Frequently Asked Questions


Incident Response cases where there’s a financial loss (e.g. hack, theft, fraud, or scam):

Please email with a paragraph or two summarizing what happened, focusing on the facts (not theory, not your own investigation, etc.) and, most importantly, include the blockchain transactions. Make sure the transaction data is in a copy and pasteable format (ideally plaintext or otherwise a csv file) — we can’t copy and paste data from screenshots. — without the transaction(s), we can’t do a preliminary analysis, can’t advise if it’s a viable case for us to engage on, and can’t provide a retainer estimate.

Typically 100k USD. Valuation is done at time of loss — so if, for example, it’s a 25 ETH scam from 2019, odds are, it’s not going to be something we’ll take. There are certain types of cases we won’t take on unless the loss is higher (e.g. DeFi Rugpulls). It’s very rare for us to be willing to take on a case lower than 100k USD, but there are some situations where it could be viable for losses $50K+ or lesser; contact us and we will let you know either way.

CipherBlade is an investigative agency, not a recovery agency. We investigate and produce intelligence. Typically, this information is then passed to law enforcement in your jurisdiction. This may or may not lead to recovery with the help of law enforcement (partial recovery is much more common than full recovery). Ultimately there are no guarantees. We assess each case that meets our criteria (including the minimum loss threshold) individually, and offer an (honest) opinion of whether or not it may be worth pursuing and/or engaging us. In some cases, we will still advise against pursuing or decline to engage even if the minimum loss threshold is met if we don’t feel it’s in the best interest of a prospective client to hire us.

We have more people willing to pay us upfront than we can service; it would not make business sense to take any case on a contingency-only basis. We already factor a modest contingency into our pricing. We will not work a case on contingency-only, even if offered 75% (and we’ve gotten such offers).

As a general policy, we avoid doing pre-engagement calls. They would simply result in us saying “please email us the txids” and be a waste of both side’s time, as such calls are generally not helpful. Additionally, we are a small team and get a lot of inquiries, and simply don’t have the resources to get on a call with everyone who requests one. We do offer paid consultations if a call is strongly desired; feel free to email us and request this.

We take clients on an individual or company basis — as in, we don’t do group or “pool” cases with a bunch of other purported victims you met on Telegram. If somebody -individually- lost $100K+, it may be a good mutual fit.

Unless the exchange misappropriated funds/is insolvent/something else we can verify as mismanagement or illicit activity, no. Exchanges are all extremely busy. Exchange support will take time to respond to you. We are not exchange support. While we do work closely with exchanges in the investigative process, we do not leverage those contacts to “fast forward” routine customer service inquiries.

No, it isn’t. We don’t do cold outreach. And we certainly don’t contact random people and tell them we’ve recovered crypto for them. You’re almost certainly speaking to an impersonation scammer. Unless you’ve placed an inquiry with us first to a email address (e.g. or the contact form on our real website, it’s not us. Additionally, CipherBlade only has one website, – if you received an email coming from a different website purporting to be CipherBlade, it’s fraudulent. Also, we do not use free/generic email addresses, so if you see an email address like ‘’ it’s another scammer. While CipherBlade staff do use Telegram, you should excercise caution and independently confirm the legitimacy of any Telegram handle of CB personnel via an email from the domain. Again, we don’t do cold outreach on Telegram either, and there are no shortage of impersonation scammers on Telegram.


All other matters (e.g. expert witness services or reports, security consulting, compliance consulting, source of funds analysis, audits, divorce, & bankruptcy cases):

Very likely, yes. We’ve seen and experienced just about everything at this point. But please email us at with more details about the nature of the matter and we can go from there.

Yes. Please contact us with more details and will offer you some thoughts and we can proceed from there.

Yes. And it’s good you’re taking a proactive approach in this regard. Too many companies simply don’t care about security, or think they’re already very secure and believe they are already “employing the best security practices” when the reality couldn’t be farther from the truth.

Yes. Please contact us for details about the nature of the matter and which such an analysis is being requested, and we’ll advise whether or not it’s something that would be advisable for us to assist with.

We generally avoid pre-engagement calls unless we believe the situation calls for it. Please provide some details about the nature of the situation so we have some context at least, and we can go from there.

Send Secure Message To Us

CipherBlade LLC
3300 Arctic Blvd
Suite 201 PMB 1082
Anchorage, AK 99503

CipherBlade APAC Pte. Ltd.
30 Cecil Street
#19-08 Prudential Tower
Singapore 049712

20 Wenlock Road, London, England, N1 7GU

Scroll to Top