Safe Recovery Service API

Safe Recovery Service follows RESTful API standard. It uses standard HTTP methods (GET, POST, ..) to perform CRUD (Create, Read, Update, Delete) operations on our resources, and return error responses in a consistent and predictable format.

info

The following API is in a pre-release phase. Request access by contacting us.

Create recovery request

Creates a new recovery request by a guardian with a lost signer of a Safe account. Can only be initated by guardians of the account.

POST /recoveries/create

Example Request

curl -X POST \
  https://api.candide.dev/recoveries/$version/$network/$your_api_key/create \
  -H 'Content-Type: application/json' \
  -d '{
        "account": "0xD422B9d638a7BA4eBeF9e33Af9456007eAB4ccba",
        "newOwners": ["0x41153290c995c8c4410d50f95D87ee86A1B07eeC", "0xB97A1C3993A551f0Febf030539630ACb77E6832D"],
        "newThreshold": 2,
        "chainId": 1,
        "signer": "0x795B9cD1E5419C54B07768d4AD09809407dfAF5b",
        "signature": "0x1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef"
      }'

Example Response

{
    "id": "123456789",
    "emoji": "🤖😅🥵👻🖖",
    "account": "0xD422B9d638a7BA4eBeF9e33Af9456007eAB4ccba",
    "chainId": 1,
    "newOwners": [
        "0x41153290c995c8c4410d50f95D87ee86A1B07eeC",
        "0xB97A1C3993A551f0Febf030539630ACb77E6832D"
    ],
    "newThreshold": 2,
    "nonce": "1234567890",
    "signatures": [],
    "executeData": {
        "sponsored": true,
        "transactionHash": "",
    },
    "finalizeData": {
        "sponsored": true,
        "transactionHash": "", 
    },
    "status": "PENDING",
    "discoverable": true,
    "createdAt": "2023-04-18T12:34:56.789Z",
    "updatedAt": "2023-04-18T12:34:56.789Z"
}

Request Body

key	type	description
account	string	The Safe account address that the owner wants to recover. Must be a valid Ethereum address
newOwners	string[]	The new owners to the Safe account. Must be a valid Ethereum addresses
newThreshold	number	The new threshold to the Safe account
chainId	number	The chainId of the network where the Safe account resides
signature	string	A signature from the guardian for a message containing the address of the safe, new owners of the Safe, chainId, module address, and a nonce

Response Body

key	type	description
id	string	The ID associated with the Recovery Request
emoji	string	The emojis associated with the recovery request
account	string	The Safe account address that the owner wants to recover. Must be a valid Ethereum address
chainId	number	The chainId of the network where the Safe account resides
newOwners	string[]	The new owners for the Safe account
newThreshold	number	The new threshold for the Safe account
nonce	bigint	Recovery module contract nonce
signatures	json	The signatures for the recovery request
executeData	key type description sponsored boolean If the recovery execution tx is gas-sponsored or not transactionHash string The transaction hash of the recovery execution	An object field representing the finilization recovery transaction
finalizeData	key type description sponsored boolean If the recovery finilization tx after the grace period ends is gas-sponsored or not transactionHash string The transaction hash of the finilization execution	An object field representing the finilization recovery transaction
status	string	The status of the recovery request: PENDING | EXECUTED | FINALIZED | FINALIZATION-IN-PROGRESS | FAILED
discoverable	boolean	Whether the recovery request is discoverable
createdAt	datetime	The date the recovery request was created
updatedAt	datetime	The date and time of the recovery request that was created

Fetch recovery by address

Fetches recovery requests created by guardians of the Safe accounts by the safe address

GET /recoveries/fetchByAddress

Example Request

curl -X GET \
  https://api.candide.dev/recoveries/$version/$network/$your_api_key/fetchByAddress \
  -H 'Content-Type: application/json' \
  -d '{
        "account": "0xD422B9d638a7BA4eBeF9e33Af9456007eAB4ccba",
        "chainId": 1,
        "nonce": 2,
    }'

