PRIVATE.ME PLATFORM · TECHNICAL WHITE PAPER

EstateVault: Threshold Digital Estate Planning

Passwords, crypto wallet seed phrases, and sensitive documents are lost forever when their owners become incapacitated or pass away. EstateVault splits digital assets across designated trustees using XorIDA threshold sharing so that no single trustee can access assets alone, but any K-of-N can recover them. A configurable dead man's switch monitors periodic check-ins and triggers trustee access after consecutive missed intervals, automating handoff without premature exposure.

Estate Planning / Legal XorIDA Powered 0 npm deps <1ms typical asset

Section 01

The Problem

Digital assets are locked forever when their owners die. Cryptocurrency wallets, password vaults, encrypted documents, and online accounts vanish with no recovery path. An estimated $140 billion in cryptocurrency is permanently inaccessible due to lost keys from deceased holders.

Traditional estate planning uses single executors — lawyers, family members, or cloud services — who hold complete access credentials. This creates four critical failures:

1. Single Point of Compromise

One corrupt or coerced executor can steal the entire digital estate before heirs ever know it existed. A single compromised password vault, lawyer's safe deposit box, or cloud service account exposes everything. There is no cryptographic enforcement preventing premature access.

2. No Trigger Guarantee

Who tells the executor when to release the assets? Death certificates take days to weeks. Incapacitation is ambiguous. The owner might be in a coma, held hostage, or traveling off-grid. False triggers from a single missed contact destroy trust. Late triggers mean assets remain locked while dependents wait.

3. Lost Keys Equal Lost Assets

Writing passwords in a will or safe deposit box creates plaintext exposure. Hardware wallets without recovery mechanisms are permanently inaccessible when the owner dies. Password managers lock out heirs. Cryptocurrency holdings vanish. Digital photo albums, business credentials, and intellectual property disappear.

4. Trustee Collusion Risk

If assets require multiple approvers, they can collude. Two conspirators in a three-person approval chain can bypass the third. Traditional multi-signature schemes provide procedural controls, not cryptographic impossibility.

THE CORE CHALLENGE

No existing solution prevents both premature access and permanent loss simultaneously. Giving full access to one person creates theft risk. Splitting access procedurally creates collusion risk. Waiting for proof of death creates delay risk. EstateVault makes all three impossible cryptographically.

Section 02

The PRIVATE.ME Solution

EstateVault splits digital assets across designated trustees using XorIDA threshold sharing. A dead man's switch monitors periodic owner check-ins and triggers transfer only after consecutive missed intervals. No single trustee can reconstruct assets alone. Collusion below the threshold reveals zero information.

The asset owner calls storeAsset() to split passwords, seed phrases, documents, or keys into N shares distributed across trustees. The threshold K is configurable — for example, any 2-of-3 trustees must cooperate to recover assets. Below-threshold shares reveal mathematically zero information about the plaintext.

The dead man's switch requires the owner to checkIn() at regular intervals (configurable from 1 to 365 days). After a configurable number of consecutive missed check-ins (minimum 1, recommended 3), the switch triggers and trustees are notified. Trustees reconstruct assets by calling recoverAsset() with their shares. HMAC-SHA256 verification runs before reconstruction — if integrity fails, recovery aborts.

Key Properties

No premature access: Trustees cannot reconstruct assets while the owner actively checks in. Threshold enforcement is cryptographic, not procedural.
Configurable sensitivity: Number of consecutive missed check-ins is adjustable. 3 misses at 30-day intervals = 90-day dead man's switch.
Information-theoretic security: Below-threshold shares reveal zero information. Not computationally hard — mathematically impossible.
No single custodian: K-of-N trustees required. Single trustee compromise or coercion fails.
Quantum-resistant: XorIDA operates over GF(2) with no computational assumptions. Quantum computers provide no advantage.

Section 03

How It Works

The EstateVault lifecycle has three phases: vault creation, periodic check-in monitoring, and triggered recovery. Each phase produces cryptographic audit trails.

Phase 1: Vault Creation

The asset owner creates a DigitalAsset containing an identifier, type (password, seed-phrase, crypto-key, document), label, and data as a Uint8Array. An EstateVaultConfig defines trustees (each with id, name, contact), threshold K, dead man's switch parameters (check-in interval in days, missed check-ins before trigger), and owner ID.

Vault Creation

import { storeAsset } from '@private.me/estatevault';

const asset = {
  id: 'btc-wallet',
  type: 'seed-phrase',
  label: 'BTC Cold Wallet',
  data: new TextEncoder().encode('abandon ability able...')
};

const config = {
  trustees: [
    { id: 'alice', name: 'Alice', contact: 'alice@example.com' },
    { id: 'bob', name: 'Bob', contact: 'bob@example.com' },
    { id: 'carol', name: 'Carol', contact: 'carol@example.com' }
  ],
  threshold: 2,  // Any 2-of-3 can recover
  deadManSwitch: {
    checkInIntervalDays: 30,
    lastCheckIn: new Date().toISOString(),
    missedCheckInsBeforeTrigger: 3,  // 3 consecutive misses = trigger
    armed: true
  },
  ownerId: 'owner-001'
};

const result = await storeAsset(asset, config);
if (!result.ok) throw new Error(result.error.message);

// result.value.shares contains AssetShare[] for each trustee
// Distribute shares via secure channels (email, physical paper, USB)

storeAsset() pads the asset data (PKCS#7), computes HMAC-SHA256 over the padded data, then splits it via XorIDA into N shares. Each trustee receives an AssetShare containing their share index, total shares, threshold, base64-encoded share data, base64-encoded HMAC (key+signature), and original size.

Phase 2: Check-In Monitoring

The owner must call checkIn() at least once per configured interval. This resets the dead man's switch timer and clears the missed check-in counter. Missing consecutive check-ins increments the counter. When the counter reaches missedCheckInsBeforeTrigger, the switch triggers.

Owner Check-In

import { checkIn, isTriggered, nextDeadline } from '@private.me/estatevault';

// Owner checks in -- resets switch
const updatedSwitch = checkIn(config.deadManSwitch);

// Check trigger status
if (isTriggered(updatedSwitch)) {
  console.log('Dead man\'s switch has triggered -- trustees can recover');
}

// Next required check-in deadline
const deadline = nextDeadline(updatedSwitch);
console.log(`Next check-in required by: ${deadline.toISOString()}`);

isTriggered() calculates the time since the last check-in, divides by the check-in interval to get the number of missed intervals, and returns true if missed intervals meet or exceed the trigger threshold. This logic is deterministic and verifiable by all trustees.

Phase 3: Triggered Recovery

Once the switch triggers, trustees can reconstruct the asset. At least K trustees provide their shares to recoverAsset(). The function verifies HMAC integrity before reconstruction. If HMAC fails, the operation aborts with HMAC_FAILED error. If reconstruction succeeds, the function unpads the data and returns the original DigitalAsset.

Trustee Recovery

import { recoverAsset } from '@private.me/estatevault';

// Trustees Alice and Bob provide their shares (2-of-3)
const shares = [aliceShare, bobShare];

const recovered = await recoverAsset(shares);
if (!recovered.ok) {
  console.error(`Recovery failed: ${recovered.error.message}`);
  return;
}

// recovered.value is the original DigitalAsset
const seedPhrase = new TextDecoder().decode(recovered.value.data);
console.log(`Recovered BTC seed: ${seedPhrase}`);

FAIL-CLOSED DESIGN

HMAC verification runs before reconstruction. If integrity fails, the operation aborts immediately. No partial reconstruction. No plaintext exposure. The system fails closed, not open.

Section 04

Use Cases

Six scenarios where EstateVault replaces single-custodian estate planning with threshold cryptographic protection.

CRYPTOCURRENCY

Cryptocurrency Inheritance

Bitcoin, Ethereum, and hardware wallet seed phrases split across family members. Any 2-of-3 can recover funds after owner passes. $140B+ currently locked from deceased holders.

2-of-3 Family Trustees

PERSONAL SECURITY

Password Vault Succession

Master passwords for password managers (1Password, Bitwarden, LastPass) split across trusted contacts. Digital life continues for dependents without plaintext exposure.

Password Manager Master Keys

LEGAL / ESTATE

Will and Document Transfer

Digital wills, insurance policies, property deeds, and legal documents split across lawyers, family, and executors. Threshold cooperation required for access.

3-of-5 Legal + Family

BUSINESS CONTINUITY

Key Person Risk Mitigation

Company signing keys, admin credentials, and critical access split across board members. Business operations continue if key personnel become unavailable.

Board-Level Threshold

INTELLECTUAL PROPERTY

Creative Work Succession

Unreleased manuscripts, source code repositories, unpublished music, and digital art split across heirs and agents. Controlled release after creator passes.

IP Transfer Planning

HEALTHCARE

Medical Directive Access

Advance directives, DNR orders, and medical power of attorney documents split across family and healthcare providers. Emergency access when patient is incapacitated.

Medical Emergency Access

Section 05

Integration

EstateVault provides five core functions for digital estate planning workflows. All operations return Result<T, E> for structured error handling.

storeAsset(asset: DigitalAsset, config: EstateVaultConfig): Promise<Result<StoreResult, EstateVaultError>>

Splits a digital asset via XorIDA across designated trustees. Validates configuration (minimum 2 trustees, threshold ≥ 2, threshold ≤ total trustees, check-in interval 1-365 days). Returns StoreResult containing assetId, shares array, and HMAC asset hash.

recoverAsset(shares: AssetShare[]): Promise<Result<DigitalAsset, EstateVaultError>>

Reconstructs a digital asset from K-of-N trustee shares. Verifies HMAC-SHA256 integrity before reconstruction (fail closed). Returns the original DigitalAsset on success. Fails with HMAC_FAILED if integrity check fails, INSUFFICIENT_SHARES if fewer than threshold shares provided, or RECONSTRUCT_FAILED if XorIDA reconstruction or unpadding fails.

validateConfig(config: EstateVaultConfig): Result<EstateVaultConfig, EstateVaultError>

Validates estate vault configuration synchronously. Checks ownerId non-empty, minimum 2 trustees, threshold ≥ 2, threshold ≤ trustee count, check-in interval 1-365 days, and missedCheckInsBeforeTrigger ≥ 1. Returns validated config on success or INVALID_CONFIG error with specific field attribution.

checkIn(switchState: DeadManSwitch): DeadManSwitch

Resets the dead man's switch timer and clears missed check-in counter. Updates lastCheckIn to current timestamp. Returns updated DeadManSwitch state. Call this function at least once per configured interval to prevent trigger.

isTriggered(switchState: DeadManSwitch): boolean

Checks if the dead man's switch has triggered. Calculates time since last check-in, divides by check-in interval, compares to missedCheckInsBeforeTrigger threshold. Returns true if switch is armed and consecutive misses meet or exceed trigger threshold. Trustees can only recover assets when this returns true.

nextDeadline(switchState: DeadManSwitch): Date

Calculates the next required check-in deadline. Adds check-in interval to last check-in timestamp. Use this to display countdown timers or send reminder notifications to the asset owner.

Installation

npm / pnpm

# Install EstateVault
pnpm add @private.me/estatevault

# Peer dependencies (XorIDA crypto primitives)
pnpm add @private.me/crypto @private.me/shared

Section 06

Developer Experience

EstateVault provides structured error codes with actionable hints and field attribution for debugging estate vault workflows.

Error Handling

All asynchronous operations return Result<T, EstateVaultError>. The EstateVaultError discriminated union provides seven error codes with descriptive messages. Each error is actionable — the message tells you exactly what went wrong and how to fix it.

Code	When	Fix
INVALID_CONFIG	Configuration validation failed (empty ownerId, fewer than 2 trustees, threshold < 2, threshold > trustee count, check-in interval outside 1-365 days, missedCheckInsBeforeTrigger < 1)	Check the error message for specific field. Adjust configuration to meet validation rules.
SPLIT_FAILED	XorIDA split operation failed (typically due to invalid data or internal crypto error)	Verify asset data is valid Uint8Array. Check logs for underlying crypto error.
HMAC_FAILED	HMAC-SHA256 verification failed during asset recovery (data has been tampered with or shares are from different assets)	Verify all shares belong to the same asset. Check share integrity. Do not proceed with reconstruction if HMAC fails.
RECONSTRUCT_FAILED	XorIDA reconstruction or PKCS#7 unpadding failed after HMAC passed (corrupted shares or incompatible share indices)	Verify shares are from compatible indices (e.g., shares 1,2,3 not 1,1,2). Check share data is not corrupted.
INSUFFICIENT_SHARES	Fewer than threshold shares provided to recoverAsset()	Gather at least K shares from different trustees. Cannot reconstruct with fewer than threshold.
SWITCH_NOT_TRIGGERED	Recovery attempted before dead man's switch triggered (isTriggered() returns false)	Wait for switch to trigger after consecutive missed check-ins. Do not attempt recovery while owner is actively checking in.
ASSET_NOT_FOUND	Referenced asset does not exist (typically in multi-asset vault scenarios)	Verify asset ID is correct. Check vault manifest for available assets.

Result Pattern Error Handling

const result = await storeAsset(asset, config);

if (!result.ok) {
  switch (result.error.code) {
    case 'INVALID_CONFIG':
      console.error('Configuration invalid:', result.error.message);
      // Show user which config field failed
      break;
    case 'SPLIT_FAILED':
      console.error('Asset splitting failed:', result.error.message);
      // Log error, retry with different asset data
      break;
    default:
      console.error('Unexpected error:', result.error);
  }
  return;
}

// Success path -- distribute shares to trustees
const shares = result.value.shares;

TypeScript Types

EstateVault is fully typed with strict TypeScript. All interfaces are exported for integration into estate planning applications.

Type Definitions

interface DigitalAsset {
  id: string;        // Asset identifier
  type: string;      // password | seed-phrase | crypto-key | document
  label: string;     // Human-readable label
  data: Uint8Array;  // Asset bytes
}

interface Trustee {
  id: string;       // Trustee identifier
  name: string;     // Trustee name
  contact: string;  // Contact info (email, phone)
}

interface DeadManSwitch {
  checkInIntervalDays: number;           // 1-365 days
  lastCheckIn: string;                  // ISO 8601 timestamp
  missedCheckInsBeforeTrigger: number;  // Minimum 1
  armed: boolean;                       // Whether switch is active
}

interface EstateVaultConfig {
  trustees: Trustee[];             // Minimum 2 trustees
  threshold: number;               // K-of-N (>= 2, <= trustees.length)
  deadManSwitch: DeadManSwitch;    // Switch configuration
  ownerId: string;                 // Vault owner identifier
}

Section 07

Security Properties

EstateVault inherits information-theoretic security from XorIDA threshold sharing and adds HMAC-SHA256 integrity verification plus dead man's switch authorization control.

Property	Mechanism	Guarantee
Asset Confidentiality	XorIDA K-of-N threshold splitting	Information-theoretic
Integrity Verification	HMAC-SHA256 over padded data	Tamper detection before reconstruction
Premature Access Prevention	Dead man's switch + threshold	No reconstruction while owner checks in
False Trigger Prevention	Consecutive miss requirement	Configurable sensitivity (1-365 days, 1+ misses)
Below-Threshold Zero-Knowledge	GF(2) linear algebra	K-1 shares reveal zero information
Quantum Resistance	No computational assumptions	Unconditional security (not post-quantum, pre-quantum)
No Persistent Plaintext	Asset data never stored after split	Only shares exist post-split
Randomness Source	crypto.getRandomValues() only	No Math.random() anywhere

Threat Model

In scope: Adversary who compromises K-1 trustees, corrupts shares, intercepts communication channels, observes check-in patterns, coerces individual trustees, or gains access to dead owner's devices. EstateVault provides cryptographic enforcement against all these threats.

Out of scope: Adversary who compromises K or more trustees simultaneously (threshold broken by design). Social engineering that convinces K trustees to collude (procedural, not cryptographic). Physical coercion of the asset owner before death (dead man's switch cannot protect against living coercion). Side-channel attacks on trustee devices after reconstruction (secure the endpoints).

SECURITY INVARIANTS

HMAC verification always runs before reconstruction (fail closed)
Below-threshold shares reveal zero information (information-theoretic)
No asset data logged or sent to external services (memory-only processing)
Trustee contact information never persisted to disk (memory only)
All randomness via crypto.getRandomValues() (no Math.random())

Section 08

Benchmarks

EstateVault inherits XorIDA's sub-millisecond performance for typical digital estate assets. Benchmarks measured on Node.js 20 (Apple M1 Pro).

Asset Size	Split (2-of-3)	Reconstruct + HMAC	Use Case
24 words (seed)	<0.2ms	<0.3ms	Cryptocurrency wallet seed phrase
64 bytes (password)	<0.2ms	<0.3ms	Master password or encryption key
256 bytes (key)	<0.3ms	<0.4ms	RSA private key or certificate
1 KB (document)	<0.8ms	<0.9ms	Will or advance directive text
10 KB (document)	<3ms	<4ms	Estate planning PDF scan
100 KB (document)	<25ms	<27ms	Multi-page legal document
1 MB (large file)	<220ms	<240ms	High-resolution will scan or photo album

<1ms

Typical asset

K-of-N

Configurable threshold

$140B+

Crypto currently locked

Keys to manage

Scalability

XorIDA performance scales linearly with payload size and number of shares. Increasing from 2-of-3 to 5-of-7 trustees adds ~3% overhead per additional share. The bottleneck is not cryptographic operations but data movement — copying bytes for each share. For large assets (1MB+), consider splitting into smaller chunks or storing large files externally with only the decryption key in the vault.

Section 09

Honest Limitations

EstateVault solves specific cryptographic and authorization problems. It does not solve every estate planning challenge. Here are the edges where EstateVault stops and other solutions are required.

1. Trustee Cooperation Required

EstateVault enforces K-of-N threshold cryptographically. But it cannot force trustees to cooperate. If K trustees refuse to provide shares, or lose their shares, the asset is permanently inaccessible. Choose trustees carefully. Consider geographic and relationship diversity. Store shares in durable formats (paper QR codes, metal engravings, encrypted USB drives).

2. No Legal Enforcement

EstateVault provides cryptographic access control, not legal authority. Reconstructed assets must still comply with probate law, tax regulations, and beneficiary rights. Consult an estate attorney to ensure digital asset succession aligns with legal requirements. EstateVault does not replace a will or trust — it complements them.

3. Switch Timing Is Approximate

The dead man's switch uses consecutive missed check-ins, not exact timestamps. If the owner checks in on day 29 of a 30-day interval, then dies, the switch won't trigger for 60+ days (miss interval 1, miss interval 2, miss interval 3 = trigger). This is a tradeoff for false-trigger prevention. Shorter intervals and lower miss thresholds reduce delay but increase false-trigger risk.

4. No Automatic Share Distribution

EstateVault splits assets into shares. You must distribute shares to trustees manually via secure channels (encrypted email, physical delivery, secure cloud storage). The package does not handle share delivery or storage. Integration with Xlink (secure M2M communication) or Xstore (split storage backends) can automate distribution, but those are separate packages.

5. Large Assets Are Slow

XorIDA is fast for typical estate assets (passwords, keys, seed phrases) but becomes a bottleneck for large files. A 100 MB file takes ~20 seconds to split and reconstruct. For large assets, store the file externally (IPFS, S3, physical media) and vault only the decryption key or access credentials. Do not vault multi-gigabyte files directly.

6. No Built-In Notification System

When the dead man's switch triggers, EstateVault does not send notifications to trustees. The package provides isTriggered() for polling, but you must build notification infrastructure (email, SMS, push notifications) separately. Consider integrating with existing notification services or building a monitoring dashboard for trustees.

7. Trustee Identity Not Verified

EstateVault stores trustee IDs, names, and contact info in plaintext (memory only, not persisted). It does not verify trustee identity cryptographically. A malicious actor who intercepts shares can impersonate a trustee. For high-value estates, integrate with Xid (cryptographic identity) or require trustees to prove identity via separate channels before accepting shares.

8. No Revocation or Key Rotation

Once shares are distributed, there is no built-in revocation mechanism. If a trustee becomes untrustworthy, you must create a new vault with different trustees and destroy the old shares. This is manual and error-prone. Procedural controls (trustee agreements, legal contracts) are required to handle trustee removal scenarios.

WHEN NOT TO USE ESTATEVAULT

Use a traditional trust or executor if legal enforceability is more important than cryptographic access control. Use a password manager's built-in family sharing if convenience outweighs information-theoretic security. Use physical safes and bank vaults if digital solutions feel too complex. EstateVault is for users who understand the tradeoffs and prioritize cryptographic impossibility over procedural trust.

VERIFIED BY XPROVE

Verifiable Estate Protection

Every EstateVault operation produces verifiable audit trails via Xprove. HMAC-chained integrity proofs let auditors and trustees confirm assets were split, stored, and reconstructed correctly without accessing the plaintext data.

XPROVE AUDIT TRAIL

Every XorIDA split generates HMAC-SHA256 integrity tags. Xprove chains these into a tamper-evident audit trail that proves data was handled correctly at every step. Trustees can independently verify share integrity before reconstruction. Executors can prove compliance with estate planning requirements without accessing sensitive assets.

Read the xProve white paper →

GET STARTED

Ready to deploy EstateVault?

Talk to Sol, our AI sales engineer, or book a live demo with our team.

Book a Demo

Deployment Options

🌐

SaaS Recommended

Fully managed infrastructure. Call our REST API, we handle scaling, updates, and operations.

Zero infrastructure setup
Automatic updates
99.9% uptime SLA
Enterprise SLA available

View Pricing →

📦

SDK Integration

Embed directly in your application. Runs in your codebase with full programmatic control.

npm install @private.me/estatevault
TypeScript/JavaScript SDK
Full source access
Enterprise support available

Get Started →

🏢

On-Premise Upon Request

Enterprise CLI for compliance, air-gap, or data residency requirements.

Complete data sovereignty
Air-gap capable deployment
Custom SLA + dedicated support
Professional services included

Request Quote →

Enterprise On-Premise Deployment

While estateVault is primarily delivered as SaaS or SDK, we build dedicated on-premise infrastructure for customers with:

Regulatory mandates — HIPAA, SOX, FedRAMP, CMMC requiring self-hosted processing
Air-gapped environments — SCIF, classified networks, offline operations
Data residency requirements — EU GDPR, China data laws, government mandates
Custom integration needs — Embed in proprietary platforms, specialized workflows

Includes: Enterprise CLI, Docker/Kubernetes orchestration, RBAC, audit logging, and dedicated support.

Contact sales for assessment and pricing →