diff --git a/.gitbook.yaml b/.gitbook.yaml index 5bd68da2..0d86f31a 100644 --- a/.gitbook.yaml +++ b/.gitbook.yaml @@ -12,3 +12,6 @@ redirects: safe-smart-account/security/security-audits: safe-smart-account/security-audits.md safe-smart-account/security/bug-bounty-program: miscellaneous/bug-bounty-program.md safe-smart-account/security/past-paid-bounties: miscellaneous/past-paid-bounties.md + safe-apps-sdk/safe-apps: safe-apps/README.md + safe-apps-sdk/overview: safe-apps/README.md + safe-apps-sdk/example-safe-app: safe-apps/get-started.md diff --git a/.github/styles/Vocab/default/accept.txt b/.github/styles/Vocab/default/accept.txt index 6cf2006f..b3e4a624 100644 --- a/.github/styles/Vocab/default/accept.txt +++ b/.github/styles/Vocab/default/accept.txt @@ -5,6 +5,9 @@ Safe Module Safe Modules Safe Guards Safe Transaction Service +Safe Apps SDK +Safe App +Safe Apps Blockchain blockchain blockchains @@ -12,11 +15,15 @@ onchain offchain Offchain multisig +dapp +dapps Auth Kit Protocol Kit Relay Kit Onramp Kit API Kit +UI Kit +IPFS Onramp Safe Transaction Service Transaction Service @@ -33,6 +40,13 @@ API ABI ABIs SDK +sdk +npm +CORS +CRA +HTTP +HTTPS +Blocknative ETH EIP ERC @@ -41,6 +55,8 @@ WSGI Sourcify Etherscan Blockscout +delist +wagmi crypto cryptocurrencies Ethereum diff --git a/SUMMARY.md b/SUMMARY.md index 43291ba6..a27dbd9a 100644 --- a/SUMMARY.md +++ b/SUMMARY.md @@ -47,15 +47,11 @@ ## Safe Apps SDK -* [Safe Apps SDK](safe-core-sdk/safe-apps/README.md) +* [Overview](safe-apps/README.md) -* [Overview](safe-core-sdk/safe-apps/overview.md) +* [Getting started](safe-apps/get-started.md) -* [Get started](safe-core-sdk/safe-apps/get-started.md) - -* [Release](safe-core-sdk/safe-apps/release.md) -* -* [Safe App example](safe-core-sdk/safe-apps/example-safe-app.md) +* [Release](safe-apps/release.md) ## Reference diff --git a/safe-core-sdk/safe-apps/overview.md b/safe-apps/README.md similarity index 76% rename from safe-core-sdk/safe-apps/overview.md rename to safe-apps/README.md index 9e04befb..9553c8fb 100644 --- a/safe-core-sdk/safe-apps/overview.md +++ b/safe-apps/README.md @@ -1,18 +1,23 @@ -# Safe Apps SDK Packages +# Safe Apps SDK -You can find several packages on [our developer tools](https://github.com/safe-global/safe-apps-sdk) to make it easier to integrate third-party applications (Safe Apps) with [Safe](https://app.safe.global). Check the following diagram to see which package is more convenient for you: - -
+The Safe Apps SDK helps developers to build their dapps into the Safe{Wallet}. It turns a dapp into an HTML iframe component that can be accessed through Safe. This SDK provides extensive developer tooling to make it easy to create, test, and integrate Safe Apps into Safe. This includes a design system, reusable components, and a Safe App SDK that facilitates communication between the Safe App and Safe. ## Packages +Here are several packages to make it easier to integrate third-party applications (Safe Apps) with [Safe](https://app.safe.global). Check the following diagram to see which package is suitable for you: + +
+ | Package | Version | Description | | ---------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [cra-template-safe-app](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/cra-template-safe-app) | | CRA template to quickly bootstrap a Safe App. Use this package to start a new Safe App from scratch using React. | +| [cra-template-safe-app](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/cra-template-safe-app) | | CRA (Create React App) template to bootstrap a Safe App. Use this package to start a new Safe App from scratch using React. | | [safe-apps-react-sdk](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/safe-apps-react-sdk) | [![npm](https://img.shields.io/npm/v/@safe-global/safe-apps-react-sdk)](https://www.npmjs.com/package/@safe-global/safe-apps-react-sdk) | A wrapper of [safe-apps-sdk](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/safe-apps-sdk) with helpful React Hooks. | | [safe-apps-sdk](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/safe-apps-sdk) | [![npm](https://img.shields.io/npm/v/@safe-global/safe-apps-sdk)](https://www.npmjs.com/package/@safe-global/safe-apps-sdk) | JavaScript SDK. This is the base package for all integrations. | -| [safe-apps-provider](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/safe-apps-provider) | [![npm](https://img.shields.io/npm/v/@safe-global/safe-apps-provider)](https://www.npmjs.com/package/@safe-global/safe-apps-provider) | A