I'm not sure there's anything a service like this could do to assure me that (1) I can trust them, and (2) that they can actually make the UX of this meaningfully better, without compromising security fundamentally.
For now, I'm rocking:
* yubikeys pre-provisioned with keys given to select family members
* sops to encrypt my "will" to those keys
* sops-encrypted file hosted on google drive, pre-shared to select family members
Luckily I have enough technical family and friends that they would eventually figure out how to run `sops decrypt`. And/or enough funds that they can hire someone if need be.
Weakest part here is my BIP39 is not Shamir'd, so a rouge family member could empty my wallet. But I trust them. More than a third party presuming-for-profit service. :( Not to be a party-pooper, it's a neat idea.
totally understand your concerns, especially with your solid setup using Yubikeys and sops. We're actually adding Yubikey support for end-to-end encryption too, focusing on good UX without sacrificing security. Plus, we're using homomorphic encryption, so your data stays secure while you're alive, so family members could not empty you're wallets. Appreciate your feedback!
Are you planning to release source code? Without at minimum client sources matching the builds, all assertions of trustlessness are pretty void. Doing under a free/open-source license would address some further concerns about long-term sustainability (which seems especially relevant here).
We’re exploring the possibility of releasing some source code, but we’re not sure how that will fit into our overall development strategy. Transparency and trust are important to us, and we’ll keep your suggestions in mind as we move forward.
I can't remember why I didn't pursue this, something about the hardware wallets having a way to do the Shamir upfront? In a different way than just sharing the words. Such that each person winds up with 24 words rather than a subset.
Anyway, I decided I didn't want to migrate my wallet, so I'll look into this. Arbitrary key support is also interesting. Thanks for the tip!
Yes, there are hardware wallets that support SLIP-39 natively; however, the sequence of derived wallets is different than that produced when you take the same seed and save it as a BIP-39 and derive the wallets from the BIP-39 mnemonics.
Using the app, we actually produce the SLIP-39 recovery mnemonics from the underlying BIP-39 seed, and since we can recover the underlying seed, we can regenerate the BIP-39 mnemonics, and import that into a standard hardware wallet.
> Securely store crypto wallets, investments, bank details, emails, logins, and notes in Cipherwill.
I don’t have any investments or crypto and, sorry, if I ever did I wouldn’t trust you with that info and give you the means to rob and/or steal my identity. That’s a bold ask with a closed source app.
I built my own dead man’s switch, which lives in the open on GitHub. It’s a simple rails app w/ encrypted tables and some background jobs to send email checks and reset numbers, or blast out info if you’re not answering. I have no valuable info to put in it.
I wouldn't trust a third party for slightly different reasons. Even if they are ideal perfect angels, some one could buy them later. Someone could hack them and find some obscure flaw or worse sloppy backend that allows the hacker to go full tilt. Personally, they have way more cojones that I do to even contemplate taking the risk with this.
Hey, I totally get your concerns — trust is crucial with personal data. It's awesome, you've built your own dead man's switch on GitHub! Our encryption means we can’t access your info — it’s yours and your beneficiaries’. But if your setup works for you, that’s great. Thanks for sharing!
Private keys are generated locally from your security factors during setup. We’ll ensure the "How It Works" section is more detailed and add pages for live monitoring that display decentralized storage usage and access details.
> Each security factor is represented by a public/private key pair, which is used to encrypt your data on your device.
So where are the private keys stored? AFAICT, this is just a web app and I know of no way to securely store a private key from one. Even if there is a desktop application and my private key is stored there, what happens if I lose my desktop? Am I locked out of my will permanently?
> Cipherwill uses Homomorphic encryption to encrypt data pods again, creating a "time capsule" key. This key ensures that the data remains encrypted and inaccessible until a specified time.
Is there anything preventing you from releasing these "time capsule" keys ahead of schedule other than good will?
> Data pods are encrypted using 256 or 512 AES encryption
512 AES encryption? Seeing as AES only goes up to 256, you aren't exactly inspiring confidence here.
> If you and your beneficiaries have security factors enabled, it is impossible for anyone, including Cipherwill, to access or decrypt your data.
So it's end-to-end encrypted only if me and my beneficiaries all choose it to be? That is a very different claim from what's on your main page.
Overall, this "how it works" page is too vague for my liking, and I wouldn't trust this website with my will.
What are these "security factors" you keep mentioning? It's a vague term and I don't see a definition on your website. Can you also describe how private keys are derived from them? That's what I'm most curious about. Is this derivation process something that could be replicated by an attacker?
"strict protocols" refer to our will execution schedule, which ensures that the keys are only accessible after the switch is triggered. Even if someone were to hack the system and access the keys before execution, only the designated beneficiaries would have the ability to decrypt the data.
To be honest, you've lost confidence from me. The whole thread people have been asking for reassurance and some detail, but it feels like you are intentionally skirting over the detail when asked.
I'm sure the product has potential, and lots of effort has gone into it. I also see that criticism is hard, but if you can't be open about these basic questions then there are fundamental problems.
I should say, I'm a fan of crypto' (both types) and i'm likely your target market because currently my plans after death are not nearly as secure as i'd like!
Since your service is centralized, what is the sequence of events that leads to my digital data being disclosed without my consent/death? For example, if I am a beneficiary of Jane Doe, and I hack Cipherwill, can I get the keys I need to steal Jane Doe’s data while she is alive?
