Story

Hey HN, I built something I actually needed myself: a dead man's switch that doesn't require trusting some random SaaS with my unencrypted secrets. Aeterna is a self-hosted digital vault + dead man's switch. You store password exports, seed phrases, legal docs, farewell messages, files – whatever – encrypted. If I stop checking in (because something bad happened), it automatically decrypts and sends everything to the people I trust. Why I made it:

I didn't want to hand my master password / recovery keys to a third-party service Most existing tools are either paid, closed-source, or feel over-engineered I wanted something I could just docker-compose up and forget about (mostly)

Core flow:

Single docker-compose (Go backend + SQLite, React/Vite + Tailwind frontend) You set check-in interval (30/60/90 days etc.) It emails you a simple "Still alive?" link (uses your own SMTP server – no external deps) Miss the grace period → switch triggers Decrypts vault contents and emails them to your nominated contacts, or hits webhooks you define

Security highlights:

Everything at rest uses AES-256-GCM Master password → PBKDF2 hash (never stored plaintext) Sensitive config (SMTP creds etc.) encrypted in DB No cloud APIs required – bring your own email

It's deliberately minimal and boringly secure rather than feature-heavy. Zero vendor lock-in. Repo: https://github.com/alpyxn/aeterna Would really value brutal feedback:

Security model / crypto usage – anything smell wrong? Architecture – single SQLite ok long-term? UI/UX – is it intuitive enough? Missing must-have features for this kind of tool? Code – roast away if you want

Thanks for looking – happy to answer questions or iterate based on comments.