any other Gnosis Safe.
Configuring your Private Key
Open the newly created .env file, and find the General Configs section which looks like this:
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# General Configs #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# Private Key (i.e. deployer)
#
# Anvil Test Account 1 = ac0974bec39a17e36ba4a6b4d238ff944bacb478cbed5efcae784d7bf4f2ff80
#
PRIVATE_KEY = Paste your private key onto the
PRIVATE_KEYfield
Configuring EtherScan
We use hardhat-verify under the hood to verify newly deployed smart contracts, which uses Etherscan's API. To enable verification, add your Etherscan API as shown below:
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
# General Configs #
# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # #
...
# Etherscan API Key
# Used by Hardhat for verifying contracts
#
ETHERSCAN_KEY = Paste your Etherscan API key into the
ETHERSCAN_KEYfield
Deploy the Venn Safe Guard
Run the following command to deploy a new instance of the Venn Safe Guard smart contract:
Note: If you want to skip contract verification or if you have not configured an ETHERSCAN_KEY above, omit the --verify flag
npx hardhat migrate --namespace "venn/Guard" --network holesky --verify --only 1Once completed, you should see the address of the newly deployed Venn Safe Guard shown as follows:
This command deploys a new instance of the Venn Safe Guard.
Step 3 - Add Venn Safe Guard to your Gnosis Safe
Call the setGuard() method
To add the newly deployed guard to your Gnosis Safe, you'll need to call the setGuard() method, passing in the address of the Venn Safe Guard from the previous step.
Note: The to address of this transaction should be the address of your Gnosis Safe, as this transactions calls its setGuard() method to add the Venn Safe Guard to it
Step 4 - Use your Safe with the Venn Guard available interfaces (API or UI).
With Venn Safe Guard now deployed, you can continue to build, sign, and execute Safe transactions exactly as before - now every Safe transaction will pass through Venn’s Guard security validation.
Choose the interface that fits your Safe workflow:
A. Venn Safe API (for local/programmatic Safe interactions)
The Venn Guard Transaction Validation API enables automatic transaction validation through Venn’s decentralized security network. It accepts standard transactions and returns a JSON response that includes Venn's security validation signature, which is ready to be uploaded to any Safe UI or used in local flows.
B. Venn Safe Guard UI
The Venn Guard web interface enables you to build, validate, upload, download, sign, and submit your Safe transactions with the familiar Safe UI experience, closely mirroring the native Gnosis Safe platform. Additionally, you can perform administrative operations such as adding, removing, or editing signers, adjusting thresholds, and more.
Last updated
Was this helpful?