Most crypto services solve trust with a promise: *we hold your funds, and we promise to behave.* Kaspa Forge takes the opposite route. It's a toolbench of three services — a theft-resistant vault, an escrow whose arbiter physically cannot run off with the money, and a marketplace built on top of that escrow — where the rules are enforced by the Kaspa blockchain itself, not by us. Private keys never leave your browser. This article walks through what's in the box, why Kaspa's tech makes it possible, and what "decentralized" means here in practice, not as a slogan.
Kaspa Forge (kaspaforge.org) is a suite of non-custodial services on the Kaspa blockchain: Safe — a vault with a cancellation window against theft, Escrow — a deal guarantor constrained by an on-chain covenant, and a Marketplace where every purchase settles through that escrow.
One desk, one key file
Everything starts at the Desk — a single dashboard for your wallet, vaults, deals, listings and encrypted chats. There is no signup, no email, no KYC: opening the Desk creates an encrypted profile right in your browser, protected by a password you choose. That profile — the master key file — holds every private key you'll ever use across Kaspa Forge.
The part worth pausing on: the key file contains a master seed, and the keys of every future vault, deal or listing are *derived* from it. Export your backup once, and it covers things you create later — import an old .age file on a new device and the Desk automatically re-discovers your vaults, deals and listings from the server, deriving the private keys locally. One backup, forever.
A few quality-of-life consequences of that design:
- Fresh receiving addresses in one click — old addresses keep working, and a permanent "collect" button sweeps their coins to the current one whenever anything lands there.
- "Erase from device" — used the Desk in an internet café? One button wipes the key file from that browser completely; your backup restores everything at home.
- An offline decryptor — a single downloadable HTML file that opens your backup with zero network requests and shows every key inside. Even if kaspaforge.org vanished tomorrow, your coins wouldn't notice.
Kaspa Safe: theft gets a countdown
A normal wallet has one failure mode: whoever holds the key, owns the coins. A vault changes the physics. Coins in a Kaspa Safe are locked by an on-chain covenant with two keys and a timer:
- Any withdrawal — yours or a thief's — must first sit out a cancel window you chose at creation (hours to days).
- During that window, your separate alarm key can yank the coins straight back into the vault.
- The contract also supports check-ins and inheritance: stop confirming "I'm alive" for a period you define, and the vault opens to your heir — automatically, or claimable with the heir's own key.
The practical effect: stealing your hot key is no longer enough. A thief starts a withdrawal, your Telegram alert fires, and you cancel from any device — the alarm key is already inside your key file, so on your own machine it's literally one password away.
Kaspa Escrow: an arbiter who can't steal
Classic escrow asks you to trust the middleman twice — to judge fairly *and* not to disappear with the pot. Kaspa Escrow removes the second trust entirely. The deal's funds sit in a covenant that admits exactly three outcomes: pay the buyer, pay the seller, or split between them. The arbiter signs verdicts, but the chain will not let the money go anywhere else — not to the arbiter, not to a "partner wallet", nowhere.
Around that core:
- End-to-end encrypted chat (Kasia protocol) with photo and file attachments — the server relays ciphertext it cannot read.
- An AI mediator drafts a verdict from both sides' evidence; a human arbiter reviews and signs. Disputes are the expensive path (2% vs 0.5% for a normal release) — the incentive points toward agreeing.
- Timeouts protect both sides: if everyone goes silent, the contract resolves by itself after the deadline. Nobody's money can be held hostage.
The Marketplace: strangers, minus the leap of faith
The marketplace is what escrow makes possible: listings from people you've never met, where clicking "buy" opens a proper escrow deal instead of a "send first, hope later" transfer. Physical goods with shipping-region terms, one-time services, repeatable services and in-stock items that re-list themselves after every funded deal. An AI moderator (text and photos) keeps spam and prohibited goods off the storefront, and a pre-purchase encrypted chat lets you question the seller before any money moves.
