FortKnoxster’s DieFi core concept is decentralized — in fact it has to be, in order to be as secure and transparent as possible. Only the benefactor has access to the end-to-end encrypted information in the FortKnoxster DieFi Web3 DApp.

The DieFi solution is built using among other NuCypher technologies a decentralized network of nodes that can perform proxy re-encryption and treshold cryptography essentially acting as a decentralized KMS with dynamic access control. Further, FortKnoxster’s DieFi Web3 DApp and encrypted storage is built using Arweave — which is a decentralized and permanent storage protocol.

The benefactor can assign beneficiaries to each wallet generating an encryption key per beneficiary to unlock the encrypted wallet(s). This encryption key consists of hardware-backed entropy and is client-derived by the benefactor.

The encryption key is then split in shares and distributed to a decentralized key management service (KMS) using Shamir’s Secret Sharing threshold scheme, where each decentralized node receives a piece of the shared secret and not being able to reconstruct the entire key.

Each decentralized node will proxy re-encrypt (PRE) their share with an attached access and time regulated policy bound to a smart contract on the Ethereum blockchain, granting access to the recipient/beneficiary after a specific period of time has passed — which is the dead man’s switch.

The benefactor, while alive or non-MIA, can extend the access/time policy by re-granting access to the beneficiary — effectively extending the dead man’s switch period.

Due to the strict access & time policy enforced in the decentralized smart contract and the proxy re-encryption in the decentralized KMS, no access can be given until the dead man’s switch kicks in.

