Use your own discretion with this one (as with all advice in this space). I welcome your constructive feedback and the poking of holes here; let's tear this apart so that it might actually be something resilient for people who can't pay for alternatives. Feel free to message me if you'd like to talk it through.
Bitcoin inheritance planning is a popular conversation for obvious reasons. One way emerging now involves the assistance of a third party – a company you’d pay like Casa, Unchained, or Onramp among others. Though this requires some level of trust in these Bitcoin-focused companies (granted, Casa now also has Ethereum services, so…grains of salt?), I think they have taken reasonable steps to remove themselves as potential singular points of failure. And all such planning requires trust, even with lawyers and the courts via traditional legal documents, so these Bitcoin custodians may be a fine option if you want to (read: can) pay for the service. It may very well be worth it, but all this to say, this is NOT the method I’m getting at here in this article.
Obviously, there are many people around the world who don’t have the means to pay for such a service.
One novel and free, DIY way of Bitcoin inheritance planning that I’ve discovered and explored which may make such planning accessible for more people globally is what I will outline here. And the crux of it is a Dead Man’s Switch, an activation that triggers upon your incapacitation or death.
Allow me to make a weak assumption: you have a Gmail account. Even if you’ve moved on to ProtonMail (you should), a former Gmail account can prove useful here. This method uses Google’s Inactive Account Manager in conjunction with your own PGP-encrypted message(s) to your beneficiaries. Fairly straight-forward. Simple perhaps, but not necessarily easy at first.
How Might This Work?
Upon your incapacitation or death, after a pre-determined amount of time in which you will have not logged into your Gmail account (3 months is the earliest amount of time you can choose), Google’s Inactive Account Manager will send an email you compose (or multiple) to your beneficiary’s—or beneficiaries’—(most frequently used) email (Gmail?) telling them to check their more secure (but maybe less used?) end-to-end encrypted ProtonMail email account (which you will help them establish), where you will have sent them another email (PGP-encrypted text only – do not trust Google with clear-text!) outlining only where or how they might access your their â‚¿itcoin, offline – do not type the seed phrase itself.
That’s basically it.
And Now For Disclaimers Longer Than The Actual Directions
As with all such inheritance planning methods now emerging, I will grant that this may not be absolutely fool-proof. (And as I said above, I’d appreciate more constructive criticism on its shortcomings.) For starters, this requires a working knowledge of PGP for both you and your beneficiaries (a learning curve indeed perhaps, but certainly not impossible… and maybe a little, dare I say, fun?). PGP is fun. Of course, a fun experiment is no reason at all with which to solely trust an inheritance. And that is, an ENCRYPTED message only.
DO NOT TRUST GOOGLE WITH SENSITIVE CLEAR-TEXT!
To many, PGP looks intimidating. (It was to me, at first.) Don’t let the big mass of random characters frighten you off. Learning PGP doesn’t take THAT long; using it is not THAT difficult. I won’t say its security is necessarily perfect; there are shortcomings (human and technical) that I’ve tried to address in what follows, but for the technically literate and curious PGP does prove itself an option.
If you’re looking to pass down Bitcoin wealth, you’re likely already familiar with seed phrases. Though PGP’s private keys don’t utilize 12 or 24 human-readable words like a Bitcoin seed phrase, the private key / public key pair of its cryptography is the same. Securing your PGP private key offline might be done in a similar way as your Bitcoin seed phrase.
Just a few PGP resources:
- Mac: GPGtools.org
- Windows: GPG4win.org
- If you’re interested in learning via Terminal: GPG Quickstart Guide
- The GNU Privacy Guard
Another disclaimer among many: Clearly, this requires putting trust in Google and that alone should make you ask yourself some hard questions:
- For obvious reasons, this also means your Gmail account should have an extremely strong password (So are you also using a password manager? [not saving passwords in (nor even still using) Google Chrome!]) and do you have app-based or Yubi key 2FA (not SMS) enabled as well?
- Would anything about your Gmail address itself (your name?) draw a target or attention as to who you are or what you might have?
- Maybe the Gmail account you set this up from is completely new, random, and never publicized? (But then, are you logging in every 3 months to keep its login fresh?)
- How often do your beneficiaries even check their email? Are their inboxes overflowing with spam and disorganization? Will your message just be lost amid their grief?
- Do you trust Google (or more aptly, any one rogue employee) not to attempt to decrypt your PGP key themselves, hard as that may be?
