Split any sensitive secret, seed phrase, private key, password, or recovery code, into M-of-N shard cards. Any M can recover it. Fewer than M cannot reconstruct the encryption key.
Four steps, performed entirely inside your browser. No account, no upload, no server-side processing.
Seed phrase, private key, password, recovery code, or any short text up to 4 KB.
Pick 2-of-3, 3-of-5, 5-of-7, or any custom M-of-N up to your tier limit.
Print, engrave, write down, or distribute to trusted holders. Never store all shards together.
Any M shards reconstruct the encryption key needed to decrypt the original secret locally in the browser. Fewer than M cannot reconstruct that key.
Pass on a self-custody wallet to family without giving any single person full access during your lifetime.
Protect access to your password manager's master key against device loss, fire, or single-point compromise.
Ensure operational secrets survive personnel changes, executive departures, or the sudden incapacity of any one officer.
Back up a wallet seed phrase with no single point of failure, not one metal plate in one drawer. Any threshold restores it.
Threshold backup for protocol-level recovery secrets. Distinct from operational multisig, for when signing keys must be reconstructed.
Distribute custody secrets across principal, fiduciaries, and counsel without granting any single party unilateral access.
Make sure the people you trust can reach your accounts and documents when you are gone, without handing anyone the keys while you are here.
The one secret a company cannot lose if a founder is suddenly gone. Reconstructable by trusted parties, held by no single one.
A complete backup for personal use. Survives one device loss or one location compromise.
Information-theoretic security: the threshold split itself does not depend on computational hardness.
The cryptography is free and runs in your browser. Personal and Guardian deliver a complete digital archive you download immediately. Legacy ships physical kits, assembled individually in Orlando, within two weeks.
For individuals protecting one important backup
For families, partners, and teams with real holders to guide
For inheritance ceremonies and high-stakes recovery plans
See the full kit details, materials, and per-tier breakdown.
View all kits →Self-hosted on your own infrastructure. If you stop checking in, it delivers a message you wrote to people you chose. A separate product from the vault kits. Choose how much we help.
The same switch, with a guide that walks you through every step.
You host it; you hold the keys. We just make the setup painless.
Get the kit →Don't touch a thing. We build it and hand you a working switch.
One-time setup with 30 days of support. The switch then runs on infrastructure you own.
Get set up →We watch your dead-man switch and tell you if it goes quiet.
Monitoring is a safety net, not custody. Your switch keeps working whether or not you subscribe.
Start monitoring →Comfortable with the command line? The switch is open source. Verify it or build it yourself on GitHub.
Personal and Guardian orders are fulfilled as digital archives, delivered by email within one business day. The archive contains your shard cards as PDF, offline recovery tools, and holder-briefing documents.
All tiers include access to the browser-based splitting and reconstruction tool.
You don't have to. The Shamir Secret Sharing protocol itself is free, and any open-source implementation will produce mathematically identical shards. What we charge for is everything around the protocol:
You pay for a thing that arrives at your door. Not for the cryptography, that part is yours, and free.
No. The kit is designed for someone who has never used a cryptocurrency wallet. The setup booklet walks you through generation in plain language, and the recovery manual is written for heirs who may have no technical background at all.
If you're protecting a seed phrase, you obviously have some familiarity with crypto, but your spouse, child, lawyer, or executor does not. That is the point.
No. It works for any short secret: BIP-39 seed phrases, private keys, password manager master passwords, recovery codes, encryption keys, or arbitrary text up to 4 KB. The cryptography does not care what the secret means, only that it is a secret.
No. Threshold Vault never receives or stores your secret or your shards. Recovery requires possession of any M of the N shards you generated. If those are lost, the secret cannot be recovered by us or by anyone.
This is the cost of the security guarantee. The same property that makes Threshold Vault safe against compromise (we have nothing to lose) also means we cannot help you recover from a loss of too many shards.
Not unless they collude with enough other holders to reach the threshold M. A single shard card cannot reconstruct the encryption key or reveal the protected secret on its own.
It does still display metadata by design, tier, holder identifier, threshold parameters, and a card ID, so the claim is precise rather than absolute.
If you fall below the threshold M, the secret is mathematically unrecoverable. The same property that keeps fewer-than-threshold cards from reconstructing the encryption key also means M − 1 cards cannot recover the secret for you.
