Theft Shield

Theft Shield is Vigil's advanced protection system that uses pre-signed transactions to defend against Bitcoin theft attempts.

Overview

When someone steals your private keys or seed phrase, they typically broadcast a transaction to send your funds to their address. Theft Shield detects this transaction in the mempool and automatically broadcasts a higher-fee replacement transaction (RBF) to sweep your funds to a safe address you control.

┌──────────────────┐     ┌──────────────────┐     ┌──────────────────┐
│  Thief steals    │────▶│  Vigil detects   │────▶│  Theft Shield    │
│  your keys and   │     │  unauthorized    │     │  broadcasts      │
│  broadcasts tx   │     │  mempool tx      │     │  higher-fee RBF  │
└──────────────────┘     └──────────────────┘     └──────────────────┘
                                                           │
                                                           ▼
                                                  ┌──────────────────┐
                                                  │  Funds swept to  │
                                                  │  your safe       │
                                                  │  address         │
                                                  └──────────────────┘

How It Works

1. Pre-Authorization - You create and sign PSBTs (Partially Signed Bitcoin Transactions) that spend your funds to a safe address
2. Secure Storage - Vigil stores these signed PSBTs, ready to broadcast
3. Mempool Monitoring - We continuously watch for unauthorized transactions
4. Automatic Response - When a theft is detected, we broadcast your pre-signed transaction with a higher fee
5. RBF Competition - Your transaction replaces the attacker's in the mempool
6. Funds Secured - Your Bitcoin arrives at your safe address

Key Concepts

Replace-By-Fee (RBF)

RBF is a Bitcoin feature that allows replacing an unconfirmed transaction with a new one that pays higher fees. Miners prefer higher-fee transactions, so your replacement transaction is more likely to be confirmed.

Pre-Signed PSBTs

You sign transactions in advance that authorize moving your funds to a safe address. These transactions are only broadcast if a theft attempt is detected.

Fee Budgets

You specify how much you're willing to spend on fees to protect your Bitcoin. Higher budgets provide stronger protection against well-funded attackers.

Requirements

To enable Theft Shield:

• ✅ A wallet with UTXO monitoring enabled
• ✅ A safe address (P2WPKH format recommended)
• ✅ Hardware wallet or signing capability
• ✅ Ability to pay a non-refundable protection fee (from a separate wallet)

Availability depends on your subscription and the wallet network. See Account → Subscription in the app for current eligibility.

In This Section

• How It Works - Technical deep dive into the protection mechanism
• Setup Wizard - Step-by-step guide to enabling Theft Shield
• Fee Budgets - Understanding fee quotes and RBF rounds
• Signing PSBTs - Hardware wallet signing guide
• Safe Addresses - Choosing and configuring your safe address
• Whitelist - Trusted addresses configuration
• Monitoring - Enable/disable and status indicators
• Incidents - What happens during a theft attempt
• Troubleshooting - Common issues and solutions

---

Defense, Not Prevention

Theft Shield is a defense mechanism, not a prevention tool. It cannot stop an attacker from obtaining your keys—only from spending your funds once they do. Always follow security best practices for key storage.

Next: How It Works →