{%- include head.html -%}
{%- include header.html -%}

Distrust Disaster Recovery

The only fully open source, technology agnostic disaster recovery and key escrow service.

Documentation Join Waitlist

Quick Start

If you are ready to protect your data, you can use the Wizard which will walk you through the process.

Quick Start

How it Works

Distrust used the Quorum Key Management specification to generate entropy offline and used it to derive a PGP key which anyone can encrypt to.

The only way to reconstruct the private key which is used to decrypt is by bringing together multiple shard holders who are in separate geographical locations.

Distrust Disaster Recovery will always verify the recovery rules before decrypting any client data.

Clients may choose to generate their own encryption key, encrypt data, then encrypt that key to the Distrust Disaster Recovery Public Key. In this way the data is never exposed to anyone, but can be protected using a form of "crypto-shredding".

Security

Distrust Disaster recovery focuses on removing single points of failure on all levels.

Reproducible Builds

Being able to ensure that all of the software that's used is deterministic is essential. Learn more about why here

Full Source Bootstrapped

Being able to verify the compiler by bootstrapping it in order to ensure it is not capable of injection malicious code at runtime is an essential part of supply chain security - and often ignored.

Side Channel Attack Resistance

Attacks that are able to exfiltrate data via non-standard channels is an important consideration when handling sensitive cryptographic material. Because of this, HSMs are leveraged.

Cold Key Management

Ensuring that the lifecycle of cryptographic material is handled in a fully air-gapped environment helps drastically reduce surface area for attacks.

Multi Party Access Control

Because eliminating single points of failure is an effective way to reduce the likelihood of compromise use of quorums where multiple individuals are required to carry out actions is a core control mechanism for Distrust Disaster Recovery.

The Approach

Distrust Key Escrow has been designed with the utmost care to eliminate single points of failure to ensure that your backups are inaccessible by any single individual, under any circumstances.

This may seem like a big claim, but all our processes and software are fully open source - so yo can verify for yourself. If you still don't trust us, that's okay, you can use our blueprint to set up the system yourself - and we invite you to do so. You can find the documentation on how QKM works here

Most, if not all current commercial backup/disaster recovery systems have many single points of failure and sell a service which is simply not suited for many contexts - especially for backing up digital asset wallets. The lack of transparency on how their systems work means that the end user can't verify whether their approach to security matches your desired threat model, and security properties, and what remains is blind trust, rather with transparency.

We invite you to question any part of our system.

{%- include footer.html -%}