u/Zilliqant

Toccata covenants in practice: a non-custodial anti-theft vault for KAS, open beta
▲ 35 r/kaspa

Toccata covenants in practice: a non-custodial anti-theft vault for KAS, open beta

Hey r/kaspa,

Covenants went live with Toccata on June 30 — so we built something real with them: Kaspa Safe, a non-custodial vault where the anti-theft rules live in the covenant script itself, not on anyone's server.

The idea in one paragraph. Every withdrawal from the vault starts with a delay you choose (presets 6h–14d, anything from 1 hour to 90 days). The destination address gets locked into the contract the moment the withdrawal starts. If it wasn't you, a separate alarm key cancels it and the coins snap back to the vault. A thief with your hot key gets nothing but a countdown they can't skip — and an alert fired at you the second they touch it.

For the technically curious:

- The vault is a covenant script on mainnet with three ways out: delayed withdrawal (hot key), cancel while the delay runs (alarm key), and optional inheritance. The delay is enforced by consensus, not by us — we verified on mainnet that an early complete gets rejected by the node.
- Keys are generated and transactions signed entirely in your browser (WASM). Our server never sees a private key; we physically cannot move funds.
- Optional dead-man switch: keep sending periodic "I'm alive" check-ins. Stop, and after your chosen period (up to 5 years) the vault opens to your heir — delivered automatically, or claimed with the heir's own key. The heir sees nothing until the timer runs out.
"And what if your site disappears?" The vault doesn't need us to exist. There's an open-source CLI, vaultctl, that does everything the site does — status / withdraw / cancel / check-in / inherit — from a terminal against any Kaspa v2+ node running with --utxoindex. Code: github.com/pcdoctormsk-ctrl/kaspa-safe (grab a ZIP and you don't even depend on GitHub). Recovery guide: safe.officeforge.co/recover.html — and you can watch any vault with zero trust in us by pasting its address into an explorer.
Cost: on-chain operations are free forever — you pay the Kaspa network fee (fractions of a KAS). Optional Telegram alerts ("a withdrawal just started — here's the cancel link") are 100 KAS/year, first 30 days free. The vault works fine without them.
Honest beta disclaimer. The contract passed our full on-chain test cycle plus adversarial testing, and the code is open — but there has been no external audit yet. Please don't store more than you'd trust to a beta; our own suggested cap is 5,000 KAS. Treat it as something to poke at, not as your life savings. Also: this is plain KAS in a covenant script — no token, no bridge, nothing to buy.
Full transparency on who "we" are: Kaspa Safe was built end-to-end by our AI dev office (OfficeForge) as a live demo of what it ships — humans set the goals and did the reviews, agents wrote the code. Happy to answer questions about that part too. Try it: https://safe.officeforge.co/ . Break it, question the script design, tell us what's missing — that's exactly what this beta is for. I'll be in the comments; bugs and feedback also welcome at sales@officeforge.co.

TL;DR: non-custodial covenant vault for KAS on mainnet. Withdrawals wait out your delay; a theft gets cancelled with a second key; optional on-chain inheritance. Keys never leave your browser, open-source offline recovery, free on-chain. Unaudited beta — start small.

u/Zilliqant — 1 day ago