Chialisp Guide Pt 9: Vaults & Recovery Patterns

9 min read

Chialisp vault tutorial showing two-key security system with spend and recovery keys on blockchain network

Key Takeaways

  • Chialisp vaults use a two-key system (spend key + recovery key) instead of single-key custody, dramatically improving security for blockchain developers
  • Recovery timers (clawback periods) give you 48-72 hours to cancel unauthorized recovery attempts, protecting your assets even if a recovery key is stolen
  • Unlike Ethereum’s infinite approval system, Chialisp vaults require explicit conditions for every spend, eliminating standing approval vulnerabilities
  • Multi-signature vault configurations (like 3-of-5) prevent single-point-of-failure attacks by requiring multiple signers for transactions
  • Rekeying allows you to replace compromised vault keys without moving funds to a new address, maintaining continuity and security

Chialisp vaults are self-custody smart contracts that enforce spending policies and recovery mechanisms directly on-chain. Unlike traditional single-key wallets where losing your private key means permanent loss, vaults give developers the tools to build recovery systems, time-locked protection, and multi-signature authorization into the coin’s puzzle itself.

What Are Chialisp Vaults?

Imagine you’re building a crypto wallet, but instead of trusting a single key to protect everything, you create a smart contract that requires multiple keys, enforces waiting periods for sensitive operations, and gives users a safety net if something goes wrong. That’s exactly what Chialisp vaults do.

A vault is a Chialisp puzzle that wraps around your coins and adds extra security layers. Think of it like a bank safety deposit box that needs two different keys to open, plus a manager who can verify your identity if you lose one key. The difference? Everything happens on the blockchain through code you write, with no third party controlling your assets.

The Chia Cloud Wallet, which launched in early access on June 25, 2025 and moved to general release on October 29, 2025, uses vaults as its foundation for secure asset custody.1 According to Chia’s documentation, vaults represent a fundamental shift from traditional wallet architecture by storing assets in smart contracts with programmatic spending rules rather than simple key-controlled addresses.2

How Vaults Differ from Standard Wallets

Traditional Chia wallets use a single BLS key to control coins. If that key is lost or stolen, your funds are gone—no exceptions, no recovery. This works fine for small amounts, but it’s terrifying for serious holdings.

Vaults flip this model by using multiple keys with different roles. Your spend key handles everyday transactions, while your recovery key acts as a backup that can only be used to regain access—not to steal funds immediately. This separation of powers creates a security system that’s both flexible and resilient.

Brandon Haggstrom, a Chia developer who works at Chia Network Inc, explains the fundamental problem vaults solve in his technical blog: “If you lose the seed phrase, there’s no way to sign transactions to spend your coins, so they’re effectively lost forever. However, that introduces the second problem, which is that if anyone ever gets access your seed phrase they could immediately spend all of your coins without restriction.”3 Vaults address both issues simultaneously.

Core Vault Components

When you build a Chialisp vault, you’re essentially creating a puzzle with three essential elements working together. Let’s break down each component so you understand how they interact and why each one matters for your vault’s security.

Spend Key vs Recovery Key

The spend key is your primary tool for daily operations. It’s typically stored as a hardware-backed key using the Chia Signer app (which turns your smartphone’s Secure Enclave into a hardware wallet) or as a passkey for convenience.4 When you want to send XCH, create offers, or interact with DeFi protocols, you use this key to authorize the transaction.

The recovery key lives separately—often as a 24-word mnemonic or a second hardware device stored in a safe location. This key has one job: help you regain access if your spend key is lost or damaged. The clever part? The recovery key can’t immediately steal your funds even if it’s compromised. This temporal separation between “access to recovery” and “access to funds” is what makes vaults so powerful.

In your Chialisp code, you’ll curry these keys into the vault puzzle at creation time. The puzzle checks which key is being used and enforces different rules based on that. A spend operation requires the spend key signature, while a recovery operation needs the recovery key plus patience.

Recovery Timer (Clawback Mechanism)

Here’s where vaults get really interesting for developers. When someone initiates a recovery using the recovery key, the vault doesn’t immediately transfer control. Instead, it starts a countdown timer—typically 48 to 72 hours, though this timelock duration is fully configurable by the vault creator—during which the vault’s coins are locked but not lost.2

During this clawback period, the legitimate owner (using their spend key) can cancel the recovery and rekey the vault with new credentials. This window exists because if an attacker steals your recovery key, they’ll likely try to use it immediately. The watchtower service monitors the blockchain for recovery attempts and emails you when one starts, giving you time to react.

