{%- include head.html -%}
{%- include header.html -%}

Distrust Key Escrow

The only fully open source, technology agnostic key escrow service.

Documentation Join Waitlist

Quick Start

If you are ready to protect your data, you can use the wizard which will walk you through the process.


How it Works

Backup

1. Generate a recovery key

Any kind of key may be used, but recommendations for the type of key to use and how to manage its lifecycle can be found here

2. Define recovery rules.

The standardized Distrust Key Escrow policy can be used to set rules for conditions under which the key can reclaimed.

3. Encrypt data and back it up.

The client is responsible for redundantly backing up data. This is to ensure that Distrust Key Escrow has no way to access the data.

Recovery

1. Lose access to your data (oops...)

Data loss, even with great controls sometimes isn't fully prevented.

2. Submit verifiable recovery request.

Submit a request to recover the data, which will be checked against the recovery rules.

3. Your recovery key is returned.

The key which is held in escrow by Distrust Key Escrow is re-encrypted to a key provided by the client and released from escrow. This is to ensure that we never have access to your data in plaintext, only the key that you used to encrypt it.

Security

Reproducible Builds

Being able to ensure that all of the software that's used for the QKM system is essential. Learn more about why here

Full Source Bootstrapped

Being able to verify the compiler by bootstrapping it in order to ensure it is not capable of injection malicious code at runtime is an essential part of supply chain security.

Side Channel Attack Resistance

Attacks that are able to exfiltrate data via non standard channels is an important consideration when handling sensitive cryptographic material.

Cold Key Management

Ensuring that the lifecycle of cryptographic material is handled in a fully air-gapped environment helps drastically reduce surface area for attacks.

Multi Party Access Control

Because eliminating single points of failure is an effective way to reduce the likelihood of compromise is a core control mechanism for DKM.

The Approach

Distrust Key Escrow has been designed with the utmost care to eliminate single points of failure to ensure that your backups are inaccessible by any single individual, under any circumstances.

This may seem like a big claim, but all our processes and software are fully open source - so you can verify for yourself. If you still don't trust us, that's okay, you can use our blueprint to set up the QKM system youself - and we invite you to do so. You can find the documentation on how QKM works here

Most, if not all current commercial backup/disaster recovery systems have many single points of failure and sell a service which is simply not suited for many contexts - especially for backing up digital asset wallets. The lack of transparency on how their systems work means that you as the end user can't verify whether their approach to security matches your desired threat model, and you are left with blind trust, rather with transparency.

{%- include footer.html -%}