How does PingVaults protect my digital assets?

Your asset clues are encrypted in your browser using AES-256-GCM. The encryption key is derived from your personal question answers via PBKDF2. The server only ever receives ciphertext and can never read your data.

What is an Inactivity Switch?

An inactivity switch is an automatic trigger mechanism. The system sends periodic check-in emails. If you stop responding, it automatically delivers decryption hints to your pre-configured emergency contacts, ensuring your digital estate is passed on.

Can I access my data if PingVaults shuts down?

Yes. All encrypted data is permanently stored on the Arweave blockchain, accessible forever via TxID. We also provide a standalone offline HTML decryptor that works without any network connection or account.

Inactivity Switch · Zero-Knowledge · Arweave Permanent Storage

When you can no longer speak,it speaks for you._

PingVaults is a zero-knowledge digital vault — encrypt wallet keys, passwords, important notes, or anything you want to preserve forever, store it on-chain, and access it anytime. Add an inactivity switch: if you go silent for too long, decryption hints are automatically delivered to your trusted emergency contact.

Create My Vault →View / Edit Vault

// No password · Email verification login · Cancel anytime

./how_it_works.sh

$ step_01

Passwordless Login

Email OTP or Google login — no password to forget or leak. The platform verifies your identity only; your encrypted secrets stay untouched in the vault.

$ step_02

Browser-Local Encryption

Your knowledge-based answers (name, ID, custom questions) derive an AES-256-GCM key via PBKDF2 — entirely in your browser. The server receives only ciphertext, never your decryption keys.

$ step_03

Inactivity Switch Delivery

Configure your ping schedule. If you stop responding, the system sends your emergency contact the key schema, guiding questions, and an offline decryptor link. Answers are never transmitted.

// core_features[]

🔐

Zero-Knowledge Architecture

AES-256-GCM

Identity (email) and decryption (personal answers) are fully separated. Your backend record contains only ciphertext — no passwords, no keys, no plaintext ever stored server-side.

⛓

Arweave Permanent Storage

Arweave

Encrypted vault data is uploaded to Arweave's decentralized blockchain, generating an immutable TxID. Even if PingVaults shuts down, your ciphertext remains accessible forever via any Arweave gateway.

🔍

Open Source & Verifiable

Zero-Knowledge

Full source code on GitHub. The /verify page provides SHA-256 build-time source hashes and step-by-step JS bundle integrity checks — so you can confirm exactly what code is running.

👻

Configurable Inactivity Switch

Inactivity Switch

Set your initial wait (up to 365 days), reminder interval, and max ping count. AWS Lambda checks daily; your emergency contact is notified only after all reminders go unanswered.

$ cat trust.md

You don't have to trust us — verify it yourself

Our architecture makes "going rogue" technically impossible. Three independent proof chains anyone can check — no trust in our promises required.

⊕OPEN SOURCE

Encryption core is fully open source

PBKDF2 key derivation, AES-256-GCM encryption, offline decryptor — every line that touches plaintext is on GitHub. Audit it, run the tests, clone it.

⊗CSP ENFORCED

Browser enforces outbound request limits

Content-Security-Policy is enforced by your browser, not our server. JS can only reach whitelisted origins. Even if answers were written into a request, the browser itself would block it.

⊘DEVTOOLS PROOF

Network tab shows exactly what's sent

Open DevTools → Network while encrypting. Inspect the /api/vault/save payload. You'll see ciphertext, salt, iv — zero answer fields. See for yourself.

// // All verification methods require no account and no trust in us

Security architecture →$ verify now →

decrypt.html — offline mode

Offline Decryptor — No Server, No Account

Your emergency contact needs zero technical skills. Download this standalone HTML file, open it offline in any browser, paste the TxID + metadata JSON + their personal answers — and the vault decrypts instantly. No internet, no login, no PingVaults dependency.

// Single HTML file · Pure WebCrypto · No external requests · Works forever

⬇Download Offline Decryptor

$ sudo ./create_vault.sh

Your digital legacy, secured today.

Free to start. Zero-knowledge crypto inheritance planning for individuals who take privacy seriously.

Create My Vault → →