All 6.94M leaked records in KeyAudit originate from 25 public data sources, each credited on /en/source. These include OFAC sanction lists, ScamSniffer dumps, the Vasek FC16 academic dataset, GitHub-hosted blacklists, and password-breach corpora used to derive brain-wallet candidates via dict_derived patterns.

Each source carries one of five confidence tiers: confirmed_stolen, sanctioned, academic_dataset, community_curated, or dict_derived. The dict_derived tier explicitly marks theoretical matches from password leakage patterns—not stolen key material. You can inspect per-source methodology, collection date, and confidence justification at /en/source/*.