generic provider that can be used with common web3 libraries. (e.g. web3.js or Ethers) | +| [safe-apps-provider](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/safe-apps-provider) | [![npm](https://img.shields.io/npm/v/@safe-global/safe-apps-provider)](https://www.npmjs.com/package/@safe-global/safe-apps-provider) | A generic provider that can be used with common web3 libraries. For example, web3.js or Ethers. | | [safe-apps-web3modal](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/safe-apps-web3modal) | [![npm](https://img.shields.io/npm/v/@safe-global/safe-apps-web3modal)](https://www.npmjs.com/package/@safe-global/safe-apps-web3modal) | A wrapper around [Web3Modal](https://github.com/Web3Modal/web3modal) that would automatically connect to the Safe when the app is loaded in the Safe Apps section. | -| [safe-apps-wagmi](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/safe-apps-wagmi) | | A [wagmi](https://github.com/wagmi-dev/wagmi) connector for Safe Apps | -| [@web3-onboard/gnosis](https://github.com/blocknative/web3-onboard/tree/v2-web3-onboard-develop/packages/gnosis) | | Blocknative included Safe App support in [@web3-onboard](https://github.com/blocknative/web3-onboard) v1.26.0. If you are already using this package you can [check here](https://github.com/blocknative/web3-onboard/blob/v2-web3-onboard-develop/packages/gnosis/README.md) how to configure it. | -| [@web3-react/gnosis-safe](https://github.com/Uniswap/web3-react/tree/main/packages/gnosis-safe) | | [web3-react](https://github.com/Uniswap/web3-react) already includes a connector for Safe Apps by default. You can check at their docs how to use it. | +| [safe-apps-wagmi](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/safe-apps-wagmi) | | A [wagmi](https://github.com/wagmi-dev/wagmi) connector for Safe Apps. | +| [@web3-onboard/gnosis](https://github.com/blocknative/web3-onboard/tree/v2-web3-onboard-develop/packages/gnosis) | | Blocknative included Safe App support in [@web3-onboard](https://github.com/blocknative/web3-onboard) v1.26.0. If you are already using this package, you can [check here](https://github.com/blocknative/web3-onboard/blob/v2-web3-onboard-develop/packages/gnosis/README.md) how to configure it. | +| [@web3-react/gnosis-safe](https://github.com/Uniswap/web3-react/tree/main/packages/gnosis-safe) | | [web3-react](https://github.com/Uniswap/web3-react) already includes a connector for Safe Apps by default. You can check their docs on how to use it. | + + +{% hint style="warning" %} Safe Apps are not owned, controlled, maintained, or audited by Safe. Safe can list or delist apps from Safe{Wallet} at its sole discretion. {% endhint %} diff --git a/safe-apps/get-started.md b/safe-apps/get-started.md new file mode 100644 index 00000000..e5dd6f36 --- /dev/null +++ b/safe-apps/get-started.md @@ -0,0 +1,120 @@ +--- +description: Basic resources to start creating Safe Apps +--- + +# Getting started + +Here are some resources to help you get started with building Safe Apps: + +* [Safe Apps SDK Packages](./get-started.md#safe-apps-sdk-packages) +* [Basic Requirements](./get-started.md#basic-requirements) +* [UI Kit](./get-started.md#ui-kit) + +## Safe Apps SDK packages + +Whether you already have a dapp or are considering creating a new one, you will find it useful to rely on one of our integrations to communicate with Safe{Wallet}. You will find integrations with common packages like `Web3Modal`, Blocknative onboard.js, and `web3-react` in these packages. + +For those creating a new dapp, using the [CRA template](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/cra-template-safe-app) to kickstart the basic structure with all the necessary configuration will speed up the process. + +## Basic requirements + +If you already have a dapp, some mandatory requirements exist to adapt your app to be used as a Safe App. Without this basic configuration, the dapp won't work with the Safe as expected. + +If you are using our [CRA template](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/cra-template-safe-app) to start your Safe App, these basic requirements are already satisfied. + +### Manifest + +It is mandatory that your app exposes a `manifest.json` file in the root directory with this structure: + +```json +{ + "name": "YourAppName", + "description": "A description of what your app does", + "iconPath": "myAppIcon.svg" +} +``` + +**Note:** `iconPath` is