Why Kaspa, specifically
None of the above needs a token, a sidechain or a federation — and that's the point. Two properties of Kaspa carry the whole design:
- Speed with real finality. Kaspa's BlockDAG (GHOSTDAG) produces ~10 blocks per second, so a vault deposit, an escrow funding or a marketplace payment confirms in seconds with fees measured in fractions of a cent. An escrow that took 30 minutes per step would be unusable; on Kaspa the full deal loop feels like a chat.
- Covenants. Kaspa's script layer lets a coin carry *rules about its own future* — "this UTXO may only move after N ticks", "only to the buyer or the seller". The Safe's cancel window and the Escrow's arbiter constraint aren't backend logic we run; they're conditions the network itself verifies. Our server could be hacked, seized or simply gone — the rules would hold, because they live in the chain.
That's the honest meaning of "decentralized use" here: the service is convenient *while we're around* and survivable *if we're not*.
Trust-minimized, verifiably
- Open source. The covenant contracts, the recovery CLI (
vaultctl) and the web frontend are published on GitHub — clone the repo and you depend on neither our site nor GitHub itself. - Offline recovery.
vaultctlperforms every vault operation from a terminal against any Kaspa node with--utxoindex. The offline key-file decryptor needs no network at all. - Standard formats. The key file is ordinary age encryption —
age -d keyfile.ageworks as a fallback on any machine. - The server knows only public data. Public keys, addresses, signed transactions, ciphertext. Restore lookups require a derived owner token, so even existence checks can't be fished by strangers.
An honest word about beta
Kaspa Forge is an open beta. The contracts pass an extensive self-test suite inside the node VM, but an external audit is still ahead. Built-in guardrails reflect that: we suggest keeping vaults under 5,000 KAS, and escrow deals are capped between 50 and 10,000 KAS. Pricing is simple — 0.5% (min 1.2 KAS) on a released deal, 2% (min 5 KAS) if arbitration was needed, a free month then 100 KAS/year for a vault, and the Desk and marketplace are free.
One more thing worth knowing: Kaspa Forge is designed, coded, tested and shipped by the OfficeForge AI office — the same self-hosted AI team we sell as a product. This entire product line is its portfolio piece.
Forge your first vault, open an escrow deal or just poke around the marketplace — no signup, keys stay yours.
Open Kaspa ForgeFAQ
What is Kaspa Forge?
Kaspa Forge (kaspaforge.org) is a set of non-custodial services on the Kaspa blockchain — a theft-resistant vault (Safe), an escrow whose arbiter physically cannot steal the funds (Escrow), and a marketplace where every purchase runs through that escrow. All keys live in the user's browser, never on our servers.
What does "non-custodial" mean here?
Private keys are generated and stored only in your browser, inside an encrypted key file protected by your password. The server sees public keys and signed transactions — it cannot move your coins, and neither can we.
Why is it built on Kaspa specifically?
Kaspa's BlockDAG confirms transactions in seconds with negligible fees, and its script layer supports covenants — spending rules enforced by the chain itself. That's what lets the vault delay and the escrow's "pay only buyer or seller" rule exist as on-chain physics rather than service promises.
What happens if the Kaspa Forge website disappears?
Your coins are on the blockchain, not on our site. The contracts and recovery CLI (vaultctl) are open source on GitHub, an offline key-file decryptor extracts every private key from your backup with zero network requests, and the key file itself is standard age format readable by the ordinary age CLI.
How much does it cost?
Escrow charges 0.5% of the deal (minimum 1.2 KAS) on a normal release and 2% (minimum 5 KAS) if a dispute goes to arbitration. The Safe has a free month, then a flat 100 KAS per year. The marketplace and the Desk itself are free.
Is it audited?
The contracts are open source and covered by an extensive self-test suite, but an external audit is still ahead — Kaspa Forge is an open beta. We recommend keeping vaults under 5,000 KAS and deals within the built-in 50–10,000 KAS limits for now.
