Kaspa Safe OfficeForge
Network DAA score Node status
Non-custodial · Toccata covenants · mainnet beta

A stolen key isn't
stolen coins yet

Kaspa Safe is a vault for KAS right on the blockchain. Every withdrawal starts with a delay you set — from an hour to 90 days. If a thief started it, you have time to hit "cancel" with your alarm key, and the coins return to the vault.

Keys never leave your browser · rules baked into an on-chain script ·
Don't have KAS? Swap it on the spot. Fund your vault straight from BTC, ETH, SOL, USDT or USDC — across all their major networks — right at the deposit step. No separate exchange, no extra tab.
Swaps are handled by SimpleSwap, an independent third-party exchange — not part of Kaspa Safe. Your funds are in SimpleSwap's custody only for the duration of the swap; our non-custodial guarantee begins once KAS lands on your vault's funding address. Rates and available currencies are set by SimpleSwap and may change. Not financial advice.
Mechanics

Three ways out of the vault — all under your control

1 · Delayed withdrawal

The hot key starts a withdrawal. The destination is locked into the contract, the coins queue for the delay you chose — presets from 6 hours to 14 days, or any window from 1 hour to 90 days. No one can take them early.

2 · Cancel a theft

While the delay runs, the alarm key (kept apart — on paper, elsewhere) sends everything back to the vault in one move. A thief with the hot key gets nothing.

3 · Calm withdrawal

The window passed without a cancel — so it was you. The coins are delivered strictly to the address locked at the start — automatically, if auto-complete is on (recommended). Swapping the address is impossible.

When it saves you

Set up once — hold a serious sum calmly, at home or on the road

Theft & coercion

Your phone is taken — or you're forced to send coins. The thief starts a withdrawal, but the coins are still in the vault for hours. One move with the alarm key (kept apart — at home, on paper) and everything comes back. At home or travelling, the money never leaves instantly.

Hacks, phishing, leaked seed

Malware, a phishing site or a leaked seed phrase — the attacker still can't drain the vault instantly. You get an alert, cancel the withdrawal and calmly move the coins to a fresh vault.

Inheritance without notaries

You want your KAS to reach your family if something happens to you. Set a periodic check-in — say, once a month. If you stop checking in, after your chosen term the coins open to your heir: delivered automatically — your heir needs no key and no software — or claimed with their own key. How inheritance works ↓

Your own mistakes

Pasted the wrong address? Changed your mind? While the window is open, the withdrawal can be cancelled and the coins return to the vault. A mistake stops being irreversible.

A project or business treasury

Your company keeps KAS in a shared vault: every withdrawal is visible in advance and runs with a delay. A hacked employee laptop can't walk away with the treasury — the founder's alarm key stops the withdrawal.

Insurance against a lost key

Name your own second address as the heir. Lose the hot key — just stop checking in: after the period, the coins come back to you through the inheritance path. In a plain wallet a lost key means lost coins; here you have a road back.

Inheritance

Your coins reach your family — without handing anyone your keys

Check ina periodic "I'm alive" tap keeps the vault yours
If you stopafter your chosen period — anything up to 5 years — the vault opens to your heir
Auto-deliverythe coins reach your heir on their own — they need no key and no software
Or by their keymanual mode: the heir claims the funds themselves — nothing moves on its own
Heir sees nothinguntil the timer runs out — no early access
Optionalleave it off and the vault is a pure anti-theft safe
Keysgenerated and living only in your browser
Vault rulesan on-chain Kaspa script (Toccata covenant)
Our roleinterface + monitoring + Telegram alerts
If our site vanishesoffline recovery — the vault lives without us
Pricing

The vault is free. Pay only if you want us watching

Freeforever, on-chain

Creating the vault, withdrawals, cancels, check-ins, inheritance — every on-chain operation costs nothing beyond the Kaspa network fee (fractions of a KAS).

100 KAS/yearmonitoring · first 30 days free

A Telegram alert the moment anything happens to your vault, plus check-in reminders. The vault works without the subscription too — but without alerts you'll learn about someone else's withdrawal later than you'd like.

Mobile

Android app — same vault, your pocket

All assets bundled into the APK — works offline, even if our site is down. API calls go to safe.officeforge.co. Min Android 7.0.

Version: · Android 7.0+ · signed by OfficeForge
Xiaomi/HyperOS may warn about missing "ICP registration" — that's their store-catalog check, not a security flag: tap "Continue install" and verify the SHA-256 instead.

F-Droid client: add our repo — https://kaspaforge.org/fdroid/repo?fingerprint=A007F26F2F0E32C7B537EA0C446DA6AFAA59A22C288B57CFBFF28BF358533029 — and get auto-updates.

FAQ

Fair questions

Do you hold my coins?

No. Keys are generated and live only in your browser; the vault rules are a Kaspa on-chain script. We physically can't move your funds — and can't help withdraw them if you lose both keys.

What if your site disappears?

The vault is an on-chain contract — it doesn't need us to exist. The recovery guide and the open-source vaultctl tool let you do everything from a terminal against any Kaspa node.

What does it cost?

On-chain operations are free forever — you pay only the Kaspa network fee (fractions of a KAS). Telegram monitoring is 100 KAS/year, first 30 days free.

Do I have to stay online for the vault to work?

No. The rules are enforced by the blockchain itself. Our watcher handles the conveniences — auto-completing withdrawals and delivering inheritance. And if we ever vanish, every step can be done by hand or with vaultctl.

How often do I have to check in for inheritance?

There's no separate schedule — the inheritance period you chose at creation is the deadline. Every check-in resets the timer to zero, so check in at least once within each period (picked 12 months — show up more often than once a year). Cancelling a withdrawal resets the timer too. With the alerts subscription, Telegram reminds you once ~80% of the period has passed; without it, watch the timer in the vault panel yourself.

What if a thief gets both keys?

Then the window won't save you — that's why keeping the keys apart is the foundation. The hot key lives where you use it; the alarm key belongs on paper in a different place. A thief with just the hot key gets nothing.

How is this different from a hardware wallet?

A hardware wallet protects the key, but a signed transaction is final. Kaspa Safe protects the coins themselves: even with a stolen key, every withdrawal waits out your delay and can be cancelled. The two work great together.

How tested is it?

Beta. The contract passed our full on-chain cycle plus adversarial attacks on our test range; an external audit is still ahead. Don't store more than you'd trust to a beta — suggested cap 5,000 KAS.

Which network?

Kaspa mainnet, Toccata covenants (active since June 30, 2026). No tokens, no bridges — plain KAS in a covenant script.

Beta. The contract passed our test range (full on-chain cycle + adversarial attacks), but external audit is still ahead. Don't store more than you'd trust to a beta. Suggested cap — 5,000 KAS.