SafeKeeper.life - Secure by design

Your data is always 100% yours We never store your data

Back to Documentation

Emergency Triggers User Guide

User Guide

User Guide: Emergency Triggers

Overview

Emergency triggers are automated mechanisms that seal your Safe and distribute shared Keys to designated Keyholders when specific conditions are met. This ensures your credentials can be accessed by trusted individuals in emergency situations, even if you’re unable to manually trigger the seal yourself.

How It Works

When you lock your Safe with emergency triggers enabled:

  1. Pre-encryption: Your Safe’s encryption Key is split using Shamir’s Secret Sharing and pre-encrypted for each trigger type
  2. Monitoring: Background monitors watch for trigger conditions
  3. Automatic Sealing: When a trigger fires, the Safe is automatically sealed and shared Keys (pieces of the encryption Key) are distributed to your Keyholders
  4. Reveal Process: Your Keyholders can then use their Keys to reveal your credentials

Important: You must configure triggers BEFORE locking your Safe. Trigger settings cannot be changed after locking.

Trigger Types

SafekeeperLife supports four types of emergency triggers:

1. Manual Trigger

What it is: You manually initiate the seal process, typically when you know you’re in a terminal situation.

When to use:

  • As a baseline safety mechanism (always enabled by default)
  • When you want complete control over when Keys are distributed
  • As a backup to other automated triggers
Configuration 
Enabled: true (default, cannot be disabled)

How it works:

  • You generate QR codes for your Keyholders
  • Each Keyholder scans their unique QR code to receive their Key
  • No automatic distribution occurs

2. Inactivity Trigger

What it is: Automatically seals your Safe if you don’t log in or interact with the system for a specified period.

When to use:

  • You’re concerned about sudden incapacitation
  • You want a time-based safety net
  • You check in regularly (e.g., monthly or quarterly)
Configuration 
Enabled: true/false
Inactivity Period: Number of days (e.g., 180 days)
Grace Period: Number of days (e.g., 14 days)

How it works:

  1. Your activity is tracked automatically when you log in or manage safes
  2. After the inactivity period passes without activity, a grace period begins
  3. You receive warning emails at:
    • Start of grace period (Day 0)
    • Midpoint (e.g., Day 7 of 14)
    • Final day before sealing
  4. If you don’t log in during the grace period, the Safe is automatically sealed
  5. Keys are emailed to all designated Keyholders
Example Timeline (180 days inactivity + 14 day grace period):
  • Day 0-179: Normal activity tracking
  • Day 180: Grace period begins, warning email sent
  • Day 187: Midpoint warning email sent
  • Day 193: Final warning email sent
  • Day 194: Safe automatically sealed if no activity

Best Practices:

  • Set inactivity period based on your typical login frequency (add buffer)
  • Use a grace period that gives you time to respond (7-14 days recommended)
  • Keep your email address up to date
  • Consider calendar reminders before your inactivity threshold

3. Attestation Trigger

What it is: Automatically seals your Safe when a threshold number of designated Voters attest that you are deceased.

When to use:

  • You want trusted individuals to collectively verify your death
  • You prefer human verification over time-based triggers
  • You have reliable, trustworthy contacts who would know of your death
Configuration 
Enabled: true/false
Votes Required: Number (e.g., 3 of 5 Voters)
Voters: List of designated Voters (may be separate from Keyholders)

How it works:

  1. You designate Voters (can overlap with Keyholders, but not required)
  2. Voters can log in and attest that you are deceased
  3. When the required number of attestations is reached, the Safe is automatically sealed
  4. Keys are distributed to your Keyholders (not necessarily the Voters)
  5. If you log in at any time, all attestations are cleared (proving you’re alive)

Important Constraints:

  • M > k: Votes required must be GREATER than your threshold
    • Example: If threshold is 2, you need at least 3 votes
    • This prevents the same group from both sealing AND revealing
  • M ≤ V: Votes required must be less than or equal to total Voters
    • Example: If you require 3 votes, you need at least 3 Voters

Best Practices:

  • Choose Voters who would reliably know of your death (family, close friends, attorney)
  • Separate Voters from Keyholders for added security
  • Use M > k constraint: require more votes than your reveal threshold
  • Brief Voters on their role and responsibility
Example Setup 
Threshold: 2 (need 2 Keys to reveal)
Voters: 5 trusted contacts
Votes Required: 3 (more than threshold of 2)
Keyholders: 3 designated recipients (may overlap with Voters)

4. Scheduled Trigger

What it is: Automatically seals your Safe on a specific future date.