the public relative path where Safe will try to load your app icon. For this example, it should be `https://yourAppUrl/myAppIcon.svg`. + +### CORS + +Safe needs to reach the `manifest.json` from the app. To allow this, it is required to enable *Cross Site Requests* by setting the *CORS* headers to the `manifest.json`. + +The required headers are: + +``` +"Access-Control-Allow-Origin": "\*", +"Access-Control-Allow-Methods": "GET", +"Access-Control-Allow-Headers": "X-Requested-With, content-type, Authorization" +``` + +### React development + +It is possible to use the local React development server. For this, you need to set the *CORS* headers and use the same protocol (HTTP or HTTPS) as the Safe interface you use for testing. + + +**CORS for development** + +For this, use [react-app-rewired](https://www.npmjs.com/package/react-app-rewired). To enable the library, update the `scripts` section in the `package.json`: + +```json +"scripts": { + "start": "react-app-rewired start", + "build": "react-app-rewired build", + "test": "react-app-rewired test" +}, +``` + +Also, create the `config-overrides.js` file in the project's root to configure the *CORS* headers. The content of the file should be: + +```js +/* config-overrides.js */ + +module.exports = { + // The function to use to create a webpack dev server configuration when running the development + // server with 'npm run start' or 'yarn start'. + // Example: set the dev server to use a specific certificate in https. + devServer: function (configFunction) { + // Return the replacement function for create-react-app to use to generate the Webpack + // Development Server config. "configFunction" is the function that would normally have + // been used to generate the Webpack Development server config - you can use it to create + // a starting configuration to modify instead of creating a config from scratch. + return function (proxy, allowedHost) { + // Create the default config by calling configFunction with the proxy/allowedHost parameters + const config = configFunction(proxy, allowedHost); + + config.headers = { + 'Access-Control-Allow-Origin': '*', + 'Access-Control-Allow-Methods': 'GET', + 'Access-Control-Allow-Headers': 'X-Requested-With, content-type, Authorization', + }; + + // Return your customized Webpack Development Server config. + return config + } + }, +} +``` + +**SSL** + +To enable SSL with `react-scripts`, it is necessary to set the `HTTPS` environment variable to `true`. This can be done in the `package.json` file by adjusting the `scripts` section to: + +```json +"scripts": { + "start": "HTTPS=true react-app-rewired start", +}, +``` + +If the SSL certificate provided by `react-scripts` is not valid, it is required to mark it as trusted in your browser. To do this, open the Safe App in a separate tab (not in the Safe interface) and accept the certificate or ignore the warning. + +## UI Kit + +Safe offers a react components package if you are creating your Safe App from scratch. This helps with a near-native look while enabling developers to use their branding in the Safe Apps. + +* [Check all available components in the storybook](https://components.safe.global) +* [Check UI Kit repository](https://github.com/safe-global/safe-react-components) + +## Example app + +This [tutorial](https://github.com/gnosis/safe-apps-sdk/tree/master/guides/drain-safe-app) will build a Safe App that enables migrating all the assets from Safe to any other wallet in a single transaction. You will also learn about smart contract wallets, multi-signature transaction flow, and batched transactions. diff --git a/safe-apps/release.md b/safe-apps/release.md new file mode 100644 index 00000000..605cd764 --- /dev/null +++ b/safe-apps/release.md @@ -0,0 +1,73 @@ +# Releasing your Safe App + +Here are some details about the release process for Safe Apps. + +## Get your Safe Apps into the hands of users + +Once you finish developing and testing your Safe App, your users can test it by opening the link to the hosted Safe App and adding it as a Custom App. [This guide](https://help.safe.global/en/articles/40859-add-a-custom-safe-app) explains how to add custom apps. + +## Get your Safe App listed in Safe{Wallet} + +{% hint style="info" %} Currently, we expect delays in the Safe App review process. {% endhint %} + +If you would like your Safe App to appear in the Safe, it must meet the following criteria: + +### Smart contracts must be audited + +Security is the top priority for Safe. Please provide an external audit result document if the Safe App includes smart contracts. If a third party created the smart contracts, ensure they are audited. + +### Your Safe App must include a manifest + +There must be a `manifest.json` at the root directory containing the following data: + +`"name": "Name of your Safe App"` + +Your Safe App's name needs to have 50 characters maximum. + +`"iconPath": "your_logo.svg"` + +A relative file path to your App's logo. The icon must be a square SVG image of at least 128 by 128 pixels. + +`"description": "This is the Safe app description."