FM 09 Emergency backup · threshold recovery Rev. 2026.06 FIELD MANUAL

Emergency backup

A recovery scheme for the worst day.

One scheme. The keys, codes, and credentials you cannot afford to lose. Split across the people and places you trust. Recovery runs offline from your archive. We store nothing.

See plans → Try it free

§ 01 · Failure modes

What the scheme is for.

Recurring patterns

Single-point loss

The device that died.

Phone, laptop, hardware wallet. Held the seed phrase, the recovery codes, or the master password. No backup that anyone can name.

Personnel loss

The person who knew.

Stroke. Sudden death. Total estrangement. The one person who held the credential is no longer reachable, and no one else has it.

Location loss

The place that's gone.

Fire, flood, theft, sale of the house. The safe, the drawer, the metal plate, the deposit box. Single location, single fate.

Vendor loss

The service that shut down.

Custodian acquired and migrated. Cloud backup retired. Password manager hit by breach or outage on the worst possible day.

Coercion

The pressure on one holder.

Phishing call, kidnapping scenario, social engineering. Any single individual with full access is, eventually, the target.

Quiet decay

The password nobody updated.

A recovery email that no longer exists. A phone number that was reassigned. The slow drift that converts a working backup into a dead one.

§ 02 · Procedure

Five steps. One sitting.

Runs entirely in your browser.

Step 01

Gather

Bundle the secrets you cannot afford to lose into one place.

Step 02

Encrypt

AES-256-GCM in your browser. The ciphertext is meaningless without the key.

Step 03

Split

The key divides into N shares. Below threshold K, each is noise.

Step 04

Distribute

Hand each shard to its holder. One card, one protocol, one role.

Step 05

Review

Annual checklist. People change. The scheme adapts before it breaks.

The backup that works on the worst day is the backup no single failure can reach.

Threshold Vault · FM 09 principle

§ 03 · Cryptographic spec

Two layers. Both open.

i Layer I · Cipher

AES-256-GCM encrypts

Authenticated symmetric encryption. GCM mode detects tampering on recovery. Without the key, the ciphertext is meaningless and indistinguishable from random.

AlgorithmAES-256

ModeGCM

AuthYes

ii Layer II · Scheme

Shamir splits the key

From Adi Shamir's 1979 paper. Each share is a point on a polynomial over GF(256). K points reconstruct it. Fewer than K reveal zero information.

SchemeK-of-N

FieldGF(256)

Vectors51 verified

Provable, not promised · Open source

Source → Security model →

§ 04 · Holder roster

Three holders. Any two recover.

Threshold 2 / 3

i.Share 01

Home safe

Fireproof safe at the primary residence. Sealed, dated, indexed.

ii.Share 02

Trusted person

A separate household. Verified channel. Read-only protocol.

iii.Share 03

Deposit box

Neutral institution. Different jurisdiction where possible.

+Optional

Counsel copy

For higher-stakes schemes, scale to 3-of-5 with additional holders.

2 Any two of three reconstruct. No single loss is fatal. No single holder, alone, can act.

Server-side state

What the server receives.

Secret bundle — never transmitted.
Encryption key — generated locally.
Shamir shares — produced in your browser.
Recovery — runs offline, from your archive.

§ 05 · Field Q&A

The questions that recur.

The shard cards still recover. The recovery tool ships inside your archive and runs offline. The cryptographic core is open source with published test vectors. The scheme is engineered to outlive the company that produced it.

No. Password managers handle day-to-day operational access. This scheme handles the small set of credentials whose loss would be catastrophic. Both, used together, for different threat models.

The threshold is set below the holder count for exactly this. A 2-of-3 survives losing one holder. The Lost-Holder Replacement Plan walks the remaining holders through reissuing a new share calmly and on a schedule.

Annually. People move. Roles change. The Annual Review Checklist included with Guardian and Legacy makes maintenance a calendar entry rather than a crisis discovery. Twenty minutes a year, then back to forgetting it exists.

Yes. The recovery tool ships inside the archive. Holders convene, combine shares, and reconstruct entirely offline. Your network does not need us, your browser does not need us, your laptop does not need us. The arrangement is designed to assume we are not here.

End of manual

Build the backup you would want on the worst day.

Try the cryptography on a throwaway value. No signup. When you are ready, the plans are one step away.

Try it free → See plans →