Palmera

• Name: Palmera
• URL: https://www.palmeradao.xyz/
• Category: Safe-native hierarchical permissions module / multisig infrastructure / onchain organizational control plane
• Tags: ethereum-ecosystem
• Summary: Palmera is a Safe hierarchy module. The useful part is explicit parent/child Safe authority with scoped execution and allow/deny-list logic. Keep it as an onchain organizational-permissions note, not as a wallet-control anchor.
• What it does:
  • Provides the Palmera Module, a Safe module for building hierarchical Safe organizations with parent/child authority relationships
  • Lets organizations assign default and optional roles across root Safes, super Safes, subSafes, EOAs, and smart contracts
  • Supports execution on behalf of subordinate Safes, owner-management actions, hierarchy reconfiguration, and scoped administrative control
  • Adds allow/deny-list controls and SDK tooling for creating organizations and interacting with the module
• Key claims:
  • The official site frames Palmera as Safe-oriented multisig infrastructure, but the analytically useful surface is the hierarchy module rather than the surrounding services copy
  • The Palmera Module docs describe a hierarchy of Safes with delegated powers and risk segmentation rather than a flat signer set
  • The roles docs show the module grants concrete powers such as execution on behalf of subSafes, owner management, hierarchy changes, and access-list control
  • The role-type docs define materially different powers for root Safes, super Safes, and optional lead roles, which makes Palmera a good note for bounded delegated authority
  • The public PalmeraModule repo and TypeScript SDK show this is meant to be integrated into broader Safe-based org tooling rather than treated as a one-off custom deployment
• Whitepaper: No canonical standalone whitepaper or litepaper surfaced in this pass. The strongest primary materials were Palmera’s site, Palmera Module docs, and public module / SDK repositories; see ../whitepapers/palmera-primary-sources-2026-05-07.md.
• Sources:
  • https://www.palmeradao.xyz/
  • https://docs.palmeradao.xyz/palmera-module-safe-hierarchical-structure
  • https://docs.palmeradao.xyz/palmera-module-safe-hierarchical-structure/palmera-module/welcome-to-the-palmera-module/hierarchical-structure.md
  • https://docs.palmeradao.xyz/palmera-module-safe-hierarchical-structure/palmera-module/welcome-to-the-palmera-module/roles.md
  • https://docs.palmeradao.xyz/palmera-module-safe-hierarchical-structure/introduction-to-on-chain-roles/types-of-roles.md
  • https://github.com/keyper-labs
  • https://raw.githubusercontent.com/keyper-labs/PalmeraModule/main/README.md
  • https://raw.githubusercontent.com/keyper-labs/palmera-module-sdk/main/README.md

Internal linkages

• Upward substrate and authority-model comparisons: safe and hats-protocol.
• Useful contrast when control moves offchain into workflow or signer infrastructure: turnkey.

Governance / control risk

• The module makes the authority graph more legible, but it also creates a sharper blast-radius question around root-Safe control, inherited permissions, and list maintenance.

• If the root can reach everywhere, the hierarchy is real power, not decorative policy.

• Last reviewed: 2026-05-31 UTC