The practical implication: choose holders who are likely to be reachable when you need them, and choose a threshold that builds in redundancy. 3-of-5 is the recommended default precisely because it tolerates two lost shards before recovery becomes impossible.
The core split/recover path does not rely on public-key cryptography or blockchain signing. Threshold Vault encrypts your secret locally with AES-256-GCM, then splits the encryption key with Shamir's Secret Sharing.
Shamir's portion is information-theoretically secure, and AES-256 remains strong against known quantum attacks. We do not call the product quantum-proof overall, because that would overstate what the math can certify. The broader threat model still includes malware, phishing, printer leakage, and physical theft.
Yes, and we recommend it for high-value secrets. Load the page once, disconnect from the internet, then perform the split or recovery. The codebase can also be cloned and run locally, see the run offline section for the procedure.
The Legacy tier explicitly supports air-gapped setup, walking you through how to run the split on a never-connected machine.
Personal and Guardian archives are delivered by email within one business day of payment confirmation. No physical shipment occurs.
Legacy physical kits are assembled in our Orlando workshop and dispatch within two weeks of order confirmation. Transit after dispatch: 3–5 business days in the United States, 7–14 business days internationally.
You receive tracking by email the moment your Legacy kit leaves our facility.
Your scheme keeps working. This is the most important thing to understand about the product.
Because Threshold Vault never sees your secret and never holds your shards, our continued existence is not required for you to recover. The offline recovery manual in your kit explains how to reconstruct using:
The trust model is not "Threshold Vault stays in business forever." The trust model is that the mathematics is permanent, the open-source tools are permanent, and your printed materials are designed to outlive us.
Your scheme tolerates lost holders up to N minus M. In a 3-of-5 scheme, you can lose two holders entirely and still recover. That is a deliberate design choice, schemes should always have built-in redundancy.
If a holder becomes unavailable, you can also redistribute, generate a new set of shards from the original secret, distribute to a new set of holders, and have the old holders destroy theirs. The Recovery Manual includes the procedure. Guardian and Legacy tiers include a written Lost-Holder Replacement Plan matched to your specific scheme.
No. Threshold Vault is a cryptographic tool, not a legal service. Nothing on this website, in our documentation, or in our communication constitutes financial, legal, tax, or estate-planning advice.
For matters involving inheritance, estate planning, tax treatment of digital assets, or fiduciary duties, consult a qualified professional. Many customers integrate Threshold Vault into a broader estate plan, but the legal architecture (wills, trusts, powers of attorney) is something a lawyer should build alongside the cryptographic scheme.
A separate product from the shard kits. It is a check-in timer: on a schedule you set, you confirm you are still here with a single tap or command. Miss your check-ins, past a warning and a grace period, and it sends a message you wrote in advance to the people you chose. It is how you tell your holders it's time to act without anyone having to guess whether the moment has come.
No. The switch never contains your secret, your seed phrase, or any shard. It carries one thing: the message you wrote, the go act now signal. The keys themselves stay exactly where they always were, in the shards you already handed to your holders.
We hold zero. That is the whole approach. The same way Threshold Vault never sees your secret during a split, the switch is built so it cannot hold one. A triggered switch tells your people to begin recovery; it does not, and structurally cannot, hand them the keys.
No. The Self-Hosted Kit runs entirely on your own Cloudflare account and sends through your own email key. We are not in the runtime path. If Threshold Vault disappeared tomorrow, your switch keeps counting down and keeps delivering, because nothing about it routes through us.
The code is open source: verify it or build it yourself, then deploy a build you signed off on.
Monitoring is a read-only health check. We can see whether your switch is reachable and which stage it is in. We cannot check in on your behalf, cannot change its settings, and cannot make it fire. It uses a separate read-only credential that authorizes status only.
If you stop paying, you get a 60-day grace window, and your switch keeps running the entire time. Monitoring lapsing never touches the switch itself, at worst, we stop watching it.
Checking in, testing, and resetting all require your private check-in token; without it the switch ignores commands. Your message stays sealed until the switch actually fires, and we recommend recipient aliases rather than real inboxes so even the recipient list reveals little.
And because the switch holds no keys, a compromised switch still cannot expose your secret. The worst case is a premature go act message, which your holders can verify out-of-band before doing anything.