It's an incredible technique, when I came across it, it just changed the way I thought of solving giving out keys without "truly" giving them out.
This gave me confidence for eternalvault.app, a project of mine.
I’ve been noodling over this exact business idea for a couple years! Part of my value prop was to make ops scale down to as close to zero as possible by having the encrypted data and most of the front end for accessing it live in S3 objects (or some similar mega-cheap object store). Aside from that, all you need is the dead man’s switch mechanism. And the secret fragments would live on QR codes that bring you to the static SPA with one of the fragments already loaded up, prompting you to scan more to complete the decryption.
Good work doing it. I guess now I don’t have to. :D You may have gained a customer from this HN thread.
Indeed, that's precisely why I decided to ditch out of the subscription model and went into one time payment method, did the math and it made sense that I don't need a very heavy system apart from supporting the dead man switch trigger
And it feels good to know that there are people out thinking about this, makes me happy truly and if you want to try out the platform, welcome aboard, happy to walk through it if needed. :)
That’s great, and exactly what I was thinking. In fact, you have to wrestle with the fact that if it’s too cheap, people won’t trust it.
One thing I had been thinking about was that it’s important to be extremely open about the algorithms and infrastructure required, with a very transparent whitepaper on how it works (enthusiast level discussion of the technical details) and how you have designed the company to be extremely sustainable. I think your job is to convince people of two things: 1) this actually respects my privacy in a way I can verify myself (or lean on the technical expertise of other outside observers), 2) this company actually has a chance of surviving until I die.
If I can see those two things are true, a $199 lifetime purchase is a no-brainer (and that probably covers a dozen lifetime members’ operational costs). :D
Honestly those are 100% fair questions, for (1), I have a security page: https://eternalvault.app/security/ but mainly because of marketing purposes, most people I have as customers are in their 30-40s and not fairly technical, so when they ask me, I have to be mindful to not bombard them with too much technical info, but it's a good idea to still have a whitepaper with more detailed info for someone who actually wants to confirm on the privacy aspects.
Regarding (2), that is the most common question I get and honestly I don't know if I have the best answer for it, but here's what I have, I have two vaults for myself (of course I use Eternal Vault myself), one for family and one for business, in the business vault I have few documents including one called "Business continuity plan" which lays down all of my raw thoughts around how eternal vault is built, core technical things, infrastructure, dooms day trigger etc, and other business specific documents, right now since I don't have any heir, I have added few close people to it who are also fairly technical to keep it running, but eventually my idea is to expand on it in such a way that if I'm removed from the equation, the product can still sustain itself both business and ops wise, but I can totally understand why someone would trust a stranger on the internet, so I'm actually not sure how can I make the answer for 2nd much better, what do you recommend?
Well one idea I had that changes the operational posture somewhat is to have the “reader” UX be a static page served completely from S3 and referencing other static S3 resources (the encrypted blob), then have the dead man’s switch “fail open” if the “user is not dead yet” signal goes offline. That way the company could almost run out of money and cease active operations but still have the data be readable by end users (with the keys, of course) for a long time. Having such a fallback plan in place gives confidence.
The other thing is being very transparent about the real world incremental cost of a user’s data. It slightly undermines the price point, but being able to say “look, incremental storage cost for your data over your lifetime is 33 cents. We have a bond that covers our current user base in perpetuity ten times over” is pretty compelling. You can say “yes, you’re paying way more than the incremental cost, but you’re paying for the care that went into making sure it’s got longevity.”
I can’t stress enough how happy I am for you that you built this thing that I consider a fabulous idea. I have an idea about how you can market it if you want to hear it. Let me know the best way to email you.
Ngl, I was working on a "Save this page offline" feature, the idea was similar to what you said, it's more like a snapshot in time, you can export your whole vault encrypted with the SSS and an offline ready page to come to and unlock the vault.
In my idea, the doomsday trigger handling might be difficult if it was a truly offline page, so I've not yet thought it fully on how it can be executed well, I'll revisit that idea again with fresh eyes.
And thanks for the reach out, would love to chat more on email!
I'm building CatchIntent (https://CatchIntent.com).
The goal is to help turning social conversations into qualified warm leads.
Started with it because I was struggling with finding relevant conversations about my first app where people are exactly asking for what I'm selling, only that I was missing those conversations and people.
Build a POC, tested for myself and started getting good leads, so I converted it into my second app.
When someone dies, you don't get even one extra second to access the documents and information they meant to share it with you.
Trying to fix this problem with Eternal Vault.
Could you go into some detail regarding your approach to security? Presumably, due to the sensitive nature of the documents users will upload, you have a number of safeguards in place?
- Files are end to end encrypted with a master key generated by you on your device during onboarding
- How do your family access the documents when only you have the key and it's E2EE? The idea is the key is splitted via Shamir Secret Sharing when you add a trusted contact, once the doomsday is triggered and they recieve the notification, only then they can use their "shares" to reconstruct the master key and open your vault and access the documents
Eternal Vault is interesting. I would for sure use something like this. However, only if there is a strong story how the vault will survive 20+ years, even if your company is defunct. I do see the pieces scattered around the website (backup to Dropbox, etc), but this story needs to be front and center.
Hi Luke, thanks for the feedback. Will be working on improving the marketing site to share the story in better way, any other feedbacks are also appreciated.
Lastly, would love for you to give the platform a try at https://dash.eternalvault.app/register
Looks interesting, I have one question about the pricing and a main button on the home screen, it says "Protect your family (free forever)" and yet there is a monthly fee (which makes sense of course). What does the free forever bit mean?
So we do provide a free forever plan, with free plan there are usage limits plus some advance features are not there, but all the core security features are fully available on all plans (I strongly feel security is not a good to have but a must have feature)
With that being said, with the paid plans unlock higher limits, advance features (all mentioned on the pricing page).
Let me know if you have any specific questions, also feel free to DM me on my socials or via emails (all available on the contact page).
Wow, it's fun reading the innovative ways people are solving for this, thanks for sharing your approach.
If you don't mind me asking, can you share some more details about this CLI utility? Does it use some existing solutions like GPG or something similar for the tasks you mentioned?
The CLI is pretty simple, it accepts "key:filename" and performs these steps:
Open file and search backwards from end looking for marker bytes.
If found, save the file date/time then extract the data and decrypt using AES.
If the decrypted data passes a checksum test, place the data in a temporary file and load the file into a text editor.
Wait for the test editor to exit. If the file has been changed, retrieve the data from disk, re-encrypt, place it back in it's hiding spot and restore the carrier file's original data/time.
Lastly, overwrite the temporary file with random data before finally deleting and exit.
By the way, my little CLI can also perform TOTP generation. It will search for
a section in the text delimited by "<--- 2FA Start" and "2FA End --->" for a list of "tag:=Base32 key string". To generate a TOTP code and place it into the clipboard, just give it "key:filename,tag".
Just thinking out loud, doesn't keeping it offline increases the risk of first of all things getting lost or worse gets accessed by someone you don't intend to pass it on to?
Depends on how organized and secure your physical properties and possessions are. If you've got creepy housemates or relatives, who might dig through your obviously-personal stuff? Yeah, that makes everything 100X harder. But they might also try an Evil Maid Attack, to get your online stuff.
Do you have any trusted, well-organized relative or friend with a decently secure property?
Do local banking regulations allow for access to safe deposit boxes when the owner is not present or deceased?
Could you park the documents in a manila envelope, in the secure file cabinets of the lawyer who drafted your will?
And if you're an Epic-level Ditz, who might (say) accidentally throw $700M of bitcoin in the trash? At some point, you need to have a competent person handle your affairs for you.