` + +Few sentences describing your application, a maximum of 200 characters + +You can find an example manifest file on [GitHub](https://github.com/safe-global/safe-apps-sdk/blob/main/packages/cra-template-safe-app/template/public/manifest.json). You can also find an example Safe App on IPFS [here](https://ipfs.io/ipfs/QmTgnb1J9FDR9gimptzvaEiNa25s92iQy37GyqYfwZw8Aj/). + +Remember that **CORS** needs to be configured correctly on the `manifest.json` so we can fetch the information as [mentioned here](./get-started.md#cors). + +### The app auto connects to the Safe + +When a user opens the app, it should automatically select the Safe as a wallet. Ensure to check the case if the user previously opened the app outside of the Safe with another wallet. + +### The Safe team has reviewed the Safe App + +The requirement doesn't apply for battle-tested applications hosted on the same domain as the main dapp. + +While we won't be able to do a proper audit for your Safe App, we still would like to look at the source code to raise issues or suggest improvements. Whether your Safe App is open or closed source, please send us either a link to the public repository or an invitation to the private repository. + +We also would like to make a rough functional review of the App, so please provide us with a high-level test plan/feature list that allows our QA team to ensure everything works as intended in production. Video walkthroughs are also welcome. + +### Help us decode your Safe App transactions + +We want to display interactions with Safe Apps as human-readable as possible. To do this, we need the ABI of the contracts your Safe App interacts with. The ideal way to do this would be to verify your contracts via [Sourcify](https://github.com/ethereum/sourcify), which we can leverage to decode transactions interacting with those contracts. + +Alternatively, you can provide us with the ABIs as JSON files or the links to the verified contracts on Etherscan so we can implement transaction decoding for your Safe App interactions. + +Create an issue in our [repository](https://github.com/5afe/safe-apps-list) once you've verified that your app meets these requirements. + +## Official launch and beyond + +After we have reviewed and integrated your Safe App, the App will first be available in the [staging environment](https://safe-wallet-web.staging.5afe.dev) of the Safe for you to do a final review. We would then approach you to coordinate the launch and a joint announcement. + +At any point after the launch, if you or your users encounter issues with the Safe App or want to release an update to an existing Safe App, please contact us via [Discord](https://chat.safe.global). + +While developing your Safe App, you can use [our production interface](https://app.safe.global) to test it. Some testnets like Goerli are also available. + +Once your app is live, even if you run it locally, you can import it to the Safe application as a custom app. To do so, you should select the "Apps" tab: + +
+ +Use the `Add custom app` button and add your app using a link: + +
diff --git a/safe-core-sdk/safe-apps/README.md b/safe-core-sdk/safe-apps/README.md deleted file mode 100644 index 4784fa0f..00000000 --- a/safe-core-sdk/safe-apps/README.md +++ /dev/null @@ -1,38 +0,0 @@ ---- -description: What are Safe Apps? ---- - -# Safe Apps SDK - -With over $90B worth of digital assets held in Safe accounts alone, it's essential for the dapp ecosystem to access the untapped market of multi-signature wallets. Safe Apps introduce a completely new way for developers to build their dapps right into a Multisig interface. Turn your Dapp into an HTML iframe component that can be accessed through the Safe. We are providing extensive developer tooling to make it easy to create, test and integrate Safe Apps into the