Verify a vanity receipt

Paste the receipt from a three.ws provably-fair vanity wallet and prove, from first principles, that the key was generated fresh under a seed the server committed to before grinding — and that the operator could never have kept a copy. Everything runs in your browser. Your X25519 private key and the recovered secret never leave this page.

Optional: prove you hold the key (open the sealed envelope locally)

Private. This key is used only to decrypt the sealed secret right here in your browser, then verify that the key you recover is exactly the one the receipt describes. It is never sent anywhere.

Need a receipt? Grind a wallet →
Pinning against the live service key from /.well-known/three-vanity.json

What does this prove?

  1. The commitment opens. SHA-256(serverSeed) equals the value the server published before grinding — so it couldn't grind thousands of candidates and hand you the one whose key it kept.
  2. Neither side controlled the result. Your clientSeed was mixed into the seed, so the server couldn't have predicted the address at commit time.
  3. The address really derives from that seed at the claimed index — re-derived here with the same HMAC-SHA256 → Ed25519 derivation.
  4. It matches your pattern and the difficulty claim is the honest 58ⁿ model.
  5. three.ws signed it. The Ed25519 signature verifies against the service key pinned from the well-known document — not an impostor.
  6. (If you open the seal) the key you decrypt is byte-for-byte the key the receipt describes — you, and only you, hold it.

Protocol three-vanity/v1 · verify offline with the open-source CLI scripts/verify-vanity-receipt.mjs or the @three-ws/solana-agent SDK's verifyVanityReceipt(). View the service key →