How it works

Six steps. No mystery.

From portfolio to independent verification. Every step is logged, signed, and reproducible.

1
STEP 01 — PORTFOLIO

Create a portfolio.

A portfolio groups bitcoin addresses that belong on the same attestation: by entity, by purpose, by storage. Business, personal, trust, hot wallet, cold storage. CPAs run dozens for clients; an individual may have one or two.

WHOOwner
PORTFOLIOS
Astor Holdings
Corporate treasury · Q1 2026
3 addr
Personal — cold
Long-term BTC, hardware
2 addr
Family trust
Generational holdings
1 addr
+ New portfolio
2
STEP 02 — ADDRESSES

Add the addresses.

Pull in every address holding the assets, from any wallet — Coldcard, Trezor, Sparrow, Bitcoin Core, Electrum, Ledger. Mix wallet types as needed. Keystodian doesn't care which wallet, only that the owner can prove control.

WHOOwner
ASTOR HOLDINGS · 3 ADDRESSES
bc1q4hd…vx2
Native SegWitCold storage
bc1qm5p…l8a
Native SegWitHot wallet
3FZbgi9…85fT
SegWitDaily ops
+ Add addressANY WALLET · COLDCARD · TREZOR · SPARROW
3
STEP 03 — SIGNATURE

The owner signs a challenge.

For every address, the owner signs a unique single-use challenge with the private key (BIP-137). The signature is the proof — it cryptographically demonstrates the owner controls the addresses holding the assets. We never see the key. When every address is signed, the owner clicks Request attestation.

WHOOwner
SIGNATURE CHALLENGE
$ Sign this exact phrase with the address that controls bc1q4...x2:
keystodian-attest::astor-2026-q1::nonce-7H4M9PQR::ts-1714138942
signature accepted · BIP-137 verified
4
STEP 04 — VERIFICATION

We read the chain.

Keystodian verifies every signature against its address, then reads each address's balance at a specific block height. We snapshot block, timestamp, and the price source we used. Every operation is logged with a SHA-256 chain.

WHOKeystodian
READING THE CHAIN
Block 887,234
bc1q4...x21.84210 ₿
bc1qm...8a0.50100 ₿
bc1q9...kf0.07060 ₿
Total2.41370 ₿
5
STEP 05 — ATTESTATION

We sign the document.

A PDF is generated — branded if the firm has white-label enabled — containing the verified holdings, the block reference, the price source, and a verify code. The firm reviews and releases it. The document includes our independence affirmation.

WHOKeystodian + Firm
Keystodian
BLK 887,234
Independent attestation of bitcoin holdings
CLIENT: ASTOR ADVISORY GROUP · PORTFOLIO 2026-Q1
Confirmed holdings
2.41370 ₿ · $164,832 USD
addresses3 · all signed
block height887,234
price sourceCoinGecko @ block ts
sha-256a3f4…7e91
VERIFY · keystodian.capital/vKYS-7H4M-9PQR
VERIFIED
BIP-137
6
STEP 06 — INDEPENDENT VERIFICATION

Anyone can re-verify.

The recipient — a banker, an underwriter, a court clerk — visits keystodian.capital/verify, enters the verify code and passphrase, and re-runs the check against the chain. The document is independently verifiable. Trust is in the math, not in us.

WHORecipient
VERIFY · NO LOGIN
VERIFY CODE
KYS-7H4M-9PQR
PASSPHRASE
•••• •••• ••••
Re-verify against the chain →
Document contents match block 887,234.
Why this works

The recipient doesn’t have to trust us.

Most attestations ask the reader to take someone’s word for it. This one doesn’t. The math behind the document is reproducible — and anyone, with no account and no payment, can re-run the check at any time.

A notary, but with math

A notary verifies a signature against an ID. Keystodian verifies a signature against a blockchain. Same idea — better evidence.

No account required to verify

A banker, an underwriter, a judge — anyone can re-check the document at the verify portal with the code on the PDF. No login wall.

It still works without us

The document references public records on the bitcoin chain. If Keystodian disappeared tomorrow, the proof underneath the document doesn’t.

Ready to see it in action?

Start with ProWatch the 90s demo