Cipherwill’s encryption is designed so that even if someone hacks the platform, they can’t access anyone’s data. The encryption keys are split between the user and their beneficiaries, and no one — including us — can access the data without the owner’s consent or passing. So, even if you're a beneficiary, you can’t get Jane Doe’s data while she’s alive.
You’re in the fun phase of designing the tech, but that’s not where the problem lies. I don’t trust you at all. You can tell me about the system you’ve designed, but I only have your word that it really works that way. Trust is 90% of your problem, and the tech is only 10%. I can’t think of anything you could write that would change that. I guess I have to trust my bank with my safe deposit box, but there I see keys, sign in sheets, staff that I recognize that are watching each other enter the vault, etc. How will a website mimic that?
I completely understand — building trust is key, and we’re working on adding transparency through decentralization and exploring open-sourcing to give users more control over their data.
How will you prove the decentralization is real and not some BS written by a scammer? How will you prove your app matches the open source to someone that can’t compile it themselves?
Where an how is user data stored? Do you use cloud providers/SaaS and in which jurisdiction? Considering legal requests for user data are being served, location/jurisdiction for both CipherWill and its servers are important and I don't seem to find this mentioned.
Aside, but I don't think I'm alone in considering this a non-starter combined with the whole stack including the client being closed-source.
Fresh advertising but still needs way more transparency (and a round of eyes on your ToS and Privacy Policy) to not look like a honeypot.
We’re committed to transparency and are exploring ways to improve our documentation, including our Terms of Service and Privacy Policy. Your input is valuable, and we’ll take it into account as we develop the platform further.
> Where an how is user data stored? Do you use cloud providers/SaaS and in which jurisdiction? Considering legal requests for user data are being served, location/jurisdiction for both CipherWill and its servers are important and I don't seem to find this mentioned.
If Cipherwill goes out of business, we'll make sure to share your data with you so you won't be stuck without a solution. Plus, Cipherwill's data is hosted on blockchain, which helps ensure we won't go out of service.
I feel like these services have a chicken egg dilemma.
For example, I'm highly interested in it, but don't sign up because I don't know if they'll be around in a year or 10. So I'd like to see one long established before going all in, but it's hard for one to get long established without early users.
I totally get that dilemma! It’s hard to commit without knowing if a service will be around long-term. Cipherwill is dedicated to the long haul and is also hosted on decentralized blockchain storage for added security and longevity.
Thanks for taking the time to reply. I'm definitely interested - I'll certainly be keeping an eye on it. It'd probably be nice to try to assuage uncertainty in the FAQ somewhere if not already as a long term vision/plans comes into focus.
we'll notify your beneficiaries and ensure that your data is accessed by them. We employ homomorphic encryption in cases where beneficiaries choose to switch/update/upgrade existing factors without notifying data owner.
I mean, just a regular will can cover all of this for you. For real assets listed on the page such as real estate, investments, etc, a will is the only real way to sort those out actually (unless you want whatever the default proceeding is where you're from). If you're the inheritor of someone, you can't just go and transfer their bank contents to your own account. As for things such as files, pictures, etc, you can write a master password down in your will if it's that important, but not important enough to share ahead of time. Most people I know though just share their password with their husband/wife.
This looks like a SaaS solution in search of a problem.
I'm with you. The whole time I was reading the copy on the site, I kept thinking "What's wrong with a normal will and a lawyer?" Even crypto can be handled via a will if you're smart about it.
I have a document that contains all of our subscriptions, our key information, contacts, last will, etc, that I update monthly, put on a thumb drive, and hide in a place my wife knows. I can't encrypt it because she isn't tech savvy enough, but physical obscurity is enough for me. I encrypt the copy on my PC. I also print out a copy and have it in our lockbox.
In addition, we have a shared password manager with a Yubikey that she has access to for MFA, and she knows the password.
If we both die at the same time, one of my close friends knows where all of this is and can provide to the lawyer handling our kids provenance.
I don't have much crypto because I think it's by and large a scam market, but it's on a drive that is described in the document on the USB.
At the end of the day, the things that are important to me are written down as physical copies. We print off photos and put them in photo books. My favorite music is on CDs.
All that said, I see the real benefit in a service like this for the older generation like my in-laws. I've had multiple conversations with him about the passwords to all their online accounts and all their critical information, and all their passwords are just stored in his Google Chrome password manager. My MIL doesn't know the password to his Chrome account. If he dies first, she's going to have a helluva time getting access to everything. So if he could sign up to a service like this that we could trust, it would be immensely helpful.
I understand your point — traditional wills are essential for physical assets. However, Cipherwill specifically addresses the complexities of digital assets (crypto and other data) which aren't always covered by standard wills. It provides a secure way to manage online accounts and sensitive data. Thanks for sharing!
For now, I'm rocking:
* yubikeys pre-provisioned with keys given to select family members
* sops to encrypt my "will" to those keys
* sops-encrypted file hosted on google drive, pre-shared to select family members
Luckily I have enough technical family and friends that they would eventually figure out how to run `sops decrypt`. And/or enough funds that they can hire someone if need be.
Weakest part here is my BIP39 is not Shamir'd, so a rouge family member could empty my wallet. But I trust them. More than a third party presuming-for-profit service. :( Not to be a party-pooper, it's a neat idea.
(edit, s/bip32/bip39/g)