People have had to securely store and share secrets for a long time and many solutions exist to solve this problem. How do they stack up against our system?
Trusted Friend or Family Member
From before the advent of recorded history, people have trusted their closest friends and family with their secrets. After all, these are the people whom you can trust most in the world! Without the complexity of trusting an organization, placing your trust in a person(s) close to you seems like a simple solution to the problem. But when looked at more closely, you can find some downsides to this method:
- Placing trust in somebody else can burden them, and this is especially true with crypto. If somebody asked you to safeguard thousands of dollars of their crypto, wouldn’t you worry that your computer might get hacked? Would you want that kind of responsibility? A TC vault eliminates this burden by making sure the data you give them is encrypted and redundant, so if they lose or misplace it, there is no harm.
- Even if you can know for sure that they would never betray your trust, you cannot protect against them accidentally failing to keep your secrets safe. What if their house burns down? What if their housekeeper looks where they shouldn’t? What if their computer is hacked?
- If you are placing your trust in multiple people and one of them does betray it, it can be messy or impossible to find out which one did so. Not knowing who betrayed your trust will damage your relationships with all the people who could have.
- If you add more people to increase redundancy, you lose security as the amount of data you are protecting remains the same while the number of people who have the data increases. A TC vault solves this by making each “piece” of the data (sub-key) useless without the whole.
- If you want to protect against risks like natural disaster or a house fire, you must store copies of your secrets with a trusted party who is not located near you. If you have such a party, you must consider the security of the transmission mechanism, how will you get the information to them? E-mail? A TC vault eliminates this risk by enabling the copy you send them to be encrypted.
Your lawyer/estate planner/bank/etc
Of course, many people instead choose to trust their lawyer, estate planner, bank, or other organization to protect their secrets. These professional organizations exist to do so and have better practices for protecting your data than say your aunt or uncle. This method eliminates some of the risks associated with trusting friends or family members, but introduces a whole new set of risks:
- Third party risk: You may trust your lawyer or banker, but you must also trust many “third parties” in the transaction. Do you trust the other people in their office? How about their maintenance staff? If your data is stored electronically, can you trust that every single employee is security conscious enough to never download a virus? A TC vault eliminates third-party risk.
- Increased scrutiny: Nobody is thinking that your niece’s diary from high school holds the secret passphrase to your Bitcoin wallet, but a smart thief knows that a lawyer’s office is a treasure trove of valuable secrets. By commingling your secrets with others, you make them more of a target for theft in the first place. A TC vault looks just like a laptop or a flash drive and doesn’t stand out as a target for theft. And if it is stolen, it’s protected by encryption.
- Legal system: Much of the trust you place in third parties relies not on the security provided by those parties directly but on the strength of the legal system. Sure, an employee at the bank might steal your funds, but the bank has insurance to make sure you are compensated in such an event, and you can legally enforce your legal rights to that property if it goes missing. This works fine for your savings account, but things are different with crypto. Do you trust the bank or estate planner to remain solvent in the case of a large theft? How would you prove legally that it was their mismanagement of your crypto keys and not yours?
- They charge you ongoing fees for storing your secrets and may charge you transfer fees when you move them or pass them on to your heirs. A TC vault is a one-time cost.
Ledger/Trezor/other hardware wallets
Ledger and Trezor are companies that produce “hardware wallets” for protecting crypto, so this section only applies to those looking to protect crypto specifically. These devices are great for everyday spending and management of crypto, and they offer much better security assurances than simply running the wallet software on your computer. But they have several concerning downsides for safe, long-term storage of your crypto:
- You must trust the manufacturer of the hardware to not have any backdoors. There have been several major trust violations with hardware wallet companies in the past, and because their hardware/software is specifically used for storing crypto, it makes them a major target for supply-chain attacks and regulations aimed at reducing the control you have over your crypto.
- They provide no real mechanism for self-custody backups or protection against natural disasters. Storing a spare Trezor with a friend or family member introduces many of the same risks described above.
- These devices aren’t compatible with all crypto types and can’t store any other types of information (documents, passwords, etc)
- You still must store your recovery phrase somewhere securely outside of the hardware wallet itself. See other sections for the various ways to do this and risks they come with.
For more information, see our page comparing a TC vault to hardware wallets.
Sarcophagus and other “dead man switches” based on smart contracts
There are several tools which use Ethereum and other smart-contract blockchains to put your crypto on a “dead man switch”. These are useful and novel solutions but they have some limitations and risks
- These smart contracts are very new unlike the mature, battle-tested software used in TC vaults.
- The networks (like Ethereum) these smart contracts rely on are constantly upgrading and changing. For long-term storage, do you think your smart contract will be compatible with newer versions? If so, do you need to manually transfer your crypto to newer versions of the smart contract?
- If a security vulnerability is found in the smart contract, it is instantly exploitable for every user who relies on it. Such vulnerabilities are common even in “audited” smart contracts. A TC vault is stored offline, making it much more difficult to leverage a security vulnerability.
- These smart contracts can only store crypto keys or very small amounts of information, so they aren’t useful for documents or other secrets.
- They are an interesting tool for passing on assets to heirs, but what if you want to quickly access those assets? You may have to wait 30 days or whatever the length of your switch is, and every time you do, you incur gas and transaction fees.
- They can only protect assets on their own network. A smart contract on Ethereum can’t protect your Dogecoin and vice versa. If you hold many cryptos, this can get complicated quickly.
- If you are unable to ‘reset’ the dead man switch (either due to temporary incapacitation or a bug in the smart contract itself), they automatically send the funds to your intended recipients. A TC vault can require the cooperation of multiple recipients to unlock, preventing such a situation from happening.
- These tools require your heirs to already have a wallet setup and ready to receive funds, and they must keep track of and securely store seed phrases or other information required to access the funds. If you have multiple smart contracts or crypto types, it gets complicated quickly. A TC vault stores all your secrets and comes with step-by-step instructions for use which your heirs don’t need to even know unless something happens to you in the first place.
- They can’t protect you if you lose your private key or have a lapse of memory, whereas a TC vault can distribute sub-keys to trusted parties. This protects you from such an incident.