Example Response

[
    {
        "id": "123456789",
        "emoji": "🤖😅🥵👻🖖",
        "account": "0xD422B9d638a7BA4eBeF9e33Af9456007eAB4ccba",
        "chainId": 1,
        "newOwners": [
            "0x41153290c995c8c4410d50f95D87ee86A1B07eeC",
            "0xB97A1C3993A551f0Febf030539630ACb77E6832D"
        ],
        "newThreshold": 2,
        "nonce": "1234567890",
        "signatures": [],
        "executeData": {
            "sponsored": true,
            "transactionHash": "", 
        },
        "finalizeData": {
            "sponsored": true,
            "transactionHash": "", 
        },
        "status": "PENDING",
        "discoverable": true,
        "createdAt": "2023-04-18T12:34:56.789Z",
        "updatedAt": "2023-04-18T12:34:56.789Z"
    },
    {
        "id": "72682373",
        "emoji": "💳📿🪣📥📹",
        "account": "0xD422B9d638a7BA4eBeF9e33Af9456007eAB4ccba",
        "chainId": 1,
        "newOwners": [
            "0x73f7b1184B5cD361cC0f7654998953E2a251dd58",
            "0x7Cb027917b27BCb5963C548657a008BF45b25BDc"
        ],
        "newThreshold": 2,
        "nonce": "1234567890",
        "signatures": [],
        "executeData": {
            "sponsored": true,
            "transactionHash": "", 
        },
        "finalizeData": {
            "sponsored": true,
            "transactionHash": "", 
        },
        "status": "PENDING",
        "discoverable": true,
        "createdAt": "2023-04-18T12:34:56.789Z",
        "updatedAt": "2023-04-18T12:34:56.789Z"
    } 
]

Request Body

key	type	description
account	string	The Safe account address that the owner wants to recover. Must be a valid Ethereum address
chainId	number	The chainId of the network where the Safe account resides
nonce	number	Recovery module contract nonce

Response

key	type	description
RecoveryRequest[]	key type description id string The ID associated with the Recovery Request emoji string The emojis associated with the recovery request account string The Safe account address that the owner wants to recover. Must be a valid Ethereum address chainId number The chainId of the network where the Safe account resides newOwners string[] The new owners for the Safe account newThreshold number The new threshold for the Safe account nonce bigint Recovery module contract nonce signatures json The signatures for the recovery request executeData key type description sponsored boolean If the recovery execution tx is gas-sponsored or not transactionHash string The transaction hash of the recovery execution An object field representing the finilization recovery transaction finalizeData key type description sponsored boolean If the recovery finilization tx after the grace period ends is gas-sponsored or not transactionHash string The transaction hash of the finilization execution An object field representing the finilization recovery transaction status string The status of the recovery request: PENDING | EXECUTED | FINALIZED | FINALIZATION-IN-PROGRESS | FAILED discoverable boolean Whether the recovery request is discoverable createdAt datetime The date the recovery request was created updatedAt datetime The date and time of the recovery request that was created	A list of ongoing Recovery Requests for a Safe account address

Fetch recovery by ID

Fetch a recovery request by ID

GET /recoveries/fetchById

Example Request

curl -X GET \
  https://api.candide.dev/recoveries/$version/$network/$your_api_key/fetchById \
  -H 'Content-Type: application/json'

Example Response

{
    "id": "123456789",
    "emoji": "🤖😅🥵👻🖖",
    "account": "0xD422B9d638a7BA4eBeF9e33Af9456007eAB4ccba",
    "chainId": 1,
    "newOwners": [
        "0x41153290c995c8c4410d50f95D87ee86A1B07eeC",
        "0xB97A1C3993A551f0Febf030539630ACb77E6832D"
    ],
    "newThreshold": 2,
    "nonce": "1234567890",
    "signatures": [],
    "executeData": {
        "sponsored": true,
        "transactionHash": "", 
    },
    "finalizeData": {
        "sponsored": true,
        "transactionHash": "", 
    },
    "status": "PENDING",
    "discoverable": true,
    "createdAt": "2023-04-18T12:34:56.789Z",
    "updatedAt": "2023-04-18T12:34:56.789Z"
}