When to use:

  • You have a known timeline for Key distribution
  • Estate planning with specific date requirements
  • Combining with other legal instruments that activate on a date
Configuration 
Enabled: true/false
Seal Date: YYYY-MM-DD (future date)

How it works:

  1. You set a specific date when the Safe should seal
  2. Reminder emails are sent at:
    • 30 days before scheduled date
    • 7 days before scheduled date
    • 1 day before scheduled date
  3. On the scheduled date, the Safe is automatically sealed
  4. Keys are distributed to all designated Keyholders

Best Practices:

  • Choose a date well in the future that aligns with your estate planning
  • Consider combining with attestation for flexibility
  • Update the date if your circumstances change (requires unlocking and re-locking)
  • Ensure Keyholders know to expect Keys on this date

Combining Triggers

You can enable multiple triggers simultaneously. The FIRST trigger to fire will seal the Safe.

Common Combinations:

  1. Inactivity + Attestation (Recommended)

    • Covers both sudden death and gradual incapacitation
    • Attestation provides human verification
    • Inactivity provides time-based safety net

  2. Scheduled + Attestation

    • Scheduled for planned estate distribution
    • Attestation as early trigger if you die before scheduled date

  3. All Four Triggers

    • Maximum redundancy and flexibility
    • Covers all scenarios

Setting Up Emergency Triggers

Step 1: Designate Keyholders

Before locking, designate who will receive Keys:

  1. Navigate to your Safe’s management page
  2. Add Keyholders with name and email address
  3. You need at least as many Keyholders as your threshold
  4. Consider adding spare Keyholders in case some are unavailable

Step 2: Designate Voters (if using Attestation)

If enabling attestation trigger:

  1. Add Voters (can overlap with Keyholders)
  2. Ensure M > k (votes required > threshold)
  3. Ensure M ≤ V (votes required ≤ total Voters)
  4. Brief Voters on their role

Step 3: Configure Triggers

Before locking your Safe:

  1. Enable desired trigger types
  2. Configure settings for each enabled trigger:
    • Inactivity: Set days and grace period
    • Attestation: Set votes required
    • Scheduled: Set seal date
  3. Review and confirm your configuration

Step 4: Lock Your Safe

  1. Lock your Safe with your master password
  2. Triggers are now active and monitoring begins
  3. You’ll receive confirmation of active triggers

Step 5: Manage Ongoing

  • Check in regularly if using inactivity trigger
  • Update email addresses if Keyholders change contact info
  • Respond to warnings during grace periods
  • Keep Voters informed of their role

After a Trigger Fires

For Safekeepers

If a trigger fires (and you’re still alive):

  • This indicates a false positive (e.g., missed login window)
  • Contact your Keyholders immediately
  • Instruct them NOT to use the Keys yet
  • Log in to reset attestation votes if applicable

For Keyholders

When you receive a Key:

  1. You’ll receive an email with your Key file or instructions
  2. Store the Key securely until reveal time
  3. Coordinate with other Keyholders
  4. When ready to reveal, upload your Keys (threshold number required)
  5. The Safe’s credentials will be decrypted and accessible

Security Considerations

What Triggers Protect Against

  • Sudden death or incapacitation
  • Inability to manually seal Safe
  • Loss of access to systems
  • Cognitive decline over time

What Triggers Don’t Protect Against

  • Compromised Keyholders (choose trustworthy individuals)
  • Lost email access (keep emails up to date)
  • All Keyholders unavailable (designate spares)
  • Premature trigger (configure grace periods carefully)

Best Practices Summary

  1. Choose appropriate trigger types for your situation
  2. Test your setup after locking (verify Keyholder emails are received)
  3. Keep contact information current for all Keyholders and Voters
  4. Set realistic thresholds (2-3 for most users)
  5. Use grace periods for time-based triggers
  6. Brief Keyholders on their responsibilities
  7. Document your setup for executors/legal representatives
  8. Review periodically (annually recommended)

Troubleshooting

I didn’t receive a warning email

  • Check spam/junk folders
  • Verify email address in your profile
  • Contact system administrator

I missed my grace period deadline

  • Your Safe is now sealed
  • Keys have been distributed to Keyholders
  • Contact Keyholders to coordinate reveal
  • Consider this a test of your emergency system

I want to change trigger settings

  • You must unlock your Safe first (requires password)
  • Update trigger configuration
  • Re-lock the Safe with new settings
  • Note: This generates new pre-encrypted Keys for Keyholders

A Keyholder’s email bounced

  • Update the Keyholder’s email address
  • You must unlock and re-lock to update
  • Consider adding backup Keyholders

Support

For technical issues or questions:

Need Help?

Can't find what you're looking for? Check out our other guides or return to the documentation index.

← All Documentation Getting Started Guide →
Back to Documentation Getting Started Guide