Split your secrets among trusted friends. Recover them together when needed.
ReMemory encrypts your files, splits the decryption key among friends using Shamir's Secret Sharing, and gives them a self-contained offline tool to reconstruct it together.
Recovery works in any browser, fully offline, without ReMemory or the internet.
Each friend receives a bundle containing recover.htmlβa self-contained recovery tool. No servers. No dependencies. No need for this project to exist in 20 years.
Download demo bundles to try the recovery process yourself β it's the best way to understand how ReMemory works.
graph TB
subgraph seal["β SEAL (you do this once)"]
A[Your Secrets] --> B[Encrypt with age]
B --> C[Split key into 3 shares]
C --> D1[Alice's bundle]
C --> D2[Bob's bundle]
C --> D3[Carol's bundle]
end
subgraph recover["β‘ RECOVER (friends do this together)"]
R1[Alice opens recover.html] --> R2[Her share is pre-loaded]
R2 --> R3[Adds Bob's share]
R3 --> R5{2 of 3 shares}
R5 -->|Threshold met| R6[Auto-decrypts!]
R6 --> R7[Download files]
end
D1 -.-> R1
D2 -.-> R3
The key insight: any 2 shares can reconstruct the key, but a single share reveals nothingβnot "very little," mathematically zero information.
Both the number of friends and the threshold are fully configurable: 2-of-3 for a small circle, 3-of-5 for a wider group, or even 2-of-2 for couples with shared private content that neither partner can access alone.
Create bundles entirely in your browser β no installation required.
| Create Bundles | eljojo.github.io/rememory/maker.html |
| Documentation | eljojo.github.io/rememory/docs.html |
Everything runs locally in your browser. Your files never leave your device.
For automation, scripting, or if you prefer the command line.
# Install
go install github.com/eljojo/rememory/cmd/rememory@latest
# Or download from GitHub ReleasesSee the CLI User Guide for complete documentation.
Before protecting real secrets, try the recovery process to understand how it works:
- Download demo bundles (contains 3 sample bundles)
- Open
bundle-alice/recover.htmlin your browser - Alice's share is pre-loaded β add Bob's share (or Carol's)
- Watch the automatic decryption when the threshold is met
This hands-on experience will help you understand what your friends will see during a real recovery.
Each friend gets a ZIP bundle containing:
| File | Purpose |
|---|---|
README.txt |
Instructions + their unique share + contact list |
README.pdf |
Same content, formatted for printing |
MANIFEST.age |
Your encrypted secrets |
recover.html |
Browser-based recovery tool (~1.8 MB, self-contained) |
A single share reveals absolutely nothing. But tell your friends to keep their bundle safeβit's their responsibility to you.
Why ReMemory?
We all have digital secrets that matter: password manager recovery codes, cryptocurrency seeds, important documents, or instructions for loved ones. What happens to these if you're suddenly unavailable?
Traditional approaches fail:
- Give one person everything β Single point of failure and trust
- Split files manually β Confusing, error-prone, no encryption
- Use a password manager's emergency access β Relies on company existing
- Write it in a will β Becomes public record, slow legal process
ReMemory solves this with cryptographic guarantees:
- No single point of failure β Requires multiple friends to cooperate
- No trust in any one person β Even your most trusted friend can't access secrets alone
- Offline and self-contained β Recovery works without internet or servers
- Designed for non-technical friends β Clear instructions, not cryptographic puzzles
Why I Built This
Two things drove me to create ReMemory.
First, I watched a documentary about Clive Wearing, a man who has lived with a 7-second memory since 1985. Seeing how fragile memory can be made me think about what would happen to my digital life if something similar happened to me.
Second, I've had several concussions from cycling accidents. Each time, I've been lucky to recover fully. But each time, I've been reminded that our brains are more fragile than we like to think.
ReMemory is my answer: a way to ensure the people I trust can access what matters, even if I can't help them.
Threat Model
ReMemory assumes:
- Your friends will only cooperate when needed
- At least threshold friends will keep their bundle safe
- Your device is trusted when you create bundles
- The browser used for recovery is not compromised
ReMemory does NOT rely on:
- Any server or cloud service
- Any ReMemory website or infrastructure
- Any long-term availability of this project
- The internet during recovery
See the Security Audit for details.
Cryptographic Guarantees
| Component | Algorithm |
|---|---|
| Encryption | age (scrypt passphrase mode) |
| Key derivation | scrypt (N=2Β²β°, r=8, p=1) |
| Secret sharing | Shamir's Secret Sharing over GF(2βΈ) |
| Integrity | SHA-256 checksums |
| Passphrase | 256 bits from crypto/rand |
A single share reveals absolutely nothing about your secret. This is a mathematical guarantee of Shamir's Secret Sharingβany fewer than threshold shares contains zero information about the original secret.
