Security

Zero trust. Zero shortcuts.

Every layer of OnwardSafe is designed with one goal: your family gets access — and only your family.

AES-GCM encryption

Military-grade encryption at rest. Even we cannot read your files.

Guardian consensus

2-of-3 guardians must approve before release. No single point of failure.

Dead man's switch

Automatic trigger after your chosen 3, 6, or 9-month inactivity period.

Multi-step verification

AI pattern analysis plus manual review before any vault release.

Full audit trail

Every action logged with timestamp. Nothing moves without a record.

Zero direct access

No API can read vault data directly. Access flows only through the release pipeline.

Technical details

Under the hood

Encryption at restAES-GCM via MinIO SSE

Encryption in transitTLS 1.3

Auth tokensJWT + refresh tokens (memory only, never localStorage)

Two-factor authTOTP (all accounts)

Rate limitingAll API endpoints, Redis-backed

Vault access modelZero direct access — release pipeline only

FAQ

Security questions

Is OnwardSafe audited?

OnwardSafe follows zero-trust principles with full audit logging of every action. A third-party security audit is planned as part of our growth roadmap.

Where is my data stored?

Your encrypted data is stored in MinIO object storage with server-side encryption. Data is hosted on dedicated VPS infrastructure in a secure data center.

Can OnwardSafe employees access my vault?

No. Vault data is encrypted with AES-GCM before storage. The encryption keys are never stored in plaintext. Even OnwardSafe staff cannot decrypt your files.