§ Tool · validator

Bitcoin Watchtower — Cold-Storage Theft Alarm

Watch-only theft alarm for cold storage. Email the minute a watched Bitcoin address moves, plus weekly proof it hasn't. No account, no KYC.

Last updated · July 8, 2026

Cold storage doesn’t make a sound

You did the hard part — hardware wallet, seed stamped into steel, coins offline. Here is the part nobody mentions: if that seed ever leaks — a photo of the backup plate, a compromised passphrase, someone who found the safe — the blockchain will not call you. Coins move in silence, and most people discover the vault is empty the next time they open a wallet they haven’t touched in months.

The chain is public. Watching it needs none of your keys. Watchtower does exactly that one job: it watches your addresses and emails you the minute anything moves — and, just as important, sends a weekly “still untouched ✓” heartbeat, so that silence becomes information instead of hope.

How it works

  1. Point it at an address. Paste any Bitcoin address. Paid plans accept an xpub, derived into up to 50 addresses in your browser — the xpub itself never leaves it. There is no signup: a random manage token stored in your browser is the only credential.
  2. We watch the chain. Checks run about every 15 minutes on the free tier, about every 2 minutes on paid.
  3. You get told. Any movement triggers an email with the direction, the amount, and a link to the transaction. Paid plans raise the instant 🚨 OUTGOING alarm — the theft signal. And every week (plus a monthly proof report on paid) you get positive confirmation that nothing has moved.

Free vs. paid

FreePaid
Watches1 address1 xpub → up to 50 addresses, derived client-side
Check interval~15 minutes~2 minutes
Movement alertEmailEmail + instant 🚨 OUTGOING alarm
Proof of silenceWeekly “still untouched ✓” emailWeekly heartbeat + monthly proof report
Alert channelsEmailEmail today — Telegram & nostr soon
PriceFree7,000 sats / 30 days · 21,000 sats / 90 days (≈ $21) · 70,000 sats / 365 days

Paying is as identity-free as watching: a Lightning invoice, a prepaid period, no auto-renew, no card, no KYC, no account. When a plan lapses you simply drop back to free behaviour — nothing silently charges you.

What we store — and what we refuse to

This site’s whole editorial rule is don’t trust, verify — and a monitoring service is a trust ask. So here is the complete inventory of what Watchtower keeps:

Retention is deliberately short. Deleting a watch is an instant hard delete. Paid watches that lapse are warned, then purged about 30 days after expiry. Free watches nobody has visited in about 6 months get a warning on their alert channel, then purged. And the exit is built into the pricing itself: don’t trust us — don’t renew, and it stops.

The limits, stated plainly

FAQ

Can you steal my coins?

No — watch-only. We never see keys or seed, and an address alone moves nothing. On paid plans the xpub never leaves your browser; only the derived addresses reach the server, encrypted at rest.

What happens when it fires?

An email with the address, direction, amount, and a link to the transaction. Unconfirmed alerts get a confirmation follow-up. On paid plans an OUTGOING transaction — the theft signal — raises the instant alarm.

Why sats?

No card, no account, no KYC — and prepaid means no auto-renew. The day you stop trusting us, stop paying, and it stops.

What do you store?

Encrypted watched addresses and your alert email. That is the whole list, and deletion is an instant hard delete.

What about the gap limit?

Xpub coverage is a snapshot from your last visit — hand out fresh addresses, then come back and let it re-derive.

Keep the rest of your setup honest