Your vault, decryptable with or without us.Actively preserved, not passively stored.

Every vault export is an OAIS-style bundle composed of three parts: a manifest.json describing the file tree, one ciphertext blob per file, and a printable crypto-spec PDF listing every algorithm and parameter we use. There is no proprietary container, no closed binary format, and no Henedo-specific decoder.

Journal entries and the 1,000-prompt Life Story export as plain UTF-8 markdown bundles, one file per entry or answer. Voice and video answers export as standard WebM/Opus or MP4/AAC and MP4/H.264 — opaquely the same files your browser recorded, decryptable with the same FEK-under-MK procedure as everything else in the vault. No special viewer required.

With your passphrase, your device-bound Account Secret Key (ASK), and the export bundle, you (or your heirs) can decrypt the entire vault on any modern computer running standard cryptographic libraries. We test this end-to-end every build.

Print this. Hand it to your heirs alongside the M-DISC. The exact parameters live in the crypto-spec PDF inside the bundle, but the algorithm shape is public:

1. KEK = Argon2id(passphrase + ASK_hex, salt, m=64MB, t=3, p=4)
       → HKDF-SHA-256('henedo-kek-v2', 32 bytes)

2. MK  = AES-256-GCM.decrypt(KEK, EMK, mk_iv)

3. For each encrypted file in the manifest:
     FEK  = AES-256-GCM.decrypt(MK, EFEK, fek_iv)
     plaintext = AES-256-GCM.decrypt(FEK, ciphertext, file_iv)

4. Verify the file_name is decrypted with MK using the encrypted_file_name + file_name_iv columns.

The only library dependencies are AES-256-GCM, Argon2id, and HKDF-SHA-256.
All three have reference implementations in @noble/* and Web Crypto.

Your data lives on a geo-redundant primary store: encrypted blobs are replicated across multiple regions on a current-generation cloud object store, with continuous SHA-3 fixity checks that detect silent corruption and re-replicate automatically. Geo-redundancy alone is not enough, though — drives wear out and entire storage technologies become obsolete in 10–15 years.

So Henedo runs an active-preservation cycle: roughly every 10 years, the underlying drives, formats, and infrastructure are migrated to current technology. This is the discipline the Library of Congress, national archives, and other archival institutions use, formalised by ISO 14721 (OAIS) and the PREMIS preservation metadata standard. Passive cold storage assumes today's hardware will still be readable a century from now. It will not be. Active preservation treats the archive as a living system — and that is what carries an Eternal Vault across generations.

On top of the geo-redundant primary store, Eternal Vault customers can add an M-DISC physical backup at $59 (100 GB), $199 (500 GB), or $329 (1 TB). M-DISC is a rock-like inorganic optical medium tested per ISO/IEC 10995:2011/ECMA-379 and rated for up to 1,000 years (U.S. Department of Defense projection) — no dye, no organic layer, no magnetic decay. We burn your encrypted vault plus a printed copy of the crypto spec and ship it to your home.

M-DISC is a redundancy layer, not the primary medium. It is the belt-and-suspenders archival practice used by national archives — an offline, format-stable copy that survives even if every Henedo server, employee, and domain ceases to exist. It is yours to keep, not held by us.

Companies come and go. Your vault should not. Henedo's continuity plan has three layers:

• Software: the source spec is open, the build is signed, the transparency manifests are publicly archived. A successor team or an external archive can re-host a working client without our cooperation.
• Storage: Eternal Vaults sit on geo-redundant primary storage that is actively preserved — drives and formats are migrated to current technology on a ~10-year cycle, with continuous SHA-3 fixity checks. M-DISC is an extra redundancy layer on top, never the only copy. The endowment model is documented so the runway for any future custodian is calculable, not opaque.
• Trustee: if Henedo ever winds down operations, our wind-down spec transfers the manifest log and the user-encrypted ciphertexts to an OAIS-conformant successor custodian (firm to be named when contracted). Until then, the M-DISC option is your guarantee independent of any custodian.

From your Settings page you can:

• Export your full vault as the OAIS bundle described above. No fee, no review queue, no rate limits beyond what is needed to keep the system stable.
• Delete your account and all associated ciphertexts under GDPR Article 17 right-to-erasure. We confirm by email, then irreversibly destroy the data on our side. See the privacy policy for the exact retention schedule.
• Order an M-DISC at any time during your subscription, not just at checkout. Eternal Vault customers receive M-DISC pricing as part of their tier.

We do not gate exports behind tier upgrades. We do not charge per-MB egress. Customer confidence costs us less than customer churn.

The shorter version: the Living Vault assumes Henedo is here to operate it. The Eternal Vault is engineered so it does not need to be. Either way, your data leaves with you in an open format that you, your auditor, or your heirs can read with standard tools.