Security
If you're trusting a service with your digital legacy, you need to know what happens if that service shuts down. Here's how we've designed EstateHelm to ensure your data is always accessible—with or without us.
Digital legacy planning is meant to span decades. You're not just planning for next year—you're planning for 20, 30, or 50 years from now. Any honest assessment must acknowledge that most companies don't last that long.
These are legitimate questions. We've designed our architecture specifically to address them. Your data should survive longer than any particular company or service.
We've made several deliberate architectural decisions to ensure you're never locked in:
We use AES-256-GCM, the same encryption standard used by governments and banks worldwide. This isn't proprietary—any security professional can write code to decrypt it.
Your data is encrypted with industry-standard algorithms that will be supported for decades.
Your vault data is stored as standard JSON. No proprietary binary formats. Anyone with the encryption key can read the data structure.
If EstateHelm disappeared tomorrow, a competent developer could write a viewer in a day.
Your encryption keys are derived from your password. We never have access to your unencrypted data or your keys.
This is true end-to-end encryption—not “encrypted at rest” with keys we control.
You can export your complete vault at any time: structured data, attached files, everything.
Your data belongs to you. We provide it in portable, standard formats.
For users who want absolute certainty, we offer the Continuity Capsule: a completely self-contained, offline-accessible archive of your entire vault. This is the ultimate insurance policy against service discontinuation.
No internet connection required. Open index.html in any browser.
Uses standard web technologies. Will work in browsers 50 years from now.
Does not depend on EstateHelm servers, accounts, or infrastructure.
The capsule includes documentation for the data format and encryption.
Store the capsule on a USB drive, in cloud storage, or in a safe deposit box. Your family can open it decades from now without needing EstateHelm to exist.
For security professionals and technically-minded users, here's exactly what we use:
All of these are open standards with decades of support. A security researcher, developer, or even a motivated family member with technical skills could verify our implementation or create alternative tools to access the data.
Your Continuity Capsule continues to work indefinitely. It contains everything needed to access your data offline. Even without a capsule, your encrypted data export uses standard formats anyone can decrypt with your key.
Same as above. Additionally, we would provide notice and extended export periods. Your Continuity Capsule doesn't depend on any notice—it already works standalone.
You can always export your data before your subscription expires. The capsule you created while subscribed continues to work forever. We also provide grace periods for data export after subscription lapse.
Your Continuity Capsule works completely offline. No internet required. Store it on a USB drive in your safe for exactly this scenario.
The capsule uses the Web Crypto API, part of every browser since 2015. Include a portable browser on the same drive for absolute certainty—Chrome Portable, Edge Portable, etc.
Most digital services don't offer this level of independence. Here's how our approach compares:
| Approach | Service Dependency | Data Portability |
|---|---|---|
| Most SaaS apps | Complete dependency | Limited or no export |
| Password managers | Moderate (apps required) | Export available, needs app to read |
| Cloud storage | Complete dependency | Files portable, but account required |
| EstateHelm Capsule | None | Full data + viewer + docs |
Create a capsule and store it in a safe place separate from your primary EstateHelm use. Update it periodically when you make significant changes.
Keep copies on a USB drive, in cloud storage (the encryption protects it), and perhaps with your attorney or in a safe deposit box.
For absolute certainty, download Chrome Portable or Edge Portable and store it alongside your capsule. Zero dependencies.
The capsule is useless if no one knows about it. Make sure your beneficiaries know where to find it and have the credentials.
We've built EstateHelm assuming we might not exist forever. Your data uses standard encryption, standard formats, and comes with a completely self-contained viewer. If we disappeared tomorrow, your Continuity Capsule would work exactly as it does today—and will continue working for decades.
This isn't just good practice for us—it's essential for a service focused on legacy planning. If we're asking you to trust us with information meant to outlast you, that information must also be able to outlast us.