I think someone stole my Chia


I was now looking at my Chia Wallet and I have noticed that it shows a 0 Balance. At first thought it had to be a technical Error but then I investigated, and I found multiple outgoing transactions.

To: xch14j7vftysn93mtdqw29atzxqdlcg247ull690xevaxk3t73fz598sfx5xfy

How is this possible. I am not in an unofficial pool or shared my logging to anyone.
Does anyone recognise this account?


Did you ever download a database from somewhere other than the chia torrent?

Last time ppl were getting robbed it was from a database download using a .exe downloader app

still not ledger support.
i am really sorry about that brother.
@ChiaPizza are you happy? another victim here.

It looks like a total of about 40 XCH passed through that address over 2 days, and was all withdrawn 12 days ago, not sure how much the OP lost.

You should always setup and use a cold wallet, never use a hot wallet for holding XCH longterm.

Do you already have experience with cold-wallet?
This is still a fairly new topic.

like he gives a fuck, he’d rather offend poor guy for moaning

Yes, I’ve used a cold wallet since around June 2021.

Probably plenty of guides on YouTube or the internet, but basically all I did was install chia on a virtual machine, create a new wallet, make a record of the 24 words in a safe and very secure place, also copy the wallet address. Now delete the VM.

On your farmer you use the new wallet address to send your farming rewards to.

No one can remove coins from that wallet without the 24 words.

If you need access, say to spend coins then you can use wallet mode, but once it’s on a machine connected to the internet it becomes a hot wallet, and much easier to compromise - there could be software on the machine that can read the 24 words

If you need to track payments going in, just use xchscan or alltheblocks, just like the link I posted earlier.

PS Once setup send a small amount of XCH just to verify you have the address correct, and do not lose those 24 words!


No. I have not downloaded any unofficial App or Softwar

Is it possible to set up a new account and use my existing plots? Obviously, this account is not save anymore.
I don’t understand how this could happen, nobody had access to this wallet or access to my words.

This looks quite suspicious. Is there a possibility to report someone, or get some investigation? It looks like I am not the only one.

Newest version of CHIA has payment retraction. Does it really work?

This is NOT a “COLD WALLET”… like btc for example.
Your wallet is still vulnerable via brute force. After all, it is open to the public.

“payment retraction”
No. I had already asked about that. This is not the goal of the whole action and so not really possible.

Reason: IF it would work, then the following could be possible:
You sell me your e.g. 100 HDD’s for a bargain price. Smart as I am I pay you in XCH.

If I have the HDD’s, I demand the XCH back. Now I have again the XCH and your HDD’s. :wink:

  1. Stolen XCH:
    How is this to be proven?
    Police? In my purse were 100€ in it today at noon. The bank employee and certainly the camera can testify to that. Now these are gone. Can you please sue the bank so that I get my 100€ back (again)?

Only as a stupid example without you @Jack or @eoun what want to insinuate.
But THEORETICALLY I could now transfer my XCH somewhere and have them credited back to me later.

“transfer somewhere” = of course they are not lying around… they will then be exchanged in “crypto mixers” for btc or whatever.
In other words: When you make the “request”, they will no longer exist.

Back to the very old days in the 1990’s, when you buy stuff on ebay, you send a check in mail. Seller waits for the check to be cleared. Then seller mails out the item. Transaction is completed.

So I will wait the retraction period is over and I will send you 100 HDD.\


1 Like

But as it currently stands it is the best option and within Chia circles its referred to as a cold wallet, there is no other option yet that I’m aware, if there is a better option to hold XCH then please let us know.

1 Like

Yes, but you set the retraction period when you send the funds, so if someone has got the 24 words, they’ve now got access to your XCH, they are hardly going to setup a retraction period are they? Same goes if they’ve got access to you PC either remotely or sat in front of it, they send the XCH with no retraction period, therefore no reversal.

Ok sir.

24 word loss means dead.

I believe that if you create a new wallet, and update your config.yaml file to direct wins to that new wallet’s address, then you will be back in business with your existing plots.

When you create a new wallet, use a clean computer – even one that has never been connected to the internet.

Download Chia from:

Copy the executable to your off-line computer, via a USB stick. Install Chia. Create a wallet.
Use that new wallet’s address in your full node’s config.yaml file.

Or use a clean install of Windows and install Chia.
Or boot to a live Linux environment (Ubuntu is popular). Install Chia on it. Create a wallet, and use that wallet’s address in your full node’s config.yaml file.

The goal is to create a new wallet on a known, clean OS.

Make sure that you print out (or save in some safe fashion) the 24 words for your new wallet.

And periodically check your config.yaml file, to make sure no unauthorized edits get made. Make sure it retains your new wallet’s address.

Please note that I have never had to do the above. But as I understand the process, the above should allow you to use your existing plots, and have wins safely deposited in your new, secure wallet.

Perhaps others might offer a different solution for you to be able to safely use your existing plots? Or correct anything that I wrote as needed. But if no one else chimes in with a solution, I think you will be good with the above.

1 Like

It is very simple:

  • your PC is not safe
  • someone saw your keys (if your PC was infected while creating wallet)
  • cold/farm wallet 101

There is very little chance of 0-day exploit, but you wouldn’t be alone.

If your keys got exposed, you can most likely replot. Anyone with keys can farm your plots. Hard to say, if they can claim rewards, though.

If someone has @eoun’s keys, then they would have to create plots associated with those keys. They could not farm @eoun’s existing plots, because the attacker does not have @eoun’s plots (short of them having totally compromised his network and copied all of his plots). That is unlikely.

if you have control of pc, who knows what is possible

I’m on my PC now, so just doing a bit of digging, but to be honest its rather beyond me.

The OP’s coins we’re transferred to this wallet.


which has various coins coming in then are transferred out to another three different wallets.


The first address above links to


which has 3 three transactions, one outbound to another wallet below for 135.5 XCH, 4.469 XCH to Huobi which is an exchange, and 20 XCH in from the original wallet.

xch1mdcth3fzxf9xqqmefujg4djwqvcryads3zpxrcdkw284g8cpshcq0v3q3n which the 135 XCH went to has 305 XCH and various transaction from Huobi.

Well it doesn’t any sense to me, xch16pkx9dny3u8dp5fknr5xc6gedzzu6crq8cjvl6pxkkv69tz78pnq0v9wus shows four transactions, but more going out than coming in.

Anyway trying to make sense of all this is going to get nowhere anyway, but someone has been shifting lots of coins between accounts, some accounts appear to have been dormant for months.