Safe. This includes an unique design system, reusable components and a Safe App SDK that facilitates the Safe App <> Safe communication. - -Please refer to this [EthCC3 talk](https://www.youtube.com/watch?v=1GirpNHZPJM&t=168s) to learn more about Safe Apps. - -There are already Safe Apps available for a number of popular protocols such as [Aave](https://aave.com), [Synthetix](https://synthetix.io), [1inch](https://1inch.exchange) or [Balancer](https://balancer.finance). These have been build by 3rd party developers or the projects themselves. - -If you are missing a Safe App, get in touch with the respective project or get building with the [Safe Apps SDK](./get-started.md). - -#### On-chain stats - -There are Dune Analytics dashboards about Safe Apps available: - -* [Number of transactions](https://explore.duneanalytics.com/dashboard/gnosis-safe---safe-apps-transactions) -* [Transaction volume](https://explore.duneanalytics.com/dashboard/gnosis-safe---safe-apps-volume) - -#### Existing Safe Apps - -This is a list of several known public repositories containing Safe Apps for reference: - -* [Transaction builder](https://github.com/safe-global/safe-react-apps/tree/development/apps/tx-builder) -* [WalletConnect](https://github.com/safe-global/safe-react-apps/tree/development/apps/wallet-connect) -* [CSV Airdrop](https://github.com/bh2smith/safe-airdrop) -* [Open Zeppelin](https://github.com/OpenZeppelin/upgrades-safe-app) -* [Balancer](https://github.com/balancer-labs/frontend-v2) -* [1inch Exchange](https://github.com/CryptoManiacsZone/gnosis.1inch.exchange) -* [Synthetix](https://github.com/protofire/safe-app-synthetix-mintr) -* [Sablier](https://github.com/sablierhq/safe-app) -* [PancakeSwap](https://github.com/pancakeswap/pancake-frontend) - -#### Disclaimer - -It is at our sole discretion to list or delist apps from the Safe. Safe Apps are not owned, controlled, maintained, or audited by Gnosis. diff --git a/safe-core-sdk/safe-apps/example-safe-app.md b/safe-core-sdk/safe-apps/example-safe-app.md deleted file mode 100644 index 5c149e74..00000000 --- a/safe-core-sdk/safe-apps/example-safe-app.md +++ /dev/null @@ -1,21 +0,0 @@ ---- -description: >- - Build a Safe App that allows transferring assets out of the Safe in 1 - transaction ---- - -# Build Safe App with batch transactions - -## What are we building? - -This tutorial will build a Safe App that enables us to migrate all the assets from a Safe to any other wallet in a single transaction. It doesn't include NFTs, but this is a great thing to do on your own. In addition, you will learn about smart contract wallets, multi-signature transaction flow, and batched transactions. - -Find the Github repo with the complete guide [here](https://github.com/gnosis/safe-apps-sdk/tree/master/guides/drain-safe-app). - -### Prerequisites - -We'll assume that you are familiar with TypeScript (JavaScript), React, and Ethereum and have `node.js` and `npm` installed. - -### Help - -If you need help, you can reach Safe developers in the `#safe-developers` channel in [https://chat.safe.global](https://chat.gnosis.io) or [create a discussion](https://github.com/safe-global/safe-apps-sdk/discussions). diff --git a/safe-core-sdk/safe-apps/get-started.md b/safe-core-sdk/safe-apps/get-started.md deleted file mode 100644 index 7fcf70fa..00000000 --- a/safe-core-sdk/safe-apps/get-started.md +++ /dev/null @@ -1,120 +0,0 @@ ---- -description: Basic resources to start creating Safe Apps ---- - -# Get started - -Welcome! We are glad on your interest about creating a Safe App. The team is working hard to provide the tools to make it easier for you to build apps that can interact with Safe. - -Once you are here, the main resources include: - -* [Safe Apps SDK Packages](./get-started.md#safe-apps-sdk-packages) -* [Basic Requirements](./get-started.md#basic-requirements) -* [UI Kit](./get-started.md#ui-kit) - -## Safe Apps SDK packages - -This is one of our main resources for Safe Apps integrations. Whether you already have a dapp or are thinking about creating a new one, you will find it useful to rely on one of our integrations to easily communicate with Safe{Wallet}. In these packages, you will find integrations with very common packages like Web3Modal, Blocknative onboard.js or web3-react, that you may already be using on your project. - -For those creating a new dapp, using our [CRA template](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/cra-template-safe-app) to