- Encrypted archive (.zip): A personal file whose SHA256 hash acts as a unique cryptographic salt.
- Question file (.json): A chain of secret questions where each is encrypted with the answer to the previous one, all tied to the archive's salt.
- Your memory: The answers, which are never stored digitally.
The entropy for the BIP39 seed phrase is generated by combining these elements:
Entropy ≈ SHA256(Σ SHA256(question + answer + file_hash))
The resulting seed phrase exists only in RAM and is erased when the application closes.
Key benefits:
- Immune to theft: With no stored phrase, there is nothing for hackers or thieves to find.
- Distributed security: You can keep the .zip and .json files in separate locations, requiring an attacker to compromise multiple points.
- Secure inheritance: Allows you to leave instructions for an heir to regenerate access without ever writing down the full secret.
The trade-off:
You exchange the risk of theft for the risk of forgetting your answers. Security depends on the strength of your personal secrets.
You can download the latest Windows release and test it here: https://github.com/SecretML/SecretMemoryLocker
I'd love to hear your thoughts, criticism, and suggestions.