System Assurances,
F**K YOU.
Deterministic Wallet Coverage for the Onchain Economy
SAFU is a smart contract protocol that pays out when your wallet gets drained. No committee, no vote, same inputs produce the same output every time.
Abstract
Every year, billions in crypto are drained from wallets through phishing attacks, stolen keys, and other hacks. The protocols designed to cover these losses require a committee to vote on your claim. Your payout depends on whether strangers with governance tokens believe you.
SAFU removes the vote. The same event always produces the same payout calculation. When a drain is verified, a 7-day cooldown starts, then a 45-day payout stream begins. No committee, no quorum, no waiting room.
Stakers deposit any amount between 0.01 and 0.75 ETH to secure wallet coverage with no lock period. Coverage scales proportionally — up to 15x the staked amount. Stakers earn SAFU points while staked, convertible to SAFU tokens at network launch in Q1 2027.
This document describes how the protocol works, how the economics hold, and where it is heading.
The Problem
Wallet-level drain is the most consistent attack surface in crypto. Phishing attacks, stolen keys, and malicious approvals collectively account for billions in annual losses. Existing smart contract coverage products protect against code failures, not these. Wallet drains fall through every existing coverage category.
Existing protocols don't cover this
Nexus Mutual, InsurAce, and Sherlock cover smart contract bugs, which are protocol-level failures where code behaves unexpectedly. A wallet drain is a different event entirely, and none of these protocols pay out on it.
For the protocols that do attempt wallet-level coverage, every claim goes to a vote. Your payout depends on DAO participation rates you didn't choose. The result is slow, unpredictable, and discretionary.
The agent gap
AI agents managing capital on hot wallets cannot exercise human judgment. Coverage for these wallets is not optional. It is a runtime dependency, the same way gas is. No existing product serves this segment. SAFU builds the API that does.
What SAFU Is
SAFU is a protocol that pays out when your wallet gets drained. The payout is calculated by code, and the same drain event always produces the same result, so there is nothing to argue about and no one to petition.
The protocol runs a fraud scanner against every submitted transaction hash. The scanner scores the transaction for drain patterns: sweep completeness, receiver classification, automation signals. That score, combined with the staker's tier and policy terms, produces one output: an entitlement amount, or a rejection reason.
The same drain event always produces the same payout calculation, every time. The calculation is the decision, and neither a vote nor a governance proposal can change it.
What this means for AI agents
An agent submits a transaction hash to the SAFU Verify API and receives a signed payout decision programmatically. No human in the loop on either side. Coverage becomes a runtime call, not a claims process.
| Conventional coverage | SAFU |
|---|---|
| File a claim | Payout activates automatically |
| Human adjuster | Oracle + math |
| Governance vote | No vote |
| Waiting room | 45-day stream, starts in 7 days |
| Discretionary | Deterministic |
How It Works
A wallet stakes any amount between 0.01 and 0.75 ETH to enroll. Enrollment is permissionless — no oracle approval required. The wallet's tier is assessed at claim time, not at staking. Tier determines the coverage multiplier applied to the staked amount.
| Tier | Coverage multiplier | Max payout (0.75 ETH stake) | Wallet profile |
|---|---|---|---|
| A | 15x | 11.25 ETH | Clean history, low risk signals |
| B | 10x | 7.5 ETH | Mixed history, moderate signals |
| C | 5x | 3.75 ETH | Higher risk signals detected |
The staker sets a beneficiary address at enrollment. All payouts go to the beneficiary, never to the staked wallet. This protects the payout address from the same attack that triggered the claim.
Claim flow
Security
SAFUPool v8 is deployed at:
| Audit | Result | Date |
|---|---|---|
| Tier-1 Security Benchmark (ToB + OZ standards) | 0 critical, 0 high, 0 medium | June 2026 |
| Halmos Symbolic Execution (a16z) | 12 / 12 properties, zero counterexamples | June 2026 |
| Comprehensive security review | 0 critical, 0 high, 0 medium, 3 low (accepted) | June 2026 |
| Forge test suite | 75 / 75 tests pass | June 2026 |
Verified by symbolic execution
- Claiming permanently forfeits your stake, enforced on-chain by the contract itself
- Pool balance stays accurate when a claim is cancelled
- Once a claim is filed, the original stake cannot be withdrawn
- The two approval keys are always held by different addresses
- Contract ownership cannot be transferred to the co-approval address
- The contract never owes more than it holds in ETH
- Payouts above coverage limits are always blocked
- A cancelled claim can never release further payments
Oracle and wallet safety
The payout oracle signing key is held in AWS KMS (secp256k1, eu-north-1), isolated from the server runtime. All signed messages include the contract address and chain ID, which prevents replay attacks. A 2-of-2 override mechanism (owner + co-signer, separate keys) handles disputes without bypassing rate limits.
Staking sends ETH to the pool and grants no token approvals and no spending permissions. The contract cannot access any other asset in your wallet, before, during, or after staking.
Economic Model
The staking pool is ETH-only. Claims are paid from this pool. A dynamic outflow cap (5%/3%/1% per day by tier) and 45-day vesting period ensure no single event can drain it.
The initial deployment is a test pool designed to stress-test the system under real conditions. Coverage caps are small by design. Production economics require a larger pool and higher stake amounts, scoped for Q3 2026.
Revenue streams
Why stake?
Stakers provide the pool capital that makes coverage possible. In return: wallet-drain protection while staked, with the ability to withdraw anytime. SAFU points accrue at accelerating rates the longer you stay, and convert to SAFU tokens at network launch. Principal is returned when you withdraw if no claim is filed.
SAFU Points and Token
No token exists today. No token is being offered. This section describes the intended design, subject to legal review before implementation.
How points work
Every staker earns SAFU points proportional to their stake amount, at accelerating rates: (stake/0.75) × 100/day for the first 90 days, then 120, 150, and 200/day after a year. Points are non-transferable and accumulate across staking cycles.
When a claim is filed, 9,000 points are burned and any remainder is banked permanently. The payout flows normally. Stakers who withdraw without claiming retain all points and convert them to tokens at launch.
Tokens and payouts are mutually exclusive
A staker either files a claim and gets the payout (burning their points), or holds to full term and gets their tokens (principal returned). There is no path to collecting both. This removes the moral hazard present in most DeFi token designs.
What the token does
Why the token is not a security
Coverage is the primary product. The token is a byproduct of honest participation in that product, not an investment in a profit-sharing enterprise. You stake to get wallet protection. At launch, accumulated points convert to tokens that give you a voice in how the protocol runs.
There is no ICO, no presale, no token being sold. Tokens only reach wallets that provided coverage capacity and did not extract from the pool. Tokenomics, supply, and allocation are Q4 2026 work, subject to full legal review.
Roadmap
Legal
SAFU is not a financial product, insurance product, or investment contract. The protocol provides a deterministic verification service. Coverage depends on fraud scanner output and verification pipeline evaluation. No payout is guaranteed.
SAFU tokens, when issued, are utility tokens. They confer governance rights and access to protocol functions. They are not securities under any jurisdiction. This assertion does not constitute legal advice.
This whitepaper is for informational purposes only. Nothing in it constitutes a solicitation, offer, or commitment to enter any transaction.
Protocol operates under BUSL-1.1 license. Source: github.com/mrkanchwala/safu-protocol ↗
SAFU — System Assurances, F**k You. ·
safustaking.com ·
GitHub ↗ ·
Etherscan ↗
Version 0.1 — June 2026. Subject to revision.