Request Body

key	type	description
id	string	Recovery request ID

Response Body

key	type	description
id	string	The ID associated with the Recovery Request
emoji	string	The emojis associated with the recovery request
account	string	The Safe account address that the owner wants to recover. Must be a valid Ethereum address
chainId	number	The chainId of the network where the Safe account resides
newOwners	string[]	The new owners for the Safe account
newThreshold	number	The new threshold for the Safe account
nonce	bigint	Recovery module contract nonce
signatures	json	The signatures for the recovery request
executeData	key type description sponsored boolean If the recovery execution tx is gas-sponsored or not transactionHash string The transaction hash of the recovery execution	An object field representing the finilization recovery transaction
finalizeData	key type description sponsored boolean If the recovery finilization tx after the grace period ends is gas-sponsored or not transactionHash string The transaction hash of the finilization execution	An object field representing the finilization recovery transaction
status	string	The status of the recovery request: PENDING | EXECUTED | FINALIZED | FINALIZATION-IN-PROGRESS | FAILED
discoverable	boolean	Whether the recovery request is discoverable
createdAt	datetime	The date the recovery request was created
updatedAt	datetime	The date and time of the recovery request that was created

Collect a guardian signature

Collects a guardian siganture to store for later confirmation and finilization

POST /recoveries/sign

Example Request

curl -X POST \
  https://api.candide.dev/recoveries/$version/$network/$your_api_key/sign \
  -H 'Content-Type: application/json' \
  -d '{
        "id": 123456789,
        "signer": "0x0b16b3bD015C1e4C866A88e5Cd3f5836fECe7e8A",
        "signature": "0x45a915e4fc10f6030065f199c1d9258166eb2b98e5a0fe2c4b2ee3a4ed8d6f0a2c5d6e7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5e6f7a8b9c0d1e2f3a4b5c6d7e8f9a0b1c2d3e4f5"
      }'

Example Response

{
    "success": "true"
}

Request Body

key	type	description
id	string	Recovery request ID
signer	string	The guardian public address
signature	string	The signature for the message hash of the guardian confirmation of recovery

Response

key	type	description
status	true	true = signature is valid

Execute a recovery by ID

POST /recoveries/execute

Execute a recovery request by ID

Example Request

curl -X POST \
  https://api.candide.dev/recoveries/$version/$network/$your_api_key/execute \
  -H 'Content-Type: application/json' \

Example Response

{
    "success": "true"
}

Request Body

key	type	description
id	string	Recovery request ID

Response

key	type	description
success	true	Return true once finilized. Else returns error

Finalize recovery by ID

POST /recoveries/finalize

Finalize a recovery request by ID

Example Request

curl -X POST \
  https://api.candide.dev/recoveries/$version/$network/$your_api_key/finalize \
  -H 'Content-Type: application/json' \

Example Response

{
    "success": "true"
}

Request Body

key	type	description
id	string	Recovery request ID

Response

key	type	description
success	true	Return true once finilized. Else returns error

Subscribe to Recovery Requests

POST /alerts/subscribe

Subscribes to any recovery attempt to a safe account, whether through the backend or onchain

Example Request

curl -X GET \
  https://api.candide.dev/recoveries/$version/$network/$your_api_key/subscribe \
  -H 'Content-Type: application/json' \
  -d '{
        "account": "0xD422B9d638a7BA4eBeF9e33Af9456007eAB4ccba",
        "email": "vitalik@protonmail.com",
        "signature": "0x12212312312432152452344444444444444444422222222222222223344444444444444",
    }'

Example Response

{
    "success": "true"
}

Request Body

key	type	description
account	string	The Safe account address that should be monitored. Must be a valid Ethereum address
email	string	The email target to receive those alerts. Must be a valid email address.
signature	string	A signature from the account containing the email and a nonce

Response

key	type	description
success	true	Return true once finilized. Else returns error

Error Handeling

The API uses standard HTTP status codes to indicate the success or failure of a request. Error responses will include a JSON object with the following structure:

​​{
​​  "error": {
​​    "code": 404,
​​    "message": "Recovery request not found"
​​  }
​​}