New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

safe-deployments-f

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

safe-deployments-f

Collection of Safe singleton deployments

latest
Source
npmnpm
Version
0.0.1
Version published
Maintainers
1
Created
Source

Safe Deployments

npm version CI

This contract contains a collection of deployments of the contract of the Safe contracts repository.

The addresses on the different networks and the abi files are available for each deployment. To get an overview of the available versions, check the available json assets.

Adding additional deployments:

  • Follow the deployment steps in the Safe contract repository.
  • Verify that the addresses match the expected address for each contract. You can find them under the "addresses" mapping in the respective JSON file in the assets folder.
  • Create a PR adding the new deployment. Example PR can be found here.

Deployments overview

ContractScan is a 3rd party tool that is not maintained by the Safe team

Install

  • npm - npm i @safe-global/safe-deployments
  • yarn - yarn add @safe-global/safe-deployments

Usage

It is possible to directly use the JSON files in the assets folder that contain the addresses and ABI definitions.

An alternative is using JavaScript library methods to query the correct deployment. The library supports different methods to get the deployment of a specific contract.

Each of the methods takes an optional DeploymentFilter as a parameter.

interface DeploymentFilter {
  version?: string;
  released?: boolean; // Defaults to true if no filter is specified
  network?: string; // Chain id of the network
}

V1 Methods (single deployments)

Those methods will return a SingletonDeployment object or undefined if no deployment was found for the specified filter.

export interface SingletonDeployment {
  // The default address of the deployment.
  defaultAddress: string;

  // Indicates if the deployment is released.
  released: boolean;

  // The name of the contract.
  contractName: string;

  // The version of the deployment.
  version: string;

  // The address & hash of the contract code, where the key is the deployment type.
  // There could be multiple deployment types: canonical, eip155, zksync
  // Possible addresses per version:
  // 1.0.0: canonical
  // 1.1.1: canonical
  // 1.2.0: canonical
  // 1.3.0: canonical, eip155, zksync
  // 1.4.1: canonical, zksync
  // Ex: deployments: { "canonical": { "codeHash": "0x1234", "address": "0x5678"}}
  deployments: Record<string, { address: string; codeHash: string }>;

  // A record of network addresses, where the key is the network identifier and the value is the address.
  networkAddresses: Record<string, string>;

  // The ABI (Application Binary Interface) of the contract.
  abi: any[];
}
  • Safe
const safeSingleton = getSafeSingletonDeployment();

// Returns latest contract version, even if not finally released yet
const safeSingletonNightly = getSafeSingletonDeployment({ released: undefined });

// Returns released contract version for specific network
const safeSingletonGörli = getSafeSingletonDeployment({ network: '5' });

// Returns released contract version for specific version
const safeSingleton100 = getSafeSingletonDeployment({ version: '1.0.0' });

// Version with additional events used on L2 networks
const safeL2Singleton = getSafeL2SingletonDeployment();
  • Factories
const proxyFactory = getProxyFactoryDeployment();
  • Libraries
const multiSendLib = getMultiSendDeployment();

const multiSendCallOnlyLib = getMultiSendCallOnlyDeployment();

const createCallLib = getCreateCallDeployment();

const signMessageLib = getSignMessageLibDeployment();
  • Handler

const callbackHandler = getDefaultCallbackHandlerDeployment();

const compatHandler = getCompatibilityFallbackHandlerDeployment();

V2 Methods (multiple deployments)

We added a new methods that allow multiple deployment addresses for a contract.

Those methods will return a SingletonDeployment object or undefined if no deployment was found for the specified filter. Notice the difference in the networkAddresses field.

export interface SingletonDeployment {
  // The default address of the deployment.
  defaultAddress: string;

  // Indicates if the deployment is released.
  released: boolean;

  // The name of the contract.
  contractName: string;

  // The version of the deployment.
  version: string;

  // The address & hash of the contract code, where the key is the deployment type.
  // There could be multiple deployment types: canonical, eip155, zksync
  // Possible addresses per version:
  // 1.0.0: canonical
  // 1.1.1: canonical
  // 1.2.0: canonical
  // 1.3.0: canonical, eip155, zksync
  // 1.4.1: canonical, zksync
  // Ex: deployments: { "canonical": { "codeHash": "0x1234", "address": "0x5678"}}
  deployments: Record<string, { address: string; codeHash: string }>;

  // A record of network addresses, where the key is the network identifier and the value is the address.
  networkAddresses: Record<string, string | string[]>;

  // The ABI (Application Binary Interface) of the contract.
  abi: any[];
}
  • Safe
const safeSingleton = getSafeSingletonDeployments();

// Returns latest contract version, even if not finally released yet
const safeSingletonNightly = getSafeSingletonDeployments({ released: undefined });

// Returns released contract version for specific network
const safeSingletonGörli = getSafeSingletonDeployments({ network: '5' });

// Returns released contract version for specific version
const safeSingleton100 = getSafeSingletonDeployments({ version: '1.0.0' });

// Version with additional events used on L2 networks
const safeL2Singleton = getSafeL2SingletonDeployments();
  • Factories
const proxyFactory = getProxyFactoryDeployments();
  • Libraries
const multiSendLib = getMultiSendDeployments();

const multiSendCallOnlyLib = getMultiSendCallOnlyDeployments();

const createCallLib = getCreateCallDeployments();

const signMessageLib = getSignMessageLibDeployments();
  • Handler

const callbackHandler = getDefaultCallbackHandlerDeployments();

const compatHandler = getCompatibilityFallbackHandlerDeployments();

Release cycle

safe-deployments release cycle is once per month, except for urgent issues that require immediate attention.

Notes

  • v1 supports only one address per network, while v2 allows multiple addresses per network. To maintain compatibility with v1, the address order in v2 is arranged so that the first address matches the one used in v1.

  • A list of network information can be found at chainid.network

License

This library is released under MIT.

Keywords

Ethereum
Wallet
Safe

FAQs

Package last updated on 10 Mar 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026