Gm, with the recent multisig hacks and particularly on the SAFE UI exposing bad industrial practises around security and multisig management it’s fair to say that every organization needs better access-control management.
A few questions, apologies:
Is there any reason on some of the most important multisigs that a completely new device isn’t required ONLY used for signing?
With SAFE using both a centralized backend and front-end is there any thought on self-hosting a simple decentralized UI for transactions or transacting directly onchain for the highest risk multisigs?
Finally, having 36 SAFE’s seems like a risk in and of itself for operational mistakes. Is there a way to have grouped multisigs with a higher security assumption for the grouping? I can only imagine the pain of attempting to keep track of all these multisigs!
I will vote yes as this seems like an improvement, but i’m curious if we can even do better in the future!