Your Files. Your Keys. Your Privacy.
Killswitch uses zero-knowledge encryption — the same technology trusted by password managers like 1Password and Bitwarden. Files you keep to yourself are unreadable to us, period. Files you set up for delivery use the same wrapped-key model as 1Password's Emergency Access — explained in detail below, with every share yours to revoke.
Your private files are unreadable to us. By design.
How We Keep Your Files Safe
Your Password
Unlocks Master Key
(in your browser)
Decrypts Your Files
Password Never Leaves Your Device
We never see it, store it, or transmit it. Your password stays on your device.
Master Key is Wrapped
Your master key is encrypted with your password. We store only the encrypted version.
Lightning-Fast Password Changes
Change your password in milliseconds. No file re-encryption needed, same as 1Password.
Encrypted Before It Leaves Your Browser
Your File
Readable
AES-256-GCM
Encrypted Blob
Random data
Our Servers
Can't decrypt
Files encrypted in your browser before upload
We only ever receive encrypted data
Even if our servers are hacked, files remain encrypted
Same encryption used by banks and governments (AES-256-GCM)
Sealed or Standard — You Choose, Per File
Every document and note has a storage mode you can flip at any time. Items you create in the app are Sealed by default. Sealing and unsealing happen instantly in your browser — the encrypted file itself is never re-uploaded or re-encrypted.
Sealed (default)
The file's key is wrapped with your master key, which never leaves your device and is never escrowed — not even while an AI connector session is active. True zero-knowledge: not even we can read it.
Best for anything private you don't need an AI assistant to read.
Standard (AI-readable)
The file's key is wrapped with your Standard Key. When you start an AI connector session, that key is escrowed in memory only, time-boxed, and solely for that session, so a tool you authorize (like Claude) can read the file. End the session and the key is dropped.
Best for files you want an AI assistant to work with.
What Happens When You Seal or Unseal
Unwrap the file key
with the current key, in your browser
Re-wrap under the other key
master key ⇄ Standard Key
Save the new wrapper
the encrypted file is never touched
Instant at any size — a 2 GB video seals as fast as a sticky note
No re-upload — only the few-hundred-byte key wrapper changes
Requires your session unlocked — both keys must be in your browser
Reversible anytime — flip a file back and forth whenever you like
Share Securely, Stay Private
When you share a file, we use a clever system that lets recipients access your files without us ever knowing the decryption key.
You share a file - A unique secure token is generated in your browser
Token encrypts the file key - We only store a hash (fingerprint), never the actual token
Recipient gets a link - The token is in the URL, which we never see
Recipient gets a unique secure link
Token is in the URL, never stored on our servers
You can revoke access anytime
Files stay encrypted throughout the process
Your Digital Legacy, Protected
Deadman switches automatically transfer your files to beneficiaries if you stop checking in. Here's how we maintain security while enabling this automation.
How Deadman Switch Encryption Works
You Create a Switch
For each beneficiary-file combination, a unique access key is generated in your browser
Keys Are Encrypted and Stored
Access keys are encrypted with our server key (AES-256-GCM) before storage - protected even from database access
You Check In Regularly
As long as you check in, nothing happens. Your files stay encrypted and private.
Miss Your Check-In? Switch Triggers
Access keys are decrypted (server-side) and unique links sent to each beneficiary
Files stay encrypted - We never have your file encryption keys
Per-beneficiary keys - Each person gets their own unique access link
Keys encrypted at rest - Protected by server-side encryption
Test before you trust - Verify everything works with test mode
The Necessary Trade-off
Files stored on Killswitch without any share links or deadman switches are fully zero-knowledge — we have no way to access them, period. However, when you create a share link or add a file to a deadman switch, a unique encryption key is generated specifically for that share. That key is encrypted with our server-side vault before being stored, so we can deliver it to your beneficiary when the time comes. This is the same approach used by 1Password (Emergency Access), Bitwarden (Emergency Contact), and LastPass (Emergency Access).
Because each share gets its own unique key, you can revoke any individual share at any time — once revoked, that key is destroyed and all access through it is permanently gone. No impact on your other shares or beneficiaries.
All share link access and email delivery are automatically logged with IP addresses and location data, so any activity leaves a clear audit trail.
What Our Engineers CAN'T Do
For files you keep private — no shares, no deadman switches — zero-knowledge means zero access. Even with full database and server access, our team sees only encrypted blobs for those.
Cannot read your files
Cannot see your filenames (encrypted in our database)
Cannot access your password
Cannot decrypt your private files even if legally compelled (share and deadman-switch keys are covered above)
Cannot recover your files if you lose your password (this is a feature, not a bug)
Important: Because we can't access your data, losing your password means losing access to your files forever. We recommend using a password manager.
Technical Deep Dive
For the security-minded, here's exactly what we use under the hood.
- File Encryption: AES-256-GCM (Advanced Encryption Standard, 256-bit key, Galois/Counter Mode)
- Key Derivation: PBKDF2 with SHA-256, 100,000 iterations (exceeds OWASP recommendations)
- Token Hashing: SHA-256
- IV Size: 12 bytes (96 bits) - standard for GCM
- Salt Size: 16 bytes (128 bits) - randomly generated
Password (never stored)
│
└─▶ PBKDF2 derivation (100k iterations)
│
└─▶ Password-Derived Key (PDK)
│
└─▶ Unwraps Master Key (AES-GCM)
│
└─▶ Unwraps File Keys (per-file)
│
└─▶ Decrypts Files (AES-GCM)
We use the same architecture as 1Password, Bitwarden, and ProtonMail:
- Random Master Key: 256-bit key generated once, never changes
- Password Wrapping: Master key is encrypted with your password-derived key
- Fast Password Changes: Only re-wrap the master key (milliseconds, not hours)
- Scalability: Password change time is constant regardless of file count
Each file gets its own unique encryption key:
- File Key: Random 256-bit key generated for each file
- Key Wrapping: File key is wrapped (encrypted) with your master key
- Isolation: Compromise of one file key doesn't affect others
- Sharing: Enables fine-grained sharing without exposing master key
Two account keys exist; each item's key is wrapped under exactly one of them:
- Sealed (default): file key wrapped under your master key (zero-knowledge), which is never escrowed
- Standard: file key wrapped under your Standard Key, escrowable in memory only for a consented, time-boxed AI connector session
- Re-tiering: Seal/Unseal unwraps the file key with one account key and re-wraps it under the other — entirely in the browser
- No data movement: the AES-256-GCM ciphertext in storage is never read, re-encrypted, or re-uploaded
Additional encryption for metadata stored in our database:
- Cloak Vault: AES-256-GCM encryption for database fields
- Encrypted Fields: Filenames, descriptions, storage paths
- Key Management: Server encryption keys stored in secure environment variables
- Defense in Depth: Even metadata is protected against database breaches
How We Compare
| Feature | Killswitch | Google Drive | Dropbox | iCloud |
|---|---|---|---|---|
| Client-side encryption | Partial | |||
| Zero-knowledge architecture | ||||
| Provider can read files | ||||
| Automatic digital legacy | Limited |
Ready to Secure Your Digital Life?
Join thousands of people who trust Killswitch to protect their most important files and ensure their digital legacy reaches the right hands.