System Architecture

The Technology of Trust.

Estate Legacy is not a simple file storage system. It is a highly robust, strictly-typed PHP MVC application utilizing cryptographic separation, multi-tenant database partitioning, and automated cron-driven verification engines. Here is exactly how it works under the hood.

1. Zero-Knowledge Encryption

When you store a password, seed phrase, or document, the system utilizes Advanced Encryption Standard (AES-256-GCM) authenticated encryption.

  • Client-Side Derivation: Your Master Password generates a secure cryptographic key (PBKDF2) locally.
  • Payload Segregation: Metadata (like item titles) is stored in the vault_items table, while the encrypted binary blob is stored separately in vault_secrets.
  • Tamper Proof: GCM ensures that if a single bit of the encrypted data is altered in the database, the decryption will strictly fail and log a security alert.
public function encryptPayload($data, $key) {
  $iv = openssl_random_pseudo_bytes(16);
  $tag = null;
  $ciphertext = openssl_encrypt($data, 'aes-256-gcm', $key, 0, $iv, $tag);
  return base64_encode($iv . $tag . $ciphertext);
}

2. Multi-Tenant Role Policies

Every user account operates as an isolated tenant (tenant_id). You assign "Trusted Contacts" and bind them to specific "Release Policies".

  • Contact Matrix: Contacts are stored with rigorous validation, requiring independent email verification.
  • Policy Rules: You can define a rule such as: "Release folder 'Business Assets' to Contact 'John Doe' only after 14 days of my verified inactivity."
  • Relational Mapping: The MVC architecture handles complex joins between release_policies, vault_items, and trusted_contacts securely in the Model layer.
Users
Policies
Contacts

3. Automated Verification Triggers

The core of Estate Legacy is the verification engine. It actively monitors for predefined life events without requiring human intervention until necessary.

  • Cron Jobs: Background server processes (Cron) run continuously, checking the last_active_timestamp on user profiles against their Dead-Man Switch threshold.
  • Warning Pings: Before executing a release, the Mail Queue subsystem dispatches multiple warning emails and SMS texts (if configured) to ensure it is not a false positive.
  • Manual Triggers: Executors can manually request access (e.g., in the event of sudden death). This locks the system into "Pending Legal Review," requiring admin verification of documents.
> executing cron/evaluate_triggers.php
> checking user_id 1042...
> last_login: 2026-01-15 14:32:00
> threshold: 90 days
> status: INACTIVE DETECTED
> initiating executor release protocol...
> queuing notification emails [OK]
> generating access grants [OK]

4. The Execution Protocol

When an event is verified, the system generates secure, time-limited cryptographic grants for the specific Trusted Contacts.

  • Executor Dashboard: Contacts log into a strictly isolated Executor Dashboard. They cannot modify your account, only view what they have been explicitly granted.
  • 2FA Enforcement: Executors must pass Time-based One-Time Password (TOTP) verification to access the decrypted data payload.
  • Business Continuity Execution: In addition to files, executors receive structured "Action Plans" outlining exactly what needs to be shut down, transferred, or maintained (e.g., paying web hosting to keep business emails alive).
Access Granted Decryption Key Provided

Ready to secure your architecture?

Initialize Your Vault Now
App Icon

Install Estate Legacy - Secure Your Digital Life.

Install the app for quick access.