Security News
The Nightmare Before Deployment
Season’s greetings from Socket, and here’s to a calm end of year: clean dependencies, boring pipelines, no surprises.
By Ahmad Nassri - Dec 16, 2025
safe-did-resolver
Advanced tools
Gnosis Safe DID Resolver
Safe is a DID method that uses the Ceramic network to resolve DID documents for Gnosis Safe See CIP-101
Getting started
This implementation is still a prototype. Contributions are welcome!
Installation
$ npm install safe-did-resolver
Usage
import SafeResolver from 'safe-did-resolver'
import { Resolver } from 'did-resolver'
import Ceramic from '@ceramicnetwork/http-client'
const ceramic = new Ceramic() // connects to localhost:7007 by default
const config: NftResolverConfig = {
ceramic,
chains: {
// Ethereum Mainnet
'eip155:1': {
blocks: 'https://api.thegraph.com/subgraphs/name/blocklytics/ethereum-blocks',
skew: 15000,
gnosisSafe: 'https://api.thegraph.com/subgraphs/name/gjeanmart/gnosis-safe-mainnet',
},
// Ethereum Ropsten
'eip155:3': {
blocks: 'https://api.thegraph.com/subgraphs/name/yyong1010/ethereumblocks',
skew: 15000,
gnosisSafe: 'https://api.thegraph.com/subgraphs/name/gjeanmart/gnosis-safe-ropsten',
},
// Ethereum Rinkeby
'eip155:4': {
blocks: 'https://api.thegraph.com/subgraphs/name/billjhlee/rinkeby-blocks',
skew: 15000,
gnosisSafe: 'https://api.thegraph.com/subgraphs/name/radicle-dev/gnosis-safe-rinkeby',
},
},
}
// getResolver will return an object with a key/value pair of { 'safe': resolver }
// where resolver is a function used by the generic did resolver.
const safeResolver = SafeResolver.getResolver(config)
const didResolver = Resolver(safeResolver)
const safeResult = await didSafeResolver.resolve(
'did:safe:eip155:1:0x00044c87ddc54536ee05047c6f4f6f831aba988b'
)
console.log(safeResult)
The resolver supports the following networks by default:
- Ethereum mainnet (
eip155:1), - Ethereum Rinkeby (
eip155:4),
Testing
$ npm test
DID Specs
The token DIDs are prefixed with did:safe:, followed by method specific identifier, which is simply
a CAIP-10 Account ID.
DID: did:safe:{chainId}:{safeAddress}
CAIP-10: {chainId}:{safeAddress}
Conversions
DID->CAIP
const caip = did.substr(8).replace(/_/g, '/')
CAIP->DID
const did = `did:safe:${caip.replace(/\//g, '_')
There are helpers that help you with the conversion:
import { caipToDid, didToCaip, createSafeDidUrl } from 'safe-did-resolver'
import { AccountId } from 'caip'
// CAIP -> DID URL
const didUrl = createSafeDidUrl({
chainId: 'eip155:1',
address: '0x1234567891234567891234567891234596351156',
})
// If you use `caip` library in your app, consider using sister `caipToDid` function to
// convert `AccountId` to Safe DID URL.
// DID URL -> CAIP
const accountId = didToCaip(didUrl) // eip155:1/erc721:0x1234567891234567891234567891234596351156/1
License
Apache-2.0 OR MIT
FAQs
DID Resolver for the Safe method
The npm package safe-did-resolver receives a total of 258 weekly downloads. As such, safe-did-resolver popularity was classified as not popular.
We found that safe-did-resolver demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 13 Oct 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Malicious NuGet Package Typosquats Popular .NET Tracing Library to Steal Wallet Passwords
Impostor NuGet package Tracer.Fody.NLog typosquats Tracer.Fody and its author, using homoglyph tricks, and exfiltrates Stratis wallet JSON/passwords to a Russian IP address.
By Kirill Boychenko - Dec 15, 2025
Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding - Dec 12, 2025