From a coding perspective, this means your vault puzzle needs to track time using block heights or timestamps, check whether a recovery is in progress, and enforce different spending rules depending on the vault’s state. The Chia blockchain’s coin model makes this elegant—each state transition creates a new coin with updated conditions.

Transaction Clawback Feature

Beyond recovery protection, Chialisp supports transaction clawback—a feature that lets senders “pull back” funds sent to the wrong address, provided the recipient hasn’t finalized the transaction yet. This is particularly useful for institutional use cases or high-value transfers where mistakes can be catastrophic.5

The Chia Cloud Wallet’s Clawback 2.0 implementation (released November 2025 with the general release) adds sender-controlled finalization.6 This means you can create a transaction with a clawback period, then end it early once you verify the recipient received it correctly. It’s like writing a check with a “void after” date, except the sender can choose to cash it immediately if everything checks out.

Key Security Features

Chialisp vaults bring several security advantages that directly address vulnerabilities found in other blockchain ecosystems. Let’s explore the features that make vaults the gold standard for on-chain asset protection in 2026.

No Infinite Approvals

If you’ve developed on Ethereum, you know the pain of infinite approvals. Users grant a smart contract permission to spend unlimited tokens from their wallet, and that approval stays active until explicitly revoked. Attackers exploit this constantly—if a contract gets hacked or behaves maliciously, it can drain approved wallets even months later.

Chialisp vaults eliminate this entire attack vector. There are no standing approvals because every spend must explicitly satisfy the vault’s puzzle conditions at the moment of execution. From a developer perspective, this means your vault puzzle evaluates spending conditions fresh for every transaction. The puzzle sees the current state, checks signatures, verifies time locks, and only proceeds if all conditions pass right now. No lingering permissions, no forgotten authorizations—just clean, deterministic execution.

Multi-Signature Support

Multi-signature configurations transform vaults from personal security tools into enterprise-grade custody solutions. Instead of a single key controlling your vault, you can require M-of-N signers—for example, 3 out of 5 authorized keys must sign before a transaction proceeds.3

The implementation uses merkle trees as an optimization technique. Rather than revealing every possible spending path on-chain (which would be expensive and leak privacy), only the path being used gets revealed. If your 3-of-5 vault has Alice, Bob, and Carol signing this transaction, the blockchain only sees proof that these three are in the allowed set—it doesn’t expose Dave and Eve’s public keys unnecessarily.

This architecture is powerful for several scenarios developers encounter: DAOs managing treasury funds can require majority approval; families can share custody with 2-of-3 protection; and businesses can prevent rogue employees from unilateral transfers. As Brandon Haggstrom notes, multi-sig solves “the ‘wrench attack’ where a single person can be threatened into performing a transaction, since you require multiple people to sign off on it.”3

Rekeying Without Moving Funds

One of the most elegant features of Chialisp vaults is the ability to replace keys without changing the vault’s on-chain address or moving funds. This might seem like a small detail, but it has massive implications for operational security and user experience.

Traditional wallets force you to transfer all funds to a new address when you want to change keys. This is expensive (transaction fees), risky (during the transfer), and breaks continuity (your public address changes, affecting payment links and reputation systems).

Vaults handle rekeying by updating the vault’s inner puzzle parameters without spending the coins themselves. You create a transaction that proves you control the current keys, specify new key values, and the vault transitions to its new configuration. The vault’s singleton ID stays constant, maintaining its identity across key rotations.

This is particularly valuable for developers building services where addresses need to remain stable—subscription payments, streaming services, recurring donations, or any scenario where changing your address would break integrations with other systems.

Building Your First Vault in Chialisp

Now that you understand vault concepts, let’s walk through building a basic vault puzzle. This example creates a two-key vault with recovery capabilities, giving you a foundation to build more complex custody systems.

Setting Up the Puzzle Structure

A vault puzzle typically follows a layered architecture. The outermost layer checks which operation you’re performing (spend or recover), the middle layer enforces timing and signature requirements, and the innermost layer handles the actual coin creation.

Here’s the conceptual structure in Chialisp pseudocode:

(mod (
    SPEND_PUBKEY
    RECOVERY_PUBKEY  
    RECOVERY_TIMELOCK
    inner_puzzle_hash
    mode  ; 0 = spend, 1 = recover
    solution
)
    (if (= mode 0)
        ; Spend mode: require spend key signature
        (spend_with_key SPEND_PUBKEY solution)
        ; Recovery mode: require recovery key + timelock
        (recover_with_delay RECOVERY_PUBKEY RECOVERY_TIMELOCK solution)
    )
)

You’ll curry the public keys, timelock duration, and inner puzzle hash into the vault when you create it. These become constants baked into the puzzle, making them unchangeable unless you explicitly rekey the vault.

Implementing Recovery Logic

The recovery function needs to verify several conditions before allowing access. First, it confirms the signature comes from the recovery key. Second, it checks whether sufficient time has passed since recovery initiation. Third, it ensures the coin isn’t already being spent through normal means.

The timing component is crucial. Chialisp doesn’t have a built-in clock, so you use assertions about block height or timestamp. When recovery starts, the vault creates a new coin with an assertion like “this coin can only be spent after block 2,500,000.” The blockchain enforces this automatically—any attempt to spend before that height fails validation.

During the waiting period, the legitimate owner can use their spend key to cancel recovery and rekey the vault.3 This creates a new coin with updated keys, effectively invalidating the recovery attempt. The old coin gets spent (canceling recovery), and the new vault coin has fresh credentials the attacker doesn’t know.

Testing Clawback Scenarios

Before deploying vault code to mainnet, you need to test recovery scenarios thoroughly. The Chia simulator environment lets you create test coins, advance block height artificially, and verify your puzzle behaves correctly under different conditions.

Your test suite should cover at least these scenarios: successful spend with the spend key, recovery initiation with the recovery key, recovery cancellation during the timelock period, recovery completion after the timelock expires, and attempted recovery cancellation after the window closes (should fail).

Pay special attention to edge cases around the timelock boundary. What happens if someone tries to spend exactly at the block where timelock expires? Does your puzzle handle both spend and recovery attempts in the same block correctly? These details matter because attackers will probe them.

Real-World Vault Applications

Vaults aren’t just theoretical—developers and institutions are using them today for production applications. Let’s look at how vault patterns solve real custody challenges.

The Chia Cloud Wallet serves as the primary example of vaults in action. Launched in early access on June 25, 2025 and moving to general release on October 29, 2025, it provides user-friendly vault creation with presets like “Daily Spending” (1-of-2 with clawback).1,7 According to Chia Network’s October 2025 roadmap announcement, the upcoming Pro tier will include multi-signature vaults, bulk payment processing, and token management—all built on the same vault infrastructure developers can access through Chialisp.1

As of early 2024, Chia Network had engaged in exploratory discussions with financial institutions regarding vault technology for institutional custody solutions. In a February 2024 AMA, representatives discussed potential partnerships where banks could serve as “agents of last resort” for vault recovery, as well as exploring possibilities for replacing interbank payment networks.8 The current implementation status of these discussions as of January 2026 is not publicly documented.

The World Bank’s Climate Warehouse project selected Chia Network in 2021 to develop blockchain infrastructure for carbon credit tracking.9 This partnership, which moved to operational status with the Climate Action Data Trust launch in December 2022, demonstrated institutional confidence in Chialisp’s capabilities for secure, transparent data management—though the project focuses on data integrity rather than cryptocurrency custody per se.

Developers building DeFi protocols on Chia incorporate vault patterns for protocol-owned liquidity and treasury management. As of 2024, the Chia ecosystem included decentralized exchanges such as Dexie and TibetSwap, which were designed to leverage vault security for trading operations without the approval vulnerabilities common to account-based DEXs.8

Conclusion

Chialisp vaults represent a fundamental improvement in cryptocurrency custody by moving security logic on-chain where it can be audited, tested, and guaranteed by the blockchain itself. As a developer, understanding vault patterns gives you the tools to build applications with institutional-grade security without sacrificing decentralization or self-custody principles.

The techniques you’ve learned here—two-key systems, recovery timelocks, multi-signature configurations, and in-place rekeying—form the foundation for advanced Chialisp development. Whether you’re building wallets, DeFi protocols, or enterprise custody solutions, vaults provide the security framework that protects users while maintaining the permissionless, trustless properties that make blockchain technology valuable.

Start experimenting with basic vault puzzles in the Chia simulator, then progressively add features as you understand the security implications of each design choice. The Chia ecosystem’s vault infrastructure is still evolving, meaning there’s tremendous opportunity for developers who master these patterns early to shape the future of on-chain custody.

Chialisp Vaults FAQs

What makes Chialisp vaults more secure than traditional crypto wallets?

Chialisp vaults use a two-key system where your spend key handles daily transactions while a separate recovery key provides backup access with time delays. If someone steals your recovery key, they cannot immediately drain your funds—they must wait 48-72 hours (or your configured timelock period) while you’re notified and can cancel the recovery attempt, giving you time to secure your assets.

Can I create a Chialisp vault without using the Chia Cloud Wallet?

Yes, you can write custom vault puzzles in Chialisp using Chia Dev Tools and deploy them directly to the blockchain. The Cloud Wallet provides user-friendly vault creation, but developers have full access to build custom vault logic with unique spending conditions, multi-signature requirements, or specialized recovery mechanisms.

How do Chialisp vaults prevent the infinite approval attacks common on Ethereum?

Chialisp vaults require explicit puzzle satisfaction for every spend rather than granting standing approvals. Each transaction must meet the vault’s conditions at execution time, so there are no lingering permissions for attackers to exploit—unlike Ethereum where approved contracts can drain wallets even after deployment.

What happens if I lose both my spend key and recovery key for a Chialisp vault?

If both keys are lost, the funds in the vault become inaccessible with no recovery option, similar to losing a traditional wallet’s private key. This is why proper key management is critical—store your recovery key separately from your spend key, ideally in a secure offline location.

Can Chialisp vault configurations be changed after deployment?

Yes, through a process called rekeying where the vault’s keys can be replaced without moving funds to a new address. The vault creates a new coin with updated key parameters while maintaining the same singleton identity, allowing credential rotation without breaking payment links or losing transaction history.

Chialisp Vaults Citations

  1. Chia Network. (2025, October 29). “Chia Cloud Wallet: Now in General Release.” https://www.chia.net/2025/10/29/chia-cloud-wallet-now-in-general-release/
  2. Chia Network. (n.d.). “FAQ | Chia Documentation.” https://docs.chia.net/cloud-wallet/faq/
  3. Haggstrom, Brandon. (2025, January 31). “Advanced custody on Chia with vaults.” https://blog.rigidity.dev/p/advanced-custody-on-chia-with-vaults
  4. Chia Network. (2025, September 4). “Secure Digital Asset Management Made Simple: The Chia Cloud Wallet.” https://www.chia.net/2025/09/04/secure-digital-asset-management-made-simple-the-chia-cloud-wallet/
  5. CoinMarketCap. (n.d.). “What Is Chia (XCH) And How Does It Work?” https://coinmarketcap.com/cmc-ai/chia-network/what-is/
  6. Chia Network. (2025, November 17). “Chia Cloud Wallet FAQs.” https://www.chia.net/2025/11/11/chia-cloud-wallet-faqs/
  7. Chia Network. (2025, June 25). “Chia Cloud Wallet Early Access Release.” https://www.chia.net/2025/06/25/chia-cloud-wallet-early-access-release/
  8. XCH.today. (2024, February 11). “Chia in China Year of the Dragon AMA with Bram Cohen and Gene Hoffman.” https://xch.today/2024/02/10/chia-in-china-year-of-the-dragon-ama-with-bram-cohen-and-gene-hoffman/
  9. CoinDesk. (2021, November 5). “Chia Network to Develop Prototype for World Bank’s Climate Warehouse.” https://www.coindesk.com/business/2021/11/05/chia-network-to-develop-prototype-for-world-banks-climate-warehouse
«

Chialisp Guide Pt 7: Offer-to-Claim Flows & Safety

Chris A
Feb 2, 2026 11 min read

Chialisp Guide Pt 6: Chia Offers 101 Build, Sign,…

Chris A
Feb 1, 2026 8 min read

Chialisp Guide Pt 5: CATs: Design and Mint

Chris A
Jan 31, 2026 9 min read