Permissionless Keeper

Be a Good
Samaritan

Some vault owners have missed their check-in deadlines. Their nominated beneficiaries are waiting for these funds. You can execute the transfer right now — trustlessly, on-chain. Funds go only to the nominee, never to you.

Automatic execution is guaranteed. Even if no one claims manually, the keeper bot runs every 48 hours on GitHub Actions and will execute the transfer. The nominee always receives their funds — you can accelerate it by claiming here and earning the vault rent.

01Connect any wallet
02Click "Claim for Nominee"
03Earn ~0.002 SOL vault rent
🤖Or keeper bot does it automatically

Claimable Vaults

Scanning vaults…

Scanning all vaults on-chain…

On-Chain

What happens when you click “Claim”

claim_vault — instruction flow
CHECKvault.is_active == true
CHECKnow >= vault.deadline + 172800
CHECKvault.nominee == nominee.key()
MAINNETrefresh_reserve (Kamino)
MAINNETredeem_reserve_collateral (kTokens → USDC)
TRANSFERvault_ata → nominee_ata (full balance)
CLOSEvault_ata account → rent to caller
CLOSEvault PDA account → rent to nominee
SETvault.is_active = false
All checks are Anchor account constraints — they run before any instruction logic.

Why the caller gets rent

When an account is closed on Solana, its rent is returned to a specified recipient. Aegis Vault directs the vault_ata rent to the caller (keeper). This covers the gas cost of the transaction and any ATA creation fees — making each execution economically neutral or profitable.

Nominee ATA creation

If the nominee's token account (ATA) doesn't exist yet, the keeper creates it usinginit_if_needed. The ~0.002 SOL cost is paid by the keeper upfront and fully recovered from the vault rent.

Kamino redemption (mainnet)

On mainnet, the program calls redeem_reserve_collateral — burning all kTokens held in vault_ktoken_ata and receiving the full underlying balance plus all accrued yield into vault_ata, before the transfer to the nominee.

Trust Model

Why this is safe

IMMUTABLE

You cannot redirect funds

The nominee address is written into the vault PDA at creation. No instruction exists to update it. Every claim verifies it via `has_one = nominee`.

TIME-LOCKED

You cannot claim early

The program checks `now >= vault.deadline + 172_800`. Any transaction before that timestamp is rejected by the Anchor runtime — not a UI check.

OPEN SOURCE

Fully auditable

Full Anchor source is public. No admin key. No upgrade authority. Anyone can verify that `claim_vault` always transfers to nominee, never to caller.