kickstart the basic structure with all the necessary configuration will speed up the process. - -[Check more about SDK Packages](./overview.md). - -## Basic requirements - -If you already have a dapp, there are some mandatory requirements to adapt your app to be used as a Safe App. Without this basic configuration, the dapp won't work with the Safe as expected. - -If you are using our [CRA template](https://github.com/safe-global/safe-apps-sdk/tree/main/packages/cra-template-safe-app) to start your Safe App, these basic requirements are already included. - -#### Manifest - -It is mandatory that your app exposes a `manifest.json` file in the root dir with this structure: - -```json -{ - "name": "YourAppName", - "description": "A description of what your app do", - "iconPath": "myAppIcon.svg" -} -``` - -> Note: iconPath it's the public relative path where the Safe will try to load your app icon. For this example, it should be https://yourAppUrl/myAppIcon.svg. - -#### CORS - -At some moments we need to be able to reach the `manifest.json` from our app. To allow this it is required to enable **Cross Site Requests** by setting the **CORS** headers to the `manifest.json`. - -The required headers are: - -``` -"Access-Control-Allow-Origin": "\*", -"Access-Control-Allow-Methods": "GET", -"Access-Control-Allow-Headers": "X-Requested-With, content-type, Authorization" -``` - -#### React development - -It is possible to use the local React development server. For this you need to set the **CORS** headers and make sure to use the same protocol (http or https) as the Safe interface you are using for testing.\ - - -**CORS for development** - -For this we recommend to use [react-app-rewired](https://www.npmjs.com/package/react-app-rewired). To enable the library update the `scripts` section in the `package.json`: - -```json -"scripts": { - "start": "react-app-rewired start", - "build": "react-app-rewired build", - "test": "react-app-rewired test" -}, -``` - -Additionally, you need to create the `config-overrides.js` file in the root of the project to confirgure the **CORS** headers. The content of the file should be: - -```js -/* config-overrides.js */ - -module.exports = { - // The function to use to create a webpack dev server configuration when running the development - // server with 'npm run start' or 'yarn start'. - // Example: set the dev server to use a specific certificate in https. - devServer: function (configFunction) { - // Return the replacement function for create-react-app to use to generate the Webpack - // Development Server config. "configFunction" is the function that would normally have - // been used to generate the Webpack Development server config - you can use it to create - // a starting configuration to then modify instead of having to create a config from scratch. - return function (proxy, allowedHost) { - // Create the default config by calling configFunction with the proxy/allowedHost parameters - const config = configFunction(proxy, allowedHost); - - config.headers = { - 'Access-Control-Allow-Origin': '*', - 'Access-Control-Allow-Methods': 'GET', - 'Access-Control-Allow-Headers': 'X-Requested-With, content-type, Authorization', - }; - - // Return your customised Webpack Development Server config. - return config - } - }, -} -``` - -**SSL** - -To enable SSL with `react-scripts` it is necessary to set the `HTTPS` environment variable to `true`. This can be done in the `package.json` file by adjusting the `scripts` section to: - -```json -"scripts": { - "start": "HTTPS=true react-app-rewired start", -}, -``` - -In the case that the SSL certificate provided by `react-scripts` is not valid, it is required to mark it as trusted in your browser. To do this, open the Safe App in a separate tab (not in the Safe interface) and accept the certificate or ignore the warning. - -## UI Kit - -If you are creating your Safe App from scratch, we provide a reusable react components package to make it easy to build Safe Apps with a near-native look and feel while still enabling developers to use their branding in the Safe Apps. - -* [Check all available components in the storybook](https://components.safe.global) -* [Check UI Kit repository](https://github.com/safe-global/safe-react-components) diff --git a/safe-core-sdk/safe-apps/release.md b/safe-core-sdk/safe-apps/release.md deleted file mode 100644 index a8b7232e..00000000 --- a/safe-core-sdk/safe-apps/release.md +++ /dev/null @@ -1,69 +0,0 @@ -# Releasing your Safe App - -### Release process - -#### How to get your Safe Apps into the hands of users - -As soon as you finish developing and testing your Safe App, you can already let some actual users test it by simply sending them the link to the hosted Safe App and asking them to add it as a Custom App. [This guide](https://help.safe.global/en/articles/40859-add-a-custom-safe-app) explains how to add custom apps. - -#### Get your Safe App listed in the Safe - -If you would like your Safe App to appear in the Safe, it must meet the following criteria: - -**1) Smart contracts must be audited** - -Security it's a top priority. If your Safe App includes smart contracts of your own you should provide an external audit result document. If smart contracts were created by a 3rd party you should be using smart contracts that are properly audited. - -**2) Your Safe App must include a manifest.json file at the root containing the following data:** - -`"name": "Name of your Safe App"` - -Your Safe App's name, maximum 50 characters. - -`"iconPath": "your_logo.svg"` - -A relative file path to your App's logo. The icon must be a square SVG image of at least 128 by 128 pixels. - -`"description": "This is the Safe app description."` - -Few sentences describing your application, maximum 200 characters - -You can find an example manifest file on [Github](https://github.com/safe-global/safe-apps-sdk/blob/main/packages/cra-template-safe-app/template/public/manifest.json). In addition, you can find an example Safe App on IPFS [here](https://ipfs.io/ipfs/QmTgnb1J9FDR9gimptzvaEiNa25s92iQy37GyqYfwZw8Aj/). - -Remember that **CORS** should be configured correctly on the `manifest.json` so we can fetch the information as [mentioned here](./get-started.md#cors). - -**3) The app auto-connects to the Safe** - -When an user opens the app, it should automatically select the Safe as a wallet. Ensure to check the case if the user previously opened the app outside of the Safe with another wallet. - -**4) The Safe team has reviewed the Safe App** - -The requirement doesn't apply for battle-tested applications hosted on the same domain like the main dApp. - -While we won't be able to do a proper audit for your Safe App, we still would like to look at the source code to raise issues or suggest improvements. So whether your Safe App is open or closed source, please send us either a **link to the public repo or an invitation to the private code repository**. - -We also would like to make a rough functional review of the App, so please provide us with a **high-level test plan/feature list** that allows our QA team to make sure everything works as intended in production. Video walkthroughs are also welcome. - -**5) Help us decode your Safe App transactions** - -We want to display interactions with Safe Apps as human-readable as possible. To do this, we need the contract ABI of the contracts that your Safe App interacts with. The ideal way to do this would be to verify your contracts via [Sourcify](https://github.com/ethereum/sourcify), which we can leverage to decode transactions interacting with those contracts. - -Alternatively, you can provide us with the ABIs as JSON files or the links to the verified contracts on Etherscan, so we can implement transaction decoding for your Safe App interactions. - -**Create an issue in our repository once you've verified that your app meets these requirements:** [https://github.com/5afe/safe-apps-list](https://github.com/5afe/safe-apps-list) - -#### The official launch and beyond - -After we have reviewed and integrated your Safe App, the App will first be available in the [staging environment](https://safe-wallet-web.staging.5afe.dev) of the Safe for you to do a final review. We would then approach you to coordinate the launch and a joint announcement. - -At any point after the launch, if you or your users encounter issues with the Safe App, or you want to release an update to an existing Safe App, please get in touch with us via [Discord](https://chat.safe.global). - -While developing your Safe App you can directly use [our production interface](https://app.safe.global) for testing it. Some testnets like Goerli are also available there. - -Once your app is live, even if you are running it locally, you can import it to the Safe application as a custom app. To do so, you should select the "Apps" tab: - -
- -Use the `Add custom app` button and add your app using a link: - -