Key takeaways
- Recovery contacts hold an encrypted key shard — not your vault key directly
- A quorum (e.g. 2-of-3) must cooperate before vault access can be restored
- Inktally never sees the shards; the recovery protocol is peer-to-peer
- You can rotate recovery contacts at any time without changing or re-encrypting your vault
The hardest problem in zero-knowledge design is what happens when someone forgets their password. If the server holds no key, there is nothing to recover with — the data is gone. Most products solve this by quietly holding a backup key. We wanted a different answer.
The problem we are solving
Zero-knowledge means your password is the only thing that unlocks your vault. That is the source of the security guarantee — and the source of the problem. If you lose the password, you lose everything. That is a trade most people will not accept for their most important documents, no matter how good the security.
Recovery contacts give you a social recovery mechanism — one that requires no single point of trust, including us. The math ensures that no individual contact, and no subset below your threshold, can recover your vault on their own. They can only help you recover it.
How it works: Shamir secret sharing
At setup, your vault key is split into cryptographic shares using Shamir's Secret Sharing. You choose how many contacts hold shares, and how many must cooperate to reconstruct the key — the threshold. A common choice: three contacts, any two. Below the threshold, a share reveals nothing.
Each contact receives their share encrypted to their email address. They hold it without knowing what it contains, or even that it is a key share. When you initiate a recovery, we send each contact a one-click approval email. As soon as your threshold approves, we send you a time-limited recovery link.
Privacy note
Your contacts never see your documents, your other contacts' names, or the number of contacts in your scheme. They only know that you nominated them and that you've asked them to approve a recovery.
See this in practice.
Your vault is encrypted before it leaves your device. Inktally never sees your keys.
Try Inktally freeChoosing your contacts
Good recovery contacts are people who will outlive a hospital stay, check their email occasionally, and would want to help you regain access rather than block it. Geographic and institutional diversity matters: three contacts at the same company create a single point of failure. Spouse, sibling, and lawyer is a common setup.
What contacts can and cannot do
Contacts can only approve a recovery initiated by you entering your email on our sign-in page. We send you an email notification any time a recovery is initiated — so a contact attempting an unauthorized recovery is immediately visible to you, and they would need your threshold to cooperate anyway.
They cannot see your vault, start a recovery on your behalf, or prevent you from changing your contact list. You can update your contacts at any time from Settings → Security → Recovery.
