Credits & caching
SquareBreach uses a pre-paid credit model. Credits are simple: 1 credit = 1 successful API call. Cached results never consume credits. Credits never expire.
What counts as a credit
- 1 credit per successful API request that returns fresh data from upstream.
- 0 credits when SquareBreach can serve the result from its global cache.
- 0 credits for failed requests (4xx / 5xx).
- 0 credits for in-app actions: viewing history, opening saved searches, browsing victim file trees.
How caching works
Every successful upstream response is fingerprinted by endpoint + normalised query and stored in a global cache. The next person to run the same query gets a copy from cache.
Cache TTLs vary per endpoint:
| Endpoint family | TTL | Rationale |
|---|---|---|
| Breach search | 24 hours | New breach drops are indexed daily |
| Stealer logs | 6 hours | Higher churn from new infections |
| Victims | 1 hour | Device metadata changes frequently |
| OSINT | 15 min | Live profile lookups must stay fresh |
| File search | Not cached | Results depend on victim selection |
How to tell if a response was cached
Every result page shows a Cache indicator in the header with the cache age. Hover for full details, click Refresh to bypass the cache and consume 1 credit for fresh data.
Credit packs
Buy credits in three sizes from /app/billing:
| Pack | Credits | Price | Per credit |
|---|---|---|---|
| Starter | 100 | €9.99 | €0.10 |
| Pro (most popular) | 500 | €29.99 | €0.06 |
| Team | 2,500 | €119.99 | €0.048 |
Top-up tips
- Buy the largest pack you’ll realistically use in a quarter — the per-credit price drops sharply at higher tiers.
- Credits never expire, so unused balances roll over.
- Set a low-balance email alert from Settings to avoid running dry mid-investigation.
What happens at zero
Once your balance hits 0, fresh requests return a 402 Payment Required. Cached requests still succeed and don’t deduct anything. The dashboard shows a banner prompting you to top up.