When a Safe Owner delegates Roles to a Delegate, the workflow is as follows:

1. Safe Owner creates a Cobo Safe Account and enables a Module on Safe.

2. Safe Owner configures the Root Authorizer and Role Manager.

3. Safe Owner adds the address of the Delegate to the whitelist under the Cobo Safe Account.

4. Safe Owner adds Sub-Authorizers and Roles to the Root Authorizer.

5. Safe Owner assigns Roles to the Delegate.

When a Delegate executes a transaction, the workflow is as follows:

1. Delegate sends a transaction via the Cobo Safe Account.

2. Cobo Safe Account validates whether the address of the Delegate has been whitelisted. If no, the transaction will be rejected. If yes, the transaction will be sent to the Root Authorizer.

3. Root Authorizer queries the Roles associated with the Delegate with the help of a Role Manager.

4. Root Authorizer locates one or multiple Sub-Authorizers associated with each Role.

5. If the transaction passes validation from any of these Sub-Authorizers, it will be approved. Otherwise, the transaction will be rejected.

6. Once the transaction is approved, Cobo Safe Account will call Safe to initiate the transaction.

7. After the transaction is executed, Root Authorizer will validate the transaction via postExecCheck.

8. The transaction sent by the Delegate is completed.