Find your situation below and follow the steps. Take your time โ nothing bad is happening while you read.
Got a "withdrawal started" alert and it wasn't you? You have the entire cancel window from the moment it started (you chose its length at creation; the timer is visible in "My vault"). And you don't need your own device: any computer or a borrowed phone works โ the alarm key is enough.
Your vaults, deals and listings all live in one encrypted master key file โ your Desk profile. On any device, open your Desk, choose Import / restore and load your master key file (.age) with its password โ everything comes back at once. Back it up from the Desk ("Export key file"); that one file is your recovery.
Have an older .txt recovery sheet from before this change, or just one vault to reopen? The manual steps below still work.
Your vault isn't stored in a browser โ it lives on the blockchain. Reopen it from an old recovery sheet (or the public values in your master key file). Just to look, no private keys are needed.
Someone left you a Kaspa Safe vault. The owner set a period: as long as they kept checking in ("I'm alive"), the vault was theirs alone. If the check-ins stopped โ after the period, the vault opens to you. Before that you can't see or take anything; that's how the contract is designed.
How long is left โ visible in the panel (the "Timer" row) or via vaultctl status. No permission from us is needed: the blockchain enforces the rules. Site down โ vaultctl inherit does the same (block below).
Kaspa Safe doesn't depend on us: the vault is an on-chain contract, and it checks only your keys and time. The open-source vaultctl tool does everything the site does, from a terminal, against any Kaspa v2+ node (running with --utxoindex). The code is published: github.com/pcdoctormsk-ctrl/kaspa-safe โ keep a copy (Code โ Download ZIP) and you won't depend even on GitHub.
# once: build it (needs Rust from rustup.rs, protobuf-compiler, clang) git clone https://github.com/pcdoctormsk-ctrl/kaspa-safe cd kaspa-safe/vaultctl && cargo build --release # cargo build also produces kaspa-unlock. Have only the master key file (.age)? # decrypt it once, then pull out the vault you need โ vaultctl reads JSON too: kaspa-unlock decrypt kaspa-office-profile.age profile.json # asks your Desk password jq '.vaults[0]' profile.json > vault.json # pick a vault; use vault.json below in place of sheet.txt # the recovery input is fed AS IS โ an old .txt sheet OR the vault.json above # vault state: balance, age, inheritance timer vaultctl status --recovery kaspa-safe-recovery-XXXX.txt # start a withdrawal to your address (needs the hot key โ it's on the sheet) vaultctl initiate --recovery sheet.txt --to kaspa:q... # cancel an in-flight withdrawal (alarm key; --dest = the address the # withdrawal is going TO โ yours you know, a thief's is in the TG alert / panel) vaultctl cancel --recovery sheet.txt --dest kaspa:q... # deliver a matured withdrawal to its destination (no key needed) vaultctl complete --recovery sheet.txt --dest kaspa:q... # "I'm alive" check-in ยท deliver the inheritance after the period vaultctl checkin --recovery sheet.txt vaultctl inherit --recovery sheet.txt # "automatic": no key vaultctl inherit --recovery sheet.txt --heir-sk KEY # "manual": heir's key
Useful flags: --node grpc://your-node:16110 โ any Kaspa v2+ node with --utxoindex (defaults to the OfficeForge node); --dry-run โ build and sign the transaction, print its txid, but do NOT broadcast (try this first). To verify the contract itself: vaultctl selftest โ 18 checks of every path and attack inside the node VM.
If anyone asks you to send a private key, a seed phrase, your Desk password or your master key file โ it's a scammer.
Your master key file does not give OfficeForge access to your coins โ it's encrypted with your password and exists for you alone, to sign actions with your own keys. We don't store private keys or your password and can't recover them for you. And we will never ask for them โ not in chat, not by email, not "for verification". Support (sales@officeforge.co) can explain the steps, but physically has no access to keys or coins.
Rehearse once with a small amount: reopen the vault in a fresh browser, start a test withdrawal, cancel it with the alarm key and make sure you understand the full cycle. A calm rehearsal is what saves you on a bad day.
The same Kaspa Safe as a native Android app โ all assets bundled, works offline, API calls go to safe.officeforge.co. Min Android 7.0.
Version: โฆ ยท verify: sha256sum -c KaspaSafe.apk.sha256 ยท mirror: GitHub Releases (same file, same checksum)