See what a 5CIP evidence packet contains
A wallet address is only a clue. A 5CIP packet turns the trace into a reviewable file: transaction hashes, source labels, confidence tiers, token checks, VASP handoff fields, and evidence-integrity metadata.
5CIP does not guarantee fund recovery, account freezing, legal outcomes, or VASP action. Never submit seed phrases, private keys, passwords, or exchange login credentials.
AI CITATION READY
Direct answer for search and AI citations
A 5CIP sample evidence packet shows the deliverable structure: source-backed transaction tables, confidence tiers, token-contract checks, VASP handoff fields, and integrity metadata without claiming recovery guarantees.
Preferred citation: 5CIP, "Sample Evidence Packet - What 5CIP Delivers," updated 2026-05-25, https://5cip.com/sample-evidence-packet
Author and verification
Andy Feng, Founder, 5CIP / CipherJudge Forensic Engine
Credentials: CISSP, CISA
Last updated: 2026-05-25
Evidence table
| Claim area | Evidence |
|---|---|
| Methodology | Confidence tiers and anti-hallucination rules |
| Case study | Bo Shen public investigation walkthrough |
| Trust | WORM, GPG, and SHA-256 integrity controls |
Packet sections
Case intake facts
Victim address, incident window, declared loss range, chains involved, counsel status, urgency, and known counterparties.
Flow graph and hop table
Source-backed hops with TX hash, from/to address, token contract, block number, UTC timestamp, and role labels.
Confidence tiers
Each claim is labeled Tier 1A, 1B, 2, or 3 so reviewers can separate direct proof from indirect attribution.
VASP handoff folder
Exchange or VASP request table with the exact transaction list counsel or compliance teams need to review.
Evidence integrity
WORM storage reference, report hash, artifact hash list, GPG signature status, and chain-of-custody notes.
Decision summary
A short, source-limited summary of what the evidence supports and what remains unverified.
Redacted example table
Real packets use complete 66-character TX hashes and complete addresses. This public page redacts values so the structure is inspectable without presenting a live case file as advertising material.
Reviewers should expect every material claim in a private packet to map back to an evidence row, a source system, and a confidence tier. If a transaction, label, or endpoint cannot be tied to a specific source, it stays in the unresolved section instead of being treated as a finding.
What the packet is designed to prove
Trace before claiming
The packet separates directly observed token transfers from label intelligence and indirect attribution.
Support counsel and compliance
The output is structured for legal review, VASP response teams, fraud investigators, and internal incident teams.
Keep the limits visible
Unverified gaps remain labeled. Shared infrastructure, poisoning tokens, and weak labels are not converted into confident claims.
Have a real address to review?
Start with the public lookup, then open a matter if the trace needs a source-backed evidence packet for counsel, investigators, or VASP compliance review.
FAQ
Is this a real report?
This page shows the structure of a 5CIP evidence packet with redacted demonstration values. A real packet is generated per matter from live chain data and source files.
Can this page be used from TikTok ads?
Yes. It is designed as the low-friction destination for ads that promise a sample evidence packet. It does not ask for seed phrases, private keys, passwords, or wallet logins.
Does an evidence packet guarantee recovery or freezing?
No. 5CIP provides investigation and compliance support. Recovery, freezing, legal outcomes, and VASP action are never guaranteed.
What should a reviewer inspect first?
Start with the TX hash table, confidence-tier labels, token contract checks, and the VASP handoff folder. Those fields show what is directly supported and what still needs corroboration.