From f04839aab169d4009c372be834b2a821c1dae97c Mon Sep 17 00:00:00 2001 From: 0xbe1 <0xbetrue@gmail.com> Date: Mon, 6 Oct 2025 23:43:46 +0800 Subject: [PATCH] Reorganize README to emphasize interactive mode MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Move Quickstart to the top with interactive mode (`safely`) as the primary usage - Rename Usage section to Subcommands with note that they're for advanced users - Move "Why safely?" section to the end and merge with Key Features - Reorder sections: Quickstart → Subcommands → Development → Community → Why safely → License 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude --- README.md | 58 +++++++++++++++++++++++++++++++++---------------------- 1 file changed, 35 insertions(+), 23 deletions(-) diff --git a/README.md b/README.md index bc82e45..407e6ec 100644 --- a/README.md +++ b/README.md @@ -2,14 +2,6 @@ Manage your multisig accounts on Aptos & Movement **safely** through a secure CLI interface. -## Why safely? - -In the wake of recent security incidents like the [SafeWallet frontend compromise](https://x.com/safe/status/1894768522720350673), it's become clear that web-based multisig interfaces pose significant risks. Web frontends can be modified by attackers, making transaction verification difficult or impossible for users. **safely** takes a different approach: - -- **CLI-first**: No web frontend means no risk of compromised interfaces -- **Verifiable**: All transactions are transparent and can be inspected directly -- **Local execution**: Your keys stay on your machine - ## Quickstart 1. Install the CLI: @@ -18,29 +10,36 @@ In the wake of recent security incidents like the [SafeWallet frontend compromis npm install -g @thalalabs/safely ``` -2. Under a directory where you have your aptos profiles configured, view pending transactions of a multisig account: +2. Configure your Aptos profile (if not already done): ```bash -safely proposal -m -p +aptos init --profile +# or with Ledger hardware wallet +aptos init --ledger --profile ``` -Aptos profile can be configured by running `aptos init --profile ` or `aptos init --ledger --profile ` ([docs](https://aptos.dev/en/build/cli/trying-things-on-chain/ledger)). +See [Aptos CLI docs](https://aptos.dev/en/build/cli/trying-things-on-chain/ledger) for more details. + +3. Launch the interactive terminal UI: -3. Follow the terminal UI to view transaction details, vote yes, vote no, or execute the transaction once vote threshold is met. +```bash +safely +``` -See [docs.md](./docs.md) for detailed documentation. +The interactive mode will guide you through: -## Key Features +- Selecting or entering a multisig address +- Choosing your profile for signing +- Viewing pending proposals +- Voting on or executing transactions -- **Security First**: CLI-based interface eliminates frontend security risks -- **Transaction Simulation**: Display simulation results wherever possible -- **Human-Readable**: Clear transaction descriptions and parameter explanations -- **Open Source**: Community-driven development and quick iterations -- **Multi-Chain**: Support for both Aptos and Movement -- **Hardware Security**: Native Ledger support -- **Local Control**: All operations run locally on your machine +**This is the recommended way to use safely** - it provides a safe, guided experience with clear transaction details and simulation results. -## Usage +For advanced usage and automation, see the [Subcommands](#subcommands) section below. + +## Subcommands + +**Note**: The interactive mode (`safely` without arguments) is the recommended way to interact with multisig accounts. Subcommands are provided for advanced users who need automation or scripting capabilities. ```bash > safely --help @@ -67,7 +66,7 @@ Commands: help [command] display help for command ``` -For detailed usage instructions and examples, see [docs.md](./docs.md). +For detailed subcommand documentation and examples, see [docs.md](./docs.md). ## Development @@ -115,6 +114,19 @@ We welcome contributions from the entire Move ecosystem! Whether you're: Your input helps make multisig management safer and more efficient for everyone. +## Why safely? + +In the wake of recent security incidents like the [SafeWallet frontend compromise](https://x.com/safe/status/1894768522720350673), it's become clear that web-based multisig interfaces pose significant risks. Web frontends can be modified by attackers, making transaction verification difficult or impossible for users. **safely** takes a different approach: + +- **CLI-first**: No web frontend means no risk of compromised interfaces +- **Verifiable**: All transactions are transparent and can be inspected directly +- **Local Control**: All operations run locally on your machine +- **Transaction Simulation**: Display simulation results wherever possible +- **Human-Readable**: Clear transaction descriptions and parameter explanations +- **Multi-Chain**: Support for both Aptos and Movement +- **Hardware Security**: Native Ledger support +- **Open Source**: Community-driven development and quick iterations + ## License MIT.