# Compromised Address

<figure><img src="/files/8aQF7pLb7TJIDtGCXvOB" alt=""><figcaption></figcaption></figure>

The above figure displays an example of a user at address **0x…1** (Bob) attempting to send assets to user **0x…2** (Alice). But there’s an issue: Alice’s keys have been compromised and a bad actor has access to all of Alice’s funds.

Upon creation of the Capsule Shipment, Bob specifies to send his Capsuled assets to **0x…2** (Alice) – but Bob has also attached a password, “Hunter2”. On-chain, this password is stored within the Capsule Fulfillment Center as a hashed value of the password and a salt. Without the password, Alice is unable to properly accept this shipment and receive her Capsuled assets.

Thankfully, even though Alice’s keys have been compromised, the hacker is still unable to access Alice’s shipment: he does not know the password attached to the shipment coming to Alice. As such, Alice simply lets Bob know that her account has been compromised, and for Bob to change the shipment to a new address, **0x…3**, which Alice has properly secured. Bob does so, and Alice is able to properly accept the assets shipped at address **0x…3**. Bob may even change the shipment acceptance password, should he like. The hacker is unable to receive Alice’s shipped assets at **0x…2** or at **0x…3**. No assets were lost due to a compromised address, even though the address was correct.&#x20;

If this transaction were to have been broadcasted and accepted as is (without using CPaS, directly from **0x…1** to **0x…2**), there is an overwhelming chance that all assets are lost to Alice’s hacker – who can steal all of the assets sent to her address at **0x…2**. This again results in a loss for Bob (who owned the funds) and Alice (who has her funds stolen). Additionally, had multiple assets been bundled within a Capsule - this would have saved multiple assets from being lost. This situation can also be easily averted by using CPaS.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.capsulelabs.xyz/protocol-overview/use-cases/compromised-address.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.