CoinVoice has recently learned that the Safe team reviewed the security incident mentioned in Radiant Capital's post-mortem report and pointed out that the Safe {Wallet} front-end functioned normally, but the external device was damaged during the signing process, allowing hackers to replace transaction data and induce signers to sign malicious transactions.

The Safe team believes that this incident highlights the risks of blind signatures, where users approve transactions with full visibility of transaction details, especially when using hardware wallets. To address this issue, Safe recommends using multiple signature devices from different vendors (for example, a combination of Ledger and Trezor) and connecting these devices through a trusted interface to improve transaction visibility and security.

In addition, Safe has explored techniques such as conditional signatures to provide more contextual information without sacrificing security. The Safe team is considering calculating the Ledger hash directly in its interface so that users can verify the hash displayed on the hardware wallet and the interface. The Safe team emphasized that all parties in the ecosystem need to cooperate to solve the blind signature problem, and promised to work with hardware wallet providers and the community to improve the transaction and latest known signature process. [Original link]