A browser extension that intercepts every Solana transaction before your wallet signs it — decoded, simulated, and explained in plain English.
SignSafe wraps your wallet's sign function. You never change how you use dApps — it intercepts silently, analyzes, and shows you what's coming.
When any dApp calls signTransaction, SignSafe catches it before the wallet popup opens.
The transaction runs through Solana's RPC to reveal exact balance changes, token flows, and every program called.
AI translates the raw simulation into plain English, flags risks, and gives you a clear verdict — proceed or block.
Phantom says "Swap." What's actually inside? Three instructions, two program calls, and a hidden SOL transfer to an address you've never seen.
The Crypto Copilot Chrome extension stole from thousands of Solana traders in 2024 by injecting a hidden fee into every swap. The wallet UI showed nothing unusual. SignSafe would have flagged it immediately.
Every transaction gets a clear verdict based on simulation output, program reputation, and AI analysis.
Recognized programs, expected balance changes, simulation succeeded with no anomalies.
Unknown programs, first interactions, or large SOL movements that warrant a second look.
Drainer patterns, hidden transfers, unlimited token approvals to unverified programs, or simulation errors.
Real questions from people evaluating whether to trust this extension. Answered directly.
You are right to ask. The interception technique is identical to what malicious extensions use. The difference is intent and verifiability.
SignSafe is fully open source. Every line is on GitHub — the content script, background worker, and overlay total under 400 lines with no obfuscation, no backend, and no remote code execution. It never modifies transactions: it simulates, explains, then passes the original through unchanged — or throws if you block.
Your private keys never leave your wallet. They are stored encrypted inside Phantom, Backpack, or whichever wallet you use and are never exposed to content scripts. SignSafe only sees the unsigned transaction the dApp sends to your wallet — the same data any website already sees.
Two external calls, both visible in the source code.
1. simulateTransaction sent to Solana's public RPC (api.mainnet-beta.solana.com) — the same call any wallet makes when estimating fees. No identifying information.
2. The simulation result (balance changes, program IDs, logs) sent to the OpenAI API for plain-English analysis. No wallet addresses, no private keys, no browsing history — only what the transaction will do on-chain.
There is no SignSafe backend, no analytics, and no telemetry.
Three: storage (save your settings), scripting (inject the proxy into pages), and activeTab (detect which site is requesting a transaction).
No history, tabs, cookies, or bookmarks. Nothing that could reveal what you do outside of a transaction request.
SignSafe adds 1–3 seconds before the wallet popup opens — the time needed to run the RPC simulation and get the AI analysis back.
The delay is intentional. The entire point is to pause before you sign. If that is too slow for a specific site, you can disable SignSafe for it from the extension popup.
Any wallet that injects a window.solana provider: Phantom, Backpack, Solflare, and most browser-based Solana wallets. Hardware wallets used standalone, wallet-connect mobile signers, and non-standard injection interfaces are not currently supported.
The Solana RPC simulation is ground truth — it cannot be wrong about what the transaction will do. The AI translates that result into plain English and assigns a risk level, and that translation can occasionally be over- or under-cautious.
Most common false positive: a legitimate new protocol flagged as Review because its program was deployed recently. Most common false negative: a sophisticated drainer that mimics a legitimate transaction structure.
SignSafe is a second opinion, not a guarantee. The final decision is always yours.
SignSafe throws an error to the dApp — the same pattern as dismissing a wallet popup. The dApp sees a rejection and the transaction is never broadcast.
The overlay shows a breakdown of which instruction triggered the flag so you understand exactly what you just avoided.
Phantom's warnings (powered by Blowfish) are good — keep them on. SignSafe is a complementary layer, not a replacement. The key difference: Phantom's warnings appear inside the wallet popup, after the transaction has already reached it. SignSafe intercepts before the popup opens.
Blowfish is an API-based service using a database of known threats and rule-based heuristics. It requires wallet integration. SignSafe uses live on-chain simulation — no proprietary database, no subscription, no wallet integration needed. A brand-new drainer Blowfish has not catalogued yet can still be caught if the simulation shows tokens draining.
Phantom's integration also covers only Phantom. SignSafe wraps any wallet using window.solana — Backpack, Solflare, and smaller wallets get the same protection.
Free for personal use, always. The extension costs nothing and has no usage limits. API costs (Solana RPC + AI analysis) run under $0.01 per transaction and are covered by the team during the current beta.
The long-term model is a developer API and SDK for dApps and wallet providers that want to embed SignSafe analysis natively, while the personal extension stays free.
The Chrome Web Store reviews updates, but that is not a complete guarantee. Two protections: SignSafe is open source so any version can be diffed against the previous one on GitHub, and the intentionally minimal permissions mean even a compromised version cannot access your keys or browsing history.
Not currently. SignSafe is a desktop Chrome extension and cannot hook into mobile wallet in-app browser architectures. For mobile, use Phantom's built-in transaction screening and treat any transaction link from a DM, tweet, or Discord message with high suspicion.
If simulation fails for any reason — network error, timeout, expired blockhash — SignSafe defaults to a Review verdict with a clear notice that analysis was incomplete. It does not silently pass the transaction through as Safe. A failed simulation means less information, not a green light.
Early testers get private builds, direct founder updates, and first access when SignSafe is ready for public release.
