Welcome to Inheriti Q&A


If you have an Inheriti related question, please ask us! For all other inquiries that are SafeHaven/SafeTech related, across all our platforms, try to contact a community mod by joining our

Before posting new topics, try to find the information you need in our online docs.


How is it ensured that the SafeKeys can be decrypted even without Inheriti? Assuming that for some reason the passphrases are lost, there is no way to decrypt the data. This seems to me to be a single point of failure. Of course I could keep the passphrase as the creator. But an unlucky timing could lead to a complete loss. Or is there some kind of decentralized system behing inherity that ensures data availabilty of these passphrases while keeping them secret?

First of all you have to know that we don’t decrypt the safekeys with the passphrase you mentioned here earlier, de decryption of the safekey data is realized through 256-bit AES-CBCESSIV, and the master key is wrapped by AES256-CBC with key based on PBKDF2 hash, derived from user PIN
Please go read more about this here : https://docs.inheriti.com/6%20HL%20Design/#internal-storage-encryption. The passphrase is used to decrypt de Blockchain stored shares (DMS shares, validator shares , backup shares, …) once the private key is retrieved from the safekeys during the merge process. (wanted to have this cleared up first)

The concern that you are referring to is grounded if this was to happen in a non reduntant infrastructure, which is certainly not the case. We store the passphrase in our cloud based RDS databases, where all data encrypted in rest and backuped and stored on multiple aws zones due the usage of read replica’s
see the following for more information :


Well first of all thanks for the reply Jurgen.

However, there are still some things regarding the passphrases that are unclear to us.

You store all the passphrases in YOUR cloud based RDS databases. Doesn’t that make it some kind of centralized? Databases could get deleted, their services (f.e. Amazon) deactivated or even worse hacked. Or in another scenario, you could shut down your services (Inheriti etc.)

I know the passphrases alone can’t really do any harm but without them, the whole merging process would fail. Thats still seems to me like a single point of failure.

One could give the passphrases, for example, to his own lawyer or an executor to avoid all of this.

Cryptographically speaking it’s 100% decentralised as when you use asynchronous algorithms, public, private key and passphrases are stored in different topology layers.

Also giving this small piece of access data to a lawyer does not solve your worries… giving it to your laywer can also be considered, to quote you… centralised.


In the case that 1 of 8 safekeys U2F devices used to create an inheritance plan is lost prior to a merger, must the other 7 devices be recalled and reprogrammed with a new inheritance contract, or could the single device lost be replaced and the required contract data for safekey 8/8 be written to the device separately?


This depends on the threshold you configure, if you configure that 8 stakeholders are needed in order to start the merge process and you did not selected any backup shares, well than in case of lost, the plan will not be recoverable. So solution to this, is to select backup shares and/or lower the threshold of stakeholders needed to successfully merge the plan.

In conjunction to all of this, our SafeKey API’s are prepared to be able to back up your SafeKey to another SafeKey or to the cloud (so it can be imported in case of loss)

These backup possibilities are going to be added soon in our SafeKey Desktop application