# Identity Verification for Account Recovery

In a Casa setup, Casa retains one of the keys to provide a signature in case of emergency recovery situations. This is useful to protect clients, but creates a vulnerability if an attacker can trick Casa into signing a recovery request that transfers the user's bitcoin into the attacker’s wallet. 

To protect against this **Casa authenticates the user on all recovery signature signing requests** using a special process detailed to clients during activation. We keep details of this process private, but note that the process includes a significant signing delay and a series of regular user notifications when a recovery request is made. The signing delay and notifications increase the odds that an attack would be caught and reversed before the recovery signature occurs.\ <br>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.casa.io/wealth-security-protocol/chosen-features/identity-verification-for-account-recovery.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.