The Safe guardian is custom-designed with unique operational mechanisms and tailored permission scopes for each vault, based on their individual trading strategies. It acts as a robust protector of user assets to guarantee fund safety. It defines the rules regarding transfer destinations and DeFi protocol operations, controlling security risks beyond the multi–signature.

The Safe Guardian only allows the Safe Wallet multi-signature to operate within specified limits. When the Safe Account is operated through multi–signature, it invokes the checkTransaction function of Guardian to perform a validity check. checkTransaction will then examine if the operation is allowed based on the configured rules.

By granting governance permissions on top of the usage rights of the Safe Wallet multi-signature, it achieves a separation of governance authority from the user authority. This separation enables parameter configurations and contract upgrades through change in governance structure in the future.