Login / Register

Escrowable Recovery

Opt-in Master Password Recovery via Escrow Services

How It Works / Setup / Opt-in

Hybrid-Chain introduces an opt-in recovery system designed to safeguard self-custody master passwords in situations where they may be lost, forgotten, or need to be passed on in inheritance scenarios. Unlike traditional custodial recovery methods that centralize control, Hybrid-Chain’s approach ensures sovereignty remains intact. Users retain full control by default, and recovery is only enabled if they explicitly choose it. What makes the system unique is its use of two independent entities to manage recovery, guaranteeing that no single party can unilaterally access a user’s master password. Built with quantum-resilient cryptography at its core, the model is forward-compatible with future post-quantum standards, making it as durable as it is secure.

When a new wallet is generated with escrowable recovery enabled, the user provides two external escrow agents (or one agent and one service provider) who submit their public RSA keys. Hybrid-Chain uses these keys to encrypt distinct fragments of the master password, ensuring that neither party ever has access to the full secret. Each escrow entity holds only its encrypted fragment, tied to its private RSA key. In the event of a recovery scenario, both entities must participate by decrypting their fragments, which are then combined to restore the original master password. Because recovery requires cooperation between two separate and independent parties, the process is inherently auditable and resistant to compromise, creating a balance between safety and self-custody.

Recovery Event

In the event that a user loses their master password, needs to pass access to heirs, or an enterprise requires continuity after an unexpected disruption, the escrowable recovery process can be initiated. A recovery request is triggered either by the user, a legally recognized executor, or an enterprise administrator, depending on the circumstances. At this point, both designated escrow entities are required to take part. Each one uses their private RSA key to decrypt the fragment of the master password that was originally secured to them during wallet creation. Once both fragments have been decrypted, they are securely combined to reconstruct the original master password. This cooperative process ensures that no single party can act alone, and that recovery remains transparent and auditable. By requiring dual participation, Hybrid-Chain creates a model of trust that protects the user’s sovereignty while still providing a safety net for critical recovery scenarios.

Why This Matters

  • True self-custody with a safety net.

  • No single point of failure: at least two independent entities are required.

  • Enterprise and inheritance ready: ideal for institutions, families, or regulated clients.

  • Quantum-resilient design: escrow keys can evolve to PQC algorithms (e.g., Kyber, Dilithium) without changing the model.

In more Detail

Opt-In During Wallet Creation

When generating a new wallet, the user may select “Enable Escrowable Recovery.”

  • Two external escrow agents (or one agent + service provider) provide their public RSA keys.

  • Hybrid-Chain encrypts fragments of the master password with each escrow RSA key.

Secure Escrow Key Storage

  • Neither escrow party ever has access to the full master password.

  • Each only holds their private RSA key, which can decrypt their fragment.

  • The system ensures that both parties are independent (not the same entity).

Important Differentiators

  1. Two-Key Escrow Split (Dual Entity Model):

    • No centralization of recovery power in a single escrow party, which avoids the “custodial backdoor” problem.

    • By requiring two independent entities to cooperate, it enforces checks and balances — neither can unilaterally compromise the user’s keys.

  2. Selective Opt-In:

    • Making it optional keeps the purists happy (true cold self-custody without recovery).

    • But it gives enterprises, institutions, or families the peace of mind that catastrophic key loss won’t wipe out millions.

  3. Technical Robustness:

    • RSA escrow keys never touch the full password in cleartext — they only protect fragments.

    • Recovery requires combining both private keys, so there’s no single point of failure.

    • This plays nicely with the existing quantum-resilient entropy and layered Hybrid-Chain structure (Layer-0 signatures, Layer-2 abstraction, etc.).

  4. Legal/Compliance Edge:

    • For inheritance, courts/lawyers could coordinate with two escrow agents to unlock the password.

    • For enterprise clients, two service providers could function as recovery trustees.

    • It’s also MiFID II / ISO-style auditable — proof that no unilateral access exists.

  5. Differentiator:

    • Fireblocks, Anchorage, or MPC-based custodians solve this with shared MPC wallets (which are not self-custody), but Hybrid-Chain's approach works at the master password layer of self-custody.

    • That’s a different trust surface — lighter, more portable, and arguably more future-proof (because master password recovery outlives the life of any one platform).

PreviousQuantum SecurityNextIntegration Flow

Last updated

Was this helpful?