Developer Docs
AppGitHub
  • Welcome!
  • Smart contracts
    • Core
      • Introduction
      • Deep Dive
      • Smart Contract Reference
        • PWN Hub
          • Tags
        • PWN Config
        • PWN Vault
        • Loan Types
          • Simple Loan
        • Proposals
          • Simple Loan Proposal
            • Simple Proposal
            • List Proposal
            • Elastic Proposal
            • Elastic Chainlink Proposal
            • Dutch Proposal
        • PWN Utilized Credit
        • PWN LOAN
        • PWN Revoked Nonce
        • Peripheral Contracts
          • Acceptor Controller
            • World ID
          • State Fingerprint Computer
            • UniV3
            • Chicken Bonds
          • Pool Adapter
            • Aave
            • Compound
            • ERC4626
        • Miscellaneous
          • PWN Fee Calculator
          • PWN Signature Checker
          • PWN Errors
          • PWN Periphery
          • Timelock
    • PWN DAO
      • Governance
        • Optimistic
        • Token
      • Tokens
        • PWN
        • stPWN
        • vePWN
          • Stake
          • Power
          • Metadata
      • Epoch Clock
      • Miscellaneous
        • Errors
        • EpochPowerLib
    • Tools
      • PWN Safe
        • Architecture
        • Security considerations
        • Smart Contract Reference
          • PWN Safe Factory
          • ATR Module
            • Tokenized Asset Manager
            • Recipient Permission Manager
          • Whitelist
          • ATR Guard
            • Operators context
      • Token Bundler
      • PWN Deployer
    • Libraries
      • MultiToken
    • Contract Addresses
  • More documentation
    • PWN Docs
    • FAQ
    • Audits
    • Using PWN without front-end
  • Deprecated
    • PWN Beta
      • Architecture
      • PWN
        • Off-chain signed offer
        • Offer types
      • PWN Vault
      • PWN LOAN
Powered by GitBook
On this page
  • Safe Guard and Module
  • PWN Safe Design
Edit on GitHub
  1. Smart contracts
  2. Tools
  3. PWN Safe

Architecture

PreviousPWN SafeNextSecurity considerations

Last updated 6 months ago

So how does PWN Safe work altogether? To explain, we'll first look at the Gnosis Safe guard and module architecture and then the complete design of PWN Safe.

Safe Guard and Module

As shown in the diagram above, the Safe wallet can be extended by a guard and a module.

PWN Safe Design

In its essence, a guard is a contract which checks every transaction before and after its execution. In the case of the , its purpose is to make sure an asset which has an ATR token minted cannot be transferred from the Safe wallet.

A module enables one to make a transaction without needing the Safe owners to sign it. The leverages this feature so an ATR token holder can transfer an asset even though the holder isn't the Safe owner.

Deploys new PWN Safes. Users don't deploy new Safe contracts for each Safe, as that would be ineffective and expensive. Instead, they deploy a proxy contract.

PWN Safe Factory also provides a function isValidSafe to check if a Safe is valid.

(Proxy)

The ATR Guard checks every transaction before and after its execution, making sure that an asset that has an ATR token minted cannot be transferred or have approved operators.

This contract is wrapped in a proxy contract so that it can be upgraded.

Tracks all approved operators. An operator is any address that can transfer on behalf of the Safe owner.

Can update the Guard contract so that users won't have to create new Safes in case of a new ERC standard. The owner can also update the whitelist to allow only selected assets to be used in the PWN Safe.

Please note: It's not possible for the owner to change the guard in a way that would allow him to transfer assets held in PWN Safes, but it is possible to make the ATR tokens behave in a malicious way. This is a trade-off for the upgradability of PWN Safes.

The ATR contract is used as a module and defines the ATR token. It is responsible for its minting and burning. The ATR token is an .

There is also an option to whitelist only specific assets and recovery functions to recover from a .

No changes have been made to the original Gnosis Safe contracts. For reference, see .

ATR Guard
ATR Module
PWN Safe Factory
Asset Transfer Rights
ERC-721
Asset Transfer Rights Guard
Operators Context
Owner
Safe contracts
their GitHub repository
stalking attack