- Moreover, PGP doesn’t have forward-secrecy either, so consider the potential to decrypt PGP more easily in the future. (Quantum computing risks?)
- Have your beneficiaries backed up their PGP Private Key offline? Have you?
- Maybe Google decommissions this Inactive Account Manager feature? Be sure to keep up-to-date.
More thoughts: If your beneficiaries will have access to your online accounts or password manager upon your incapacitation or death (and depending on your situation, perhaps they should), presumably they could then just login and see the future messages in your Inactive Account Manager settings within 3 months anyway… and well, by the same token, then you also could have just left a PGP-encrypted message in your Drafts folder, and tell them to look for that …but I wouldn’t.
For that matter, in Gmail you could also do a Scheduled Send of a PGP encrypted email for a date far off in the future. (Of course, you don’t know when you’re gonna kick that bucket and you’re statistically not likely to select a random date that ends up closer than 3 months. Still, a Scheduled Send could be useful for sending a message to a particular birthday or anniversary…)
Or you could not use Google at all, but encrypt a PGP message, print it out, and give it to them in your estate papers via a lawyer or your executor. They would then have to (“gasp”) retype all those random characters… or I imagine by then, simply scanning the document, a text reader of the future could pull out the PGP text before decryption (can do so now I think with PDF Expert) …again, I digress.
It behooves you to clearly understand what’s happening in every step of the process if this is something you might consider. I don’t actually know of anyone who has embraced this method. As far as I’ve seen, since this first occurred to me in 2021, I may be the only one who’s made the connection that this feature might serve as a free Dead Man’s Switch for the Bitcoin community… I’ve walked through a test trial of how this would play out, waiting 3 months, and it seemed to work flawlessly. Still, I am not committed to this method myself.
I do, however, recognize it as a potential stop-gap or a free technical means to help people in a particular situation or part of the world. Better than nothing, we might say. (YES, AND though, “better than nothing” could yield a false sense of security and lull a complacency from continuing to search for something better.)
Relatedly, it might be noted that in parts of the world where people would undoubtedly benefit from even a free method such as this, many people die every day without having any inheritance plan, will / trust, etc… or the assistance of lawyers and executors whatsoever. And in some areas, even access to and working knowledge of a computer and the Internet, let alone sometimes any savings at all with which to pass down. These people are not yet using Bitcoin …or Gmail. Clearly, this method is still unfortunately not quite applicable for people at that far end of the poverty spectrum, as I saw for years in rural Zambia …but someone else in the developing world? Or a frugal, yet tech-savvy European? A young American? Maybe.
Another note: I am only suggesting the possibility of encrypting a message about WHERE or HOW to find your seed phrase, offline, in real life. (And certainly, you can further obfuscate/complicate this with information that only your beneficiary would know, like a treasure map of sorts. Or separating the seed phrase from an added BIP-39 passphrase …which is useful for creating decoy wallets for threat situations under duress.)
I am not advising you to type the actual seed phrase online. Even encrypted. In fact, I am actively advising you NOT to type your seed phrase on any computer, ever! That is the only thing in this whole article that I am actually actively advising: never type your seed phrase on a computer. I wouldn’t even say it out loud. Not with all of our phone mics, Siri, Alexa, Cortana (or Copilot), Ring cameras and the like around, analyzing our speech and abusing our data all William-nilly.
Lastly, Not Your Keys, Not Your Coin, of course. Nothing about this Inactive Account Manager functionality responds to or cares about legalese, court orders, or estate documents… from a technical perspective, that is. You just need to not login. Google, however, absolutely can, has in the past, and likely would be compelled to comply with a legal order from the courts over an inheritance dispute. Take that for what you will.
Take this all for what you will. I don’t have a full answer here. I’m only thinking out loud, trying a method I’ve never heard anyone discuss, and sharing the notion for your reasoned consideration. No guarantees. Offer void where prohibited. DYOR. Don’t trust, verify. Vires in numeris. E pluribus unum. 🙂
#StudyBitcoin. UPGRADE YOUR DENOMINATOR.
More posts by @5atoshiNakamoto
@5atoshiNakamoto is a longtime book editor, new article proofreader here at TPB, and was host of Bantu Bitcoin—a Bitcoin-only education podcast from rural Zambia, in Bemba and English—when he served as a United States Peace Corps Volunteer.