Failure Scenarios
| What if... | Result |
|---|---|
| A friend loses their bundle? | Fine, as long as threshold friends remain |
| A friend leaks their share publicly? | Harmless without threshold-1 other shares |
| ReMemory disappears in 10 years? | recover.html still worksβit's self-contained |
| Browsers change dramatically? | Plain HTML + WASM with no external dependencies |
| You forget how this works? | Each bundle's README.txt explains everything |
| Some friends can't be reached? | That's why you set threshold below total friends |
Development
# Using Nix (recommended)
nix develop
# Build
make build
# Run tests
make test # Unit tests
make test-e2e # Browser tests (requires: npm install)
# Preview website locally
make serve # Serves at http://localhost:8000Other Similar Tools
There's a flavour of secret sharing for everyone. ReMemory isn't the first tool to use Shamir's Secret Sharing, but it focuses on making recovery possible for non-technical people without installing anything. Here's how it compares:
| Tool | Type | Input | Splitting Method | Output | Non-technical Recovery | Offline | Contact Details |
|---|---|---|---|---|---|---|---|
| eljojo/rememory | CLI + Web | Files & folders | Shamir's SSS | ZIP bundles with PDF instructions, recover.html, encrypted archive |
Yes β open HTML in browser | Yes | Yes β included in each bundle |
| jesseduffield/horcrux | CLI | Files | Shamir's SSS | Encrypted file fragments | No β requires CLI | Yes | No |
| jefdaj/horcrux | CLI | Files (GPG) | Shamir's SSS (via ssss) |
.key + .sig files, steganography in images/audio |
No β requires CLI + GPG | Yes (TAILS recommended) | No |
| paritytech/banana_split | Web app | Text only | Shamir's SSS + NaCl | Printable QR codes | Partial β scan QR + type passphrase | Yes (self-contained HTML) | No |
| cyphar/paperback | CLI | Files | Shamir's SSS in GF(2^32) | Printable PDFs with QR codes + text fallback | Partial β scan QR or type text | Yes | No |
| simonfrey/s4 (site) | Web GUI + Go lib | Text/bytes | Shamir's SSS + AES | Text shares | No β copy/paste shares | Yes (save HTML locally) | No |
| xkortex/passcrux | CLI | Text/passphrases | Shamir's SSS | Text shares (hex/base32/base64) | No β requires CLI | Yes | No |
| ssss | CLI | Text (128 char max) | Shamir's SSS | Text shares | No β requires CLI | Yes | No |
| cedws/amnesia | CLI | Text/data streams | Shamir's SSS + argon2id | JSON file (Q&A-based, single user) | No β requires CLI | Yes | No |
| henrysdev/Haystack | CLI | Files | Shamir's SSS | Encrypted file fragments | No β requires CLI | Yes | No |
| Tool | Type | Input | Method | Output | Non-technical Recovery | Offline | Contact Details |
|---|---|---|---|---|---|---|---|
| msolomon/keybearer (site) | Web app | Files | Layered encryption | Encrypted file download | Partial β web UI for decryption | Yes (client-side JS) | No |
| RobinWeitzel/secret_sharer (site) | Web app | Text only | Split-key AES-256 (fixed 2-of-2) | PDF with 2 QR codes + security code | Yes β scan QR codes | Yes (client-side) | No |
| Bitwarden Emergency Access | Web service | Vault items + attachments | RSA key exchange (1-of-1) | Live vault access (no file output) | Yes β web UI | No (server required) | Via Bitwarden accounts |
| potatoqualitee/eol-dr | Guide/checklist | N/A | N/A (not a tool) | Printable checklist covering accounts, finances, subscriptions, devices | N/A | Yes (print it) | Template fields |
Key takeaways:
- Most tools only handle text or passphrases β eljojo/rememory, both horcrux projects, henrysdev/Haystack, cyphar/paperback, and msolomon/keybearer are the few that handle actual files.
- Only eljojo/rememory generates a self-contained recovery tool (
recover.html) bundled with each share β no installation, no internet, no CLI needed. - Only eljojo/rememory includes contact details in each bundle so friends know how to reach each other during recovery.
- paritytech/banana_split and cyphar/paperback output QR codes for printing, which is great for paper-based backups of short secrets.
- Bitwarden Emergency Access is fundamentally different β it delegates vault access to one trusted person (not M-of-N splitting) and requires an online service.
- potatoqualitee/eol-dr is not a tool but a valuable end-of-life planning checklist covering accounts, finances, subscriptions, and devices β complementary to any tool here.
- ssss is the classic Unix implementation but is limited to 128 ASCII characters and requires a terminal.
Apache-2.0 β Copyright 2026 JosΓ© Albornoz
Built on:
- age β Modern file encryption by Filippo Valsorda
- HashiCorp Vault's Shamir implementation β Battle-tested secret sharing
- Cobra β CLI framework
The protocol was originally designed in a Google Doc in 2023.