Atomic, sweeper-proof wallet rescue using EIP-7702. Open source. Runs locally. No fees, ever.
npm install -g @ophelios/kintsugi-cli
A sweeper bot now monitors the compromised address around the clock. The moment any ETH lands there to pay gas for a recovery transaction, the bot front-runs you and drains it in the same block. Tokens, NFTs, and ENS names sit visible but unreachable. Most rescues fail before they start.
Kintsugi removes the gas dependency entirely. The victim wallet never holds ETH at any point. A separate rescuer wallet pays for and submits the recovery in one atomic Type-4 transaction, transferring every selected asset out before the sweeper sees an opening.
You send ETH for gas
0.01 ETH lands in the compromised wallet.
The sweeper bot grabs it instantly
Front-runs in the same block. The 0.01 ETH is gone before you blink.
Your rescue transaction reverts
Out of gas. The transfers never run.
Your assets remain trapped.
Tokens, NFTs, and ENS names sit visible but unreachable. This is where Kintsugi steps in.
After a key compromise, attackers often install their own EIP-7702 delegation on your wallet, pointing it to an auto-drainer contract that triggers on any incoming funds, on any chain. Kintsugi's rescue uses the same primitive to overwrite their delegation, atomically, before our transaction does anything else.
Their move
AutoDrainer.
Any incoming ETH is auto-stolen in the same block. Across every chain the bot watches.
Our move
Rescue.
Rescue.executeBatch on your wallet.
Their drainer never executes. Assets transferred atomically to your safe wallet.
Newer EIP-7702 authorizations at the current nonce always win. That's the spec, not a workaround. Pair with --private-mempool when paranoia is warranted so the attacker can't even see our tx coming.
Drainer bots optimize for fast liquidation. They sweep ETH and the most liquid ERC-20s, ignore everything that takes effort to fence, and move on. The leftovers are often the most personally valuable holdings, but a working sweeper still blocks any normal recovery attempt.
ENS name
vitalik.eth
7-year hold · trapped
Your dot-eth identity, used everywhere for years, is rarely auto-drained — and typically the hardest to move once a sweeper is watching. Kintsugi handles unwrapped 2LDs, wrapped names, and subdomains in a single batch.
Illiquid NFT
BAYC #1234
ERC-721 · trapped
Long-tail collections, art, in-game items, memberships. Bots usually skip ERC-721 and ERC-1155 — resale path's too slow. They stay visible, recoverable by no one.
Low-cap token
$AAVE — gov
vested position · trapped
Reward tokens, governance positions, vested allocations — anything without a deep pool. Drainers ignore them, but you still can't reach them through a wallet the sweeper is gating.
EIP-7702 lets a victim wallet temporarily delegate execution to a battle-tested rescue contract. Combined with EIP-712 batch authorization, every selected asset moves to your safe wallet inside one atomic Type-4 transaction, paid for by a separate rescuer key.
You sign, locally.
EIP-7702 authorization + EIP-712 batch of transfers. Keys live in your local Node process only and are never written to disk.
Your rescuer submits one Type-4 tx.
A separate wallet you control pays the gas. Your authorization processes first, then it calls Rescue.executeBatch.
Every asset at your safe wallet.
Same block, atomic. The sweeper sees the tx land, finds the wallet empty, and moves on.
Balance never rose above zero.
No opening for a sweeper, because there was nothing to take. After, optionally clear the delegation with kintsugi revoke.
Kintsugi ships a free agent skill following the agentskills.io spec. Install it once and your favourite AI coding agent learns the three-wallet pattern, the ordering rules, and every gotcha. Then it walks you through a rescue in plain English.
Install the skill once:
npx skills add ophelios-studio/skills --skill kintsugi
Works with:
Same atomic flow under the hood, two surfaces to drive it. The web UI is launched from the CLI as a localhost server. The browser only sees session-bound addresses and signatures. Private keys never leave the local Node process.
# launch the guided localhost UI $ kintsugi ui # ...or do everything in the terminal $ kintsugi rescue # inspect a wallet read-only first $ kintsugi status 0xVictim... # after rescue, optionally clear delegation $ kintsugi revoke
A wallet rescue tool that charges money in the worst moment of someone's crypto life is a wallet rescue tool taking advantage of panic. We will not do that.
MIT-licensed. Public repository. Every line auditable, every contract verified.
No SaaS tier. No signup. No telemetry. Pay only your own gas.
No premium features behind a paywall. The whole tool is the whole tool.
0x53c1f40ca0a58942f9eb89d7fd445457a8521fd5
0x717883abfa58fa2bf0f9c2d5a132227253c47963
0x25b2e6fb74fe4a186f1b3f25b289439fcc80aaca
0x3dda6ee79963b73cbdba9a4664c880633e7a5087
Five minutes from install to assets safely in a fresh wallet. Plain language, no Solidity required.
Five-minute rescue FirstThe sweeper problem, EIP-7702 in plain English, the rescuer wallet pattern, why the rescue is atomic.
Read the concepts Auditor modeThreat model, what the rescuer can and cannot do, known limits, how to report a vulnerability.
Read the security docs