⚠️ SECURITY WARNING: This project is currently under active development with cryptography implementation still in progress. DO NOT use this application in production or for truly sensitive information until a stable release is available. The current implementation should only be used in trusted, isolated environments for testing purposes.
A secure, self-hosted application that acts as a digital "dead man's switch" - ensuring your sensitive information is only shared with specified recipients if you're unable to respond to regular check-ins.
A dead man's switch is a device or system that is triggered if the human operator becomes incapacitated or fails to respond. In the digital context, it's a system that will execute predetermined actions if you don't regularly confirm you're still active.
- Create encrypted secrets - Store sensitive information securely with strong encryption
- Set up recipients - Designate who receives which secrets if the switch is triggered
- Configure check-in methods - Set up Telegram and/or email verification
- Respond to regular pings - Simply respond to a Telegram message or click an email link
- If you don't respond - After a customizable deadline passes, your secrets are securely delivered to your designated recipients
I strongly believe that users should own their data, especially when it comes to highly sensitive information like what's stored in a dead man's switch. This is why I created this as a free, self-hosted solution rather than a paid service.
Self-hosting offers several critical advantages:
- Complete privacy - Your sensitive data never leaves your control
- No third-party dependencies - No reliance on external services that might disappear
- Full transparency - You can verify exactly how your data is handled
- Customization - Tailor the application to your specific needs
- Security - Eliminate potential vulnerabilities from third-party hosting
For truly confidential information, entrusting it to any third-party service creates unnecessary risk. By self-hosting, you maintain complete control over your sensitive data throughout its lifecycle.
This project will always remain free and open source. If you find it valuable, please consider sponsoring me on GitHub to support ongoing development and maintenance.
- Strong encryption - All secrets are encrypted using industry-standard algorithms
- Flexible recipient management - Assign different secrets to different recipients
- Dual verification methods - Choose between Telegram and email for check-ins
- Customizable schedules - Configure ping frequency and response deadlines
- Modern authentication - Support for passwords, 2FA, and WebAuthn passkeys
- GitHub activity monitoring - Automatically detect your GitHub activity to postpone check-ins
- Simple web interface - Easily manage your secrets and recipients
- Self-contained Docker image - Simple deployment with automatic HTTPS
- Complete audit logs - Track all system activities
- Clone this repository
- Copy
.env.exampleto.envand modify the variables as needed - Run
docker-compose up -d
For more detailed instructions, see the Installation Guide.
The application can monitor your GitHub activity to automatically postpone check-ins when you're active. This provides an additional layer of convenience and security:
- Connect your GitHub account - Simply add your GitHub username in your profile settings
- Automatic activity detection - The system checks your public GitHub activity hourly
- Smart rescheduling - When activity is detected, your check-in deadlines are automatically extended
- Privacy-focused - Only uses public GitHub API data, no GitHub authentication required
- Transparent logging - All activity checks are recorded in your audit log
This feature is particularly useful for developers who are regularly active on GitHub, as it reduces the need for manual check-ins while maintaining the security of the dead man's switch functionality.
For more details, see the GitHub Activity Monitoring Guide.
⚠️ IMPORTANT: The cryptography implementation is still under development. The current version uses placeholder encryption keys and simplified methods that are NOT suitable for production use.
Security is the highest priority for this application. See our Security Documentation for details on the encryption methods and threat model, and our Authentication Guide for information on secure login options including passkeys.
The application uses a sophisticated system to detect user activity from multiple sources, send reminders, and enforce deadlines. This ensures that your secrets are only shared when you're genuinely unable to respond.
Key features of the detection system:
- Multi-source activity detection - Monitors web logins, Telegram activity, GitHub actions, and more
- Graduated reminder system - Sends escalating notifications as deadlines approach
- Configurable deadlines - Customize how long the system waits before triggering
- Comprehensive audit trail - