What's a crypto recovery plan?
A crypto recovery plan helps your family access the crypto assets within your wallets in the event something happens to you.
While your family can easily access the wallets managed by custodial wallet providers such as Coinbase or Robinhood, non-custodial wallets are at risk of being permanently lost if nothing is done to make sure someone can access the seed phrases and keys that secure the assets they contain.
Posterity’s Crypto Vault helps you solve this problem by allowing you to leave recovery instructions to your loved ones in an end-to-end encrypted vault. Should something happen to you, they can submit a death certificate to access the vault and open it with a recovery key you previously shared with them.
It comes with three important benefits:
- It preserves your anonymity and privacy with true end-to-end encryption, and no possible way for Posterity to see any sensitive content;
- It requires that your family submits a valid and verifiable death certificate to us before they can decrypt the content of your vault;
- It’s designed for people with loved ones who may not be familiar with crypto assets and the complex security requirements they come with.
Who is this for?
Posterity’s Crypto Vault is for you if:
- You use non-custodial wallet apps such as MetaMask, Phantom or Temple Wallet;
- Your loved ones don’t know much about crypto assets, or find keeping up with the security requirements challenging;
- You want to make sure your assets can only be accessed by somebody other than yourself, if and only if, something happens to you.
How does it work?
Our solution is a simple arrangement between you, your loved ones, and Posterity:
- You leave recovery instructions and details about your wallets in a vault encrypted with a passphrase only known to you;
- Keyholders receive recovery keys from you that will one day serve to decrypt the content of your vault;
- Posterity keeps your vault encrypted and hidden until it’s informed of your passing and can formally verify it.
In other words, your vault is private and safe as long as you’re alive. Your keyholders can decrypt it, but only if we can formally verified your death.
Setup is as simple as writing down the secure passphrase (24 words) that will generated for you, and choosing the people you’d like to designate as keyholders.
At the end of the process, you’ll receive a PDF document that will contain an emergency kit for you, and a recovery kit for each one of your keyholders, along with the instructions they would need to start a recovery process in the event something happens to you.
Onboarding of keyholders
Your designated keyholders will be invited to sign up and join your plan on Posterity. They will have access to all the arrangements you shared with them, but the content of your crypto vault will remain out of reach for everyone other than yourself for as long as you’re alive.
After setup, you can add as many wallets as you like, as well as leave wallet-specific instructions to your loved ones. See the types of instructions you can choose from.
Every few months, you can expect reminders from us to make sure:
- The encrypted information about your crypto assets is up-to-date;
- The list of your keyholders is still to your satisfaction.
In the event something happens to you, your keyholders will be able to log in to their accounts and report your death.
We’ll verify your death, after which, we’ll initiative the recovery process, and allow your loved ones to use the recovery keys in their PDF documents to decrypt the information you left in your vault. It’s important that they keep their PDF documents safe, because that is the only way to decrypt your vault. Posterity has no access to that information.
The decryption process will happen locally on the device of the keyholder, so no sensitive information is ever revealed to Posterity. For transparency, Posterity will keep every keyholders informed of the actions taken by the others. For example, the initiation of a recovery process.
What are my options?
For each wallet, you may choose one of three ways to leave recovery information to your keyholders. Your choice will most likely depend on your current setup and how tech-savvy your keyholders are.
Regardless of the method you choose, our goal is to make sure we can support your family from the moment they open the vault, to their first on-chain transaction. This means educating them on the security requirements, and providing them with chain-specific instructions to get their hands on the wallets you left behind.
You can choose to leave your seed phrase in an encrypted form. This is probably the easiest for your keyholders, as we can provide them with step-by-step instructions during recovery.
Treasure hunts are ideal for users who would rather leave instructions offline, and would like to leave their loved ones indication on where to find them. This is particularly useful when hardware wallets are involved.
The convenience comes from allowing you to keep the instructions secret until they’re needed, if ever.
This option is provided mainly to support wallets created in the early days of crypto, and is probably best avoided if your keyholders are not tech-savvy.
It simply allows you to upload a key pair that correspond to a wallet.
How is my data encrypted?
Posterity’s Crypto Vault uses state-of-the-art cryptography. In fact, it uses the same standards and technologies that gave birth to the crypto assets you may be interested in protecting.
True end-to-end encryption
We use true end-to-end encryption, which means that your data is encrypted and decrypted locally on your device before it’s transmitted to our servers over a TLS encrypted tunnel. It never, ever leaves your device in a clear form.
Passphrases and recovery keys
Your passphrase and the recovery phrases of your keyholders are all BIP39 mnemonic secrets, the same standard used by wallets such as Metamask and others.
The system is designed so that you can easily add or revoke access to one keyholder without affecting the security of your vault or the other keyholders.
Your vault is encrypted using AES-256-GCM, and can only be decrypted with your passphrase.
For your keyholders, Posterity maintains a copy of your vault that is in fact encrypted twice; First, using AES-256-GCM with a key derived from the recovery phrase you hand over to them; Then, using the public half of an RSA 4096-bit key owned by Posterity.
The second layer of encryption is lifted when a keyholder submits a valid death certificate, so they can use their recovery key to decrypt their copy of the vault. In addition to the death certificate, the keyholder will need to identify with an ID that matches the name and date of birth we have on record.
This ensures that:
- Posterity is never in a position to view the decrypted content of your vault, because it neither has access to your passphrase, nor to your keyholders’ recovery phrases;
- Your keyholders can only open your vault after we have verified your death and the cooldown period you specified has passed.
What can Posterity see?
Your Crypto Vault is designed so the information inside it can never be revealed to Posterity, whether it’s before, during or after a recovery process.
What Posterity cannot see
Posterity and its employees can never see:
- The wallets you own;
- The kind or content of the wallets you own;
- The passphrase of your vault;
- The recovery keys of your keyholders;
- The instructions you left for each wallet.
What Posterity can see
Our knowledge is limited to:
- Who you are, so we can it verify whether the death certificate submitted by your loved ones is yours or not;
- Who your keyholders are, so we can verify that the recovery keys they’re holding were meant for them and were not stolen.
How do you verify a death?
Your keyholders will need to report your death by submitting a certified copy of your official death certificate. They’ll be able to do so directly from their own account, first created when you designated them as a keyholder.
While your legal representative and the other people with whom you’ve shared arrangements with on Posterity can also report your death, only keyholders in possession of their recovery keys can decrypt your vault.
Learn more about how Posterity handles death verification.