About
Henedo is the post-quantum digital will, vault, and eternal legacy platform, built for the first generation whose lives are more digital than physical, and whose documents, crypto, and stories would otherwise disappear.
67% of Americans die without a will. 40 million own cryptocurrency, yet almost none have a plan for what happens to it. Billions of dollars in assets disappear every year not because the owners didn’t care, but because the tools to care were ugly, expensive, one-time purchases that never got updated.
We built Henedo because the incumbents sell documents. We sell peace of mind as an ongoing relationship. Every life change, marriage, new baby, property purchase, a new crypto wallet, is a reason to update. And the platform reminds you.
Your will is a single page in a much bigger story. The vault holds the documents, the journal holds the day-by-day you, and the Life Story holds the rest — 1,000 curated prompts across ten dimensions of a life, answerable in text, voice, or video. The things only you can leave behind. Encrypted end-to-end. Released only on your terms. Preserved for up to 1,000 years if you want.
A common critique of legacy platforms is that they are "binary, alive vs dead, no living interaction." That is a fair critique of any product that is just a vault. Henedo is engineered for daily use:
The vault and the journal are objects you interact with regularly. The dead-man's-switch release is the once-in-a-lifetime delivery the rest of the platform exists to make possible. Use it daily. Deliver it once.
"I have a will" is not the same as "my family actually got the right things at the right time." Probate freezes accounts. Lawyers move on. Spouses forget. Children argue. The gap between the legal document and the lived reality is where most inheritances quietly disappear.
Henedo is engineered to close that gap. Trusted contacts hold their decryption keys from the day you designate them, mailed as engraved metal NFC cards or delivered by split-key email. The dead-man's switch is a server-side policy gate, not wishful delivery. The 60-day access window after activation gives heirs time to download what is theirs. Underneath, Henedo runs active preservation: geo-redundant primary storage with a ~10-year hardware-refresh cycle (the discipline national archives use), with an optional M-Disc physical backup as an extra redundancy layer so heirs can decrypt even if Henedo is no longer operating.
We are the only platform we know of that combines all four layers (pre-delivered keys + DMS + window + actively-preserved storage with M-Disc redundancy) in production. Wills tell. Henedo delivers.
The server is blind to your vault. Your master key is derived in your browser from your password plus a device-bound Account Secret Key, and never reaches our infrastructure in any form. Vault contents are sealed with AES-256-GCM under that key, so a full breach of our database yields only ciphertext we cannot decrypt.
Contact keys are explicit, not magic. Each contact's one-time key is generated in your browser, then routed through a single dispatch endpoint that forwards it to its delivery channel — email for Guardian, or split between an engraved card and an email for Legacy and Eternal Vault. The endpoint relays the material in transit only; nothing about the key is written to our database, our logs, or any backup. For the split-key tier, neither half unlocks anything on its own — recovery requires both the physical card and the contact's inbox. The encrypted bundle the key unlocks remains server-gated: the access link is a dead URL until the dead-man's switch fires. Read the full architecture on thesecurity page.
Post-quantum by default. Your Eternal Vault is dual-signed with Ed25519 and ML-DSA-65 (NIST FIPS 204). Your data is encrypted with AES-256-GCM, which retains 128 bits of security against Grover’s algorithm. We do not wait for the quantum era to protect the documents your grandchildren will open.
Transparency is not optional. Every production build is signed with an offline key and the manifest is published publicly. Visit the transparency log to verify the JavaScript in your browser matches the JavaScript we shipped.
Your family, not your lawyer. Trusted contacts receive their access keys the day you designate them, mailed as engraved metal cards, or delivered by email. No escrow, no third-party intermediary, no hidden handoff at the worst moment. The platform is the gate, the keys are already home.
Active preservation, not passive cold storage. Primary storage is geo-redundant across multiple regions on a current-generation cloud object store, with continuous SHA-3 fixity checks. Roughly every 10 years the underlying drives, formats, and infrastructure are migrated to current technology — the discipline used by the Library of Congress, national archives, and other archival institutions, formalised by ISO 14721 (OAIS) and PREMIS. M-Disc is an extra redundancy layer on top, never the only copy.
Most legacy platforms are built by estate-planning teams who hire security later. Henedo was built the other way around. Our founders bring direct backgrounds in cybersecurity, blockchain, and AI, the three disciplines this product fuses, and v1 already includes what most products in this space add in v3.
Cybersecurity
Architecture-first, not policy-first.
Zero-knowledge, the device-bound Account Secret Key, WebAuthn PRF hardening, Web Worker isolation, canary-blob breach detection, and binary transparency all shipped in v1, because the people who built it have shipped this kind of system before.
Blockchain
User owns the key, by default.
Crypto-native founders know what happens when keys are lost. So Eternal Vault uses cryptographic chain-forward inheritance with per-inheritor key wrapping, ML-DSA-65 hybrid signatures shipped on day one, and a "decryptable without the platform" guarantee, all engineered into the product.
AI
Memory, inside the boundary.
The Journal and the upcoming AI-assisted memorial features are designed to operate inside the zero-knowledge boundary, local-first processing, no plaintext shipped to a model API. Memory preservation without the privacy compromise that AI-only legacy products require.
Honesty about youth, plus a concrete roadmap, plus named disciplines beats vague "team of experts." Here is the public timeline as of May 2026:
Confident about the architecture, precise about the scope. Each item below leads with the real strength and quietly closes the precision gap.
Built once, properly, in 2026.
Most legacy apps are estate platforms that hired security later. Henedo's v1 already includes ASK, PRF, canary blobs, binary transparency, and ML-DSA-65 hybrid signatures because the founders have shipped this kind of system before. Lastkey, WonderVault, Inheritable also launched recently, the discriminator is depth of architecture, not age.
Endowment math, in the open.
The Eternal Vault reserve covers storage at current cost trends with disclosed headroom. We publish the model on the Eternal Vault page and update it annually. No "trust us", show the spreadsheet.
Post-quantum where it matters today.
Eternal Vault signatures are dual-signed with Ed25519 + ML-DSA-65 (NIST FIPS 204) shipped in production via @noble/post-quantum v0.2.x. ML-KEM for contact-key delivery is on the published roadmap as the standards stabilise. Most ZK competitors haven't shipped any PQ to consumers yet.
Zero-knowledge is the floor, not the ceiling.
Proton Pass, Bitwarden, 1Password, Lastkey have ZK too, that's table stakes for a privacy-first vault. Henedo's distinctive layer is the combination: ASK + WebAuthn PRF + Web Worker isolation + canary blobs + binary transparency + per-inheritor wrapping, all in one product. Each layer is documented on the security page so any auditor can verify.
Henedo is a new company shipping the estate-planning platform the 2020s finally deserves. We are cryptographers, blockchain engineers, AI researchers, estate attorneys, and product designers who couldn't find anything on the market for ourselves, so we built it.
If you'd like to work with us, write at careers@henedo.com. For press or partnerships, press@henedo.com.
Free to start. Your first encrypted vault, your first state-specific will, and your first trusted contact, live in 2 minutes.