On June 30, 2026, Kaspa's Toccata upgrade brought covenants to the mainnet — the ability for the base layer to enforce not just *who* can spend a coin, but *how* it can be spent. A week later, the OfficeForge AI office shipped the first consumer product built on them: Kaspa Safe, a non-custodial vault for KAS with a built-in anti-theft delay, optional inheritance, and Telegram alerts.
Two things make this launch worth writing about. First, the security model: a vault whose guarantees come directly from a proof-of-work L1, with no custodian, no bridge, and no separate token to trust. Second, how it was built — end to end by a team of AI agents, with the covenant contract audited by Claude Fable 5. Kaspa Safe is a real product you can use today, and it is also a live demonstration of what a self-hosted AI office can ship.
Built by an AI office, audited by AI
OfficeForge is a self-hosted "AI team in a box" — five role-based agents (a secretary, a coder, a researcher, a copywriter, a designer) working a shared task board alongside people. We build the product *on* the product: the office is its own testing ground. Kaspa Safe is the sharpest proof of that so far.
The coder agent wrote the covenant contract, the browser-side signing layer, and the watcher service. The researcher mapped the Toccata opcode set. The designer produced the brand and the vault UI. And before anything touched real coins, Claude Fable 5 audited the covenant logic — an adversarial review that tried to break every spending path: initiate a withdrawal without the hot key, complete one before the delay expires, redirect funds to a thief's address, claim an inheritance early, impersonate the heir. Every one of those attacks is rejected by the on-chain rules, and the whole cycle was then verified live on Kaspa mainnet with real KAS.
We'll be candid about what that audit is and isn't, further down. But the headline stands: an AI team designed, built, adversarially audited, and shipped a working on-chain vault — and you can inspect all of it.
Why covenants on an L1 PoW chain change the game
A covenant is a spending constraint attached to a coin: a rule, enforced by the network, about how that coin is allowed to move in future transactions. Ordinary outputs answer "who can spend this?" Covenants also answer "under what conditions?"
Most ways people try to protect crypto push the trust somewhere else. A custodial exchange holds your keys — you trust the company. A "smart contract vault" on an EVM chain runs in a complex virtual machine — you trust the contract code and its audit. A cross-chain bridge wraps your asset — you trust the bridge. Each layer you add is a layer that can fail.
Kaspa covenants remove those layers. The rules live in the coin itself and are enforced by the same proof-of-work consensus that secures every KAS transaction. That has concrete consequences:
- Security you already trust. The vault's guarantees are exactly as strong as Kaspa's L1. No new validator set, no multisig committee, no bridge operator. If a Kaspa transaction can't be forged, neither can an unauthorized withdrawal from your vault.
- Non-custodial by construction. Because the chain enforces the rules, no server needs to hold a key to make the vault work. Ours doesn't — it can watch your vault and send alerts, but it physically cannot move your coins.
- A smaller attack surface than smart contracts. Kaspa's UTXO covenants are narrow and introspective, not a general-purpose programmable VM. There's no reentrancy, no sprawling contract state, no upgradeable proxy to rug. The rules a vault enforces are few and legible.
- Fast enough to be usable. Kaspa produces ten blocks per second. A cancel window measured in hours has thousands of confirmations behind it, and an alert about a suspicious withdrawal reaches you in seconds — not the ten-minute-block cadence of older PoW chains.
- No token to buy, no L2 to enter. You hold KAS; the vault is KAS. There's no wrapper, no gas token on a foreign chain, no farming a governance coin to unlock a feature.
This is the quiet argument for building financial guardrails on a fast PoW L1: you get self-custody *and* programmable protection, without inheriting a new set of trust assumptions to get there.
What Kaspa Safe actually does
Covenants are the foundation. Here's what we built on top.
An anti-theft delay with an alarm key
This is the headline feature. Every withdrawal from a vault is a two-step move: it is initiated with your hot key, then it sits in a cancel window you chose at creation — six hours, a day, two days, a week, or a custom value — before it can complete.
During that window, a second key — the alarm key, which you store separately — can cancel the withdrawal and pull the funds straight back into the vault. So the nightmare scenario changes completely. A thief who phishes or extracts your hot key can *start* a withdrawal, but they can't finish it. You get a Telegram ping the moment it starts, and you have until the window closes to hit cancel with your alarm key. Theft becomes a race you're built to win, instead of an instant, irreversible loss.
Withdrawals that finish themselves
You don't want to babysit a withdrawal for two days. So completion is optional-automatic: set at creation, our watcher submits the final, signature-free completion transaction the moment your window closes, and the coins land at the address you locked in at the start. Because that final step is constrained by the covenant to pay only your chosen destination, the server can do it for you *without* holding any key. Non-custodial, but hands-free.
Inheritance without a lawyer
A vault can carry a dead-man's switch. Name an heir and an inactivity period (six, twelve, or twenty-four months, or a custom span). If you stop checking in for that long, the heir path opens. You decide at creation how it delivers:
- Automatic — the funds move to the heir on their own; the heir needs no key and no software.
- Manual — the heir actively claims with their own key; nothing moves until they do.
Any check-in or ordinary spend resets the clock, so inheritance only ever triggers if you genuinely go dark. It's estate planning enforced by math instead of paperwork.
Alerts, on your terms
Connect the vault to Telegram (@KasSafeBot) and you get a push the instant anything moves — funded, withdrawal started (with a cancel link), cancelled, completed. On-chain operations are always free; alerts are 25 KAS a year with the first month free. There's no custody fee, because there's nothing to custody.
Recovery that doesn't depend on us
Everything cryptographic happens in your browser tab. Your three keys are generated locally and written to a recovery sheet you download — the only copy. The vault lives on-chain, independent of our website. If safe.officeforge.co vanished tomorrow, you'd rebuild your vault address from the recovery sheet and move funds with the open-source vaultctl tool against any Kaspa node. We built the anti-panic recovery guide to say exactly that, in plain language, before you ever need it.
Kaspa Safe is live on Kaspa mainnet — a non-custodial vault with an anti-theft delay, optional inheritance, and Telegram alerts. Keys never leave your browser, and on-chain operations are free. Open beta, so keep amounts modest.
Open Kaspa Safe →The honest part about the audit
Because this holds real money, we won't overstate it. Claude Fable 5's audit was a genuine adversarial review of the covenant logic, backed by an automated suite of checks that assert every theft, early-completion, wrong-destination, and heir-impersonation attempt fails at the consensus level — and the full lifecycle was exercised on mainnet with real KAS. That's a real, reproducible bar, and higher than most beta crypto tooling clears.
It is also not a formal third-party human security audit, which remains on the roadmap. This is an open beta. The contract is open source precisely so it can be scrutinized. Our standing advice, which the app repeats: don't store more than you'd trust to a beta — we suggest a ceiling of about 5,000 KAS for now.
Being straight about that is part of the point. A vault product that oversells its own safety is a contradiction.
Why this launch matters beyond Kaspa Safe
Kaspa Safe is a useful thing on its own: self-custody with a real safety net, on a chain fast enough to make that net responsive. But it's also the clearest evidence yet of what OfficeForge is for. A team of AI agents — the same five roles any OfficeForge customer runs — took a week-old L1 primitive and turned it into a shipped, mainnet-verified product, brand and UI and recovery docs included, with an AI-run security audit in the loop.
If AI agents can build *this* to this bar, the question for your own business shifts from "can AI do real work?" to "what would you point a team like this at?" You can run the same self-hosted AI office that built Kaspa Safe.
And if you hold KAS, you can put some of it behind a delay today.
FAQ
Is Kaspa Safe custodial — do you hold my coins?
No. Kaspa Safe is fully non-custodial. Your keys are generated in your browser and never sent to us. The vault is a covenant on the Kaspa blockchain; our server only watches the chain and relays alerts. Even if our site disappeared, you could recover your funds offline with the open-source vaultctl tool and your recovery sheet.
What is the alarm key and how does it stop a theft?
Every withdrawal from a Kaspa Safe vault starts a delay window (you choose it — hours to days). During that window, anyone holding the alarm key can cancel the withdrawal and snap the funds back into the vault. So even if a thief steals your hot key, they can't move your coins instantly — you get a Telegram alert and time to cancel with your separately-stored alarm key.
What are covenants and why do they matter on Kaspa?
A covenant is a rule that constrains how a coin can be spent in the future — not just who can spend it. Kaspa's Toccata upgrade added covenants to its UTXO model, so the base layer itself can enforce a delay, a cancel path, and an inheritance path. No bridge, no second-layer contract, no custodian — the guarantees come straight from Kaspa's proof-of-work consensus.
How does inheritance work?
Optionally, you name an heir and an inactivity period. If you stop checking in for that long, the heir can claim the funds. You choose at creation whether delivery is automatic (funds go to the heir with no action needed) or manual (the heir claims with their own key). Any check-in or spend resets the timer, so it only triggers if you truly go silent.
What does it cost?
On-chain vault operations — funding, withdrawing, cancelling, inheritance — are free beyond Kaspa's tiny network fee. Optional Telegram alerts are 25 KAS per year, with the first 30 days free. There is no custody fee because there is no custody.
Is it audited and safe to use with large amounts?
The covenant contract was adversarially audited by Claude Fable 5 and ships with an automated test suite that rejects every theft, timing, and impersonation path, then validated live on mainnet. That said, this is an open beta and an AI audit is not a substitute for a formal third-party human audit, which is still ahead. Keep amounts modest for now — we suggest no more than about 5,000 KAS.
