From a locked wallet to recovered funds.
Follow one recovery from start to finish — onboarding, the safe extract, the crack across the fleet, and the single transaction that pays everyone at once. The cryptography is here too, a little further down.
From submission to recovered funds.
What happens between handing us a locked wallet and seeing your money land.
- 01
You submit your case
Tell us the wallet format and how you want to settle. Custodial: hand us the encrypted wallet and we handle everything. Non-custodial: keep the wallet on your own machine and send only a safe piece of it. Either way, you pay nothing unless we succeed.
- 02
We reduce it to a safe extract
Your wallet is turned into a check-only extract — a small scrap that can test passwords but can't move a coin. In custodial mode we make it inside the high-trust intake path; in non-custodial mode you make it locally and only the extract is ever sent. The fleet never sees the wallet, in either mode.
- 03
The work is signed and split
We put a tamper-proof signature on the extract and the tools, then cut the enormous password search into small batches. Every operator's machine can prove its work matches exactly what we signed — nothing else runs.
- 04
The fleet tests the guesses
Operators around the world run our agent on idle GPUs and CPUs. Each machine gets a batch of guesses to try against the extract — never your wallet. Different wallets favor different hardware.
- 05
Funds move in one signed transaction
The recovered balance leaves the wallet in a single signed transaction with three outputs — most to your new wallet, a share to the operator who found it, a share to us. It all happens at once, visible on-chain.
- 06
You're back in — and only now do you pay
Your funds land in a wallet you control. The 15% fee is taken only at this point, out of the recovered balance. If we had never found it, you would owe nothing.
Why the fleet can never steal — in either mode.
The whole network rests on one move: your wallet is reduced to a check-only extract before any work goes out. It carries just enough to recognize the right password, and nothing that can move money. That guarantee holds whether you choose custodial or non-custodial.
What a machine receives
Just enough to test passwords — nothing more.
- a small, scrambled piece of the wallet
- the settings needed to test a guess
- a way to recognize the right password
- the batch of guesses to try
What stays out of the fleet
Everything that can actually move the money.
- the private keys that hold the coins
- the full recovery seed
- the wallet's addresses
- anything that identifies the owner
GPUs and CPUs both pull their weight.
The agent benchmarks each machine and sends it only the work it runs fastest. Most wallets are GPU-friendly; a few are deliberately memory-hard and favor big CPUs.
Most wallets test passwords with fast, repetitive math — exactly what GPUs are built for. An RTX card rips through millions of guesses a second.
A few wallets — like Armory and Coinomi — use memory-heavy math where a high-RAM Threadripper or EPYC beats a GPU.
Everyone is paid in one signed transaction.
No middle account that collects and then disburses. On a confirmed recovery, the funds leave the wallet once, split three ways, and settle on-chain — so the operator and the platform can't be paid without you being paid too.
One signed transaction, three outputs
When the password is confirmed, the recovered balance moves in a single BTC transaction that pays all three parties at once — atomic and visible on-chain. Nobody is paid unless everybody is.
to you — the recovered balance less the 15% fee, sent to the receiving address you set.
to the operator whose hardware found the password, in the wallet's own coin.
to Distribrute, for infrastructure, KYC, and customer operations.
Custodial: Distribrute holds the recovered wallet just long enough to build, sign, and broadcast this transaction. Other chains settle to the same 15% → 85/10/5 split.
Distribrute signs the transaction.
You handed us the wallet, so on a confirmed hit we build, sign, and broadcast the three-output transaction — and your share lands at the address you gave us. The extract already meant the fleet could never touch your coins; here you additionally trust us to settle honestly.
You sign the transaction.
The wallet never left your machine — the extract was the only thing anyone ever saw, fleet and Distribrute alike. We prepare the same three-output transaction and you review and sign it locally. There is nothing on our side to steal, lose, or subpoena.
How it works, technically.
The same journey at the protocol level. Every step is built so that no single party — not an operator, not the coordinating backend — can both find a password and spend the wallet.
Every job is signed work
A hash of the extract is committed inside a manifest the Authorizer signs (Ed25519). The agent refuses to run anything whose bytes don't match the published extract format and that signature — so a real wallet can't be disguised as an extract and slipped to an operator.
The keyspace is leased in slices
The search is tiled into chunks, each leased to one worker for one job. Every chunk carries a signed work_units figure — the only work count settlement trusts, so a breached coordinator can't inflate an operator's credit.
A hit is sealed to the checker
The operator encrypts the winning candidate so that only an isolated verification step can read it (X25519 → HKDF-SHA256 → ChaCha20-Poly1305), bound to this exact job. The coordinating backend only ever relays that ciphertext — it never sees the password.
Only a signed confirmation counts
A separate verification step — walled off from the operators and from the coordinating backend — confirms the reported password is genuine and that the candidate really belonged to the batch it was assigned, then signs that confirmation (Ed25519). Settlement trusts only that signature, never an ordinary database row a breached server could forge.
Payout is one transaction
Custodial: Distribrute signs and broadcasts the sweep. Non-custodial: you sign a prepared transaction (a PSBT) locally. A signed evidence ledger records each operator's work; the three-output transaction is how that resolves into payment.
A candidate is sealed to one lease and one chunk
Each sealed candidate is authenticated against a string that pins it to the exact job it came from — so a compromised backend can't replay it onto a different lease to fish for a password it shouldn't have:
distribrute-candidate-v1|{manifest_id}|{chunk_id}|{lease_token}