Kaspa Safe is a vault for KAS right on the blockchain. Every withdrawal starts with a delay you set — from an hour to 90 days. If a thief started it, you have time to hit "cancel" with your alarm key, and the coins return to the vault.
The hot key starts a withdrawal. The destination is locked into the contract, the coins queue for the delay you chose — presets from 6 hours to 14 days, or any window from 1 hour to 90 days. No one can take them early.
While the delay runs, the alarm key (kept apart — on paper, elsewhere) sends everything back to the vault in one move. A thief with the hot key gets nothing.
The window passed without a cancel — so it was you. The coins are delivered strictly to the address locked at the start — automatically, if auto-complete is on (recommended). Swapping the address is impossible.
Your phone is taken — or you're forced to send coins. The thief starts a withdrawal, but the coins are still in the vault for hours. One move with the alarm key (kept apart — at home, on paper) and everything comes back. At home or travelling, the money never leaves instantly.
Malware, a phishing site or a leaked seed phrase — the attacker still can't drain the vault instantly. You get an alert, cancel the withdrawal and calmly move the coins to a fresh vault.
You want your KAS to reach your family if something happens to you. Set a periodic check-in — say, once a month. If you stop checking in, after your chosen term the coins open to your heir: delivered automatically — your heir needs no key and no software — or claimed with their own key. How inheritance works ↓
Pasted the wrong address? Changed your mind? While the window is open, the withdrawal can be cancelled and the coins return to the vault. A mistake stops being irreversible.
Your company keeps KAS in a shared vault: every withdrawal is visible in advance and runs with a delay. A hacked employee laptop can't walk away with the treasury — the founder's alarm key stops the withdrawal.
Name your own second address as the heir. Lose the hot key — just stop checking in: after the period, the coins come back to you through the inheritance path. In a plain wallet a lost key means lost coins; here you have a road back.
Creating the vault, withdrawals, cancels, check-ins, inheritance — every on-chain operation costs nothing beyond the Kaspa network fee (fractions of a KAS).
A Telegram alert the moment anything happens to your vault, plus check-in reminders. The vault works without the subscription too — but without alerts you'll learn about someone else's withdrawal later than you'd like.
All assets bundled into the APK — works offline, even if our site is down. API calls go to safe.officeforge.co. Min Android 7.0.
Version: … · Android 7.0+ · signed by OfficeForge
Xiaomi/HyperOS may warn about missing "ICP registration" — that's their store-catalog check, not a security flag: tap "Continue install" and verify the SHA-256 instead.
F-Droid client: add our repo — https://kaspaforge.org/fdroid/repo?fingerprint=A007F26F2F0E32C7B537EA0C446DA6AFAA59A22C288B57CFBFF28BF358533029 — and get auto-updates.
No. Keys are generated and live only in your browser; the vault rules are a Kaspa on-chain script. We physically can't move your funds — and can't help withdraw them if you lose both keys.
The vault is an on-chain contract — it doesn't need us to exist. The recovery guide and the open-source vaultctl tool let you do everything from a terminal against any Kaspa node.
On-chain operations are free forever — you pay only the Kaspa network fee (fractions of a KAS). Telegram monitoring is 100 KAS/year, first 30 days free.
No. The rules are enforced by the blockchain itself. Our watcher handles the conveniences — auto-completing withdrawals and delivering inheritance. And if we ever vanish, every step can be done by hand or with vaultctl.
There's no separate schedule — the inheritance period you chose at creation is the deadline. Every check-in resets the timer to zero, so check in at least once within each period (picked 12 months — show up more often than once a year). Cancelling a withdrawal resets the timer too. With the alerts subscription, Telegram reminds you once ~80% of the period has passed; without it, watch the timer in the vault panel yourself.
Then the window won't save you — that's why keeping the keys apart is the foundation. The hot key lives where you use it; the alarm key belongs on paper in a different place. A thief with just the hot key gets nothing.
A hardware wallet protects the key, but a signed transaction is final. Kaspa Safe protects the coins themselves: even with a stolen key, every withdrawal waits out your delay and can be cancelled. The two work great together.
Beta. The contract passed our full on-chain cycle plus adversarial attacks on our test range; an external audit is still ahead. Don't store more than you'd trust to a beta — suggested cap 5,000 KAS.
Kaspa mainnet, Toccata covenants (active since June 30, 2026). No tokens, no bridges — plain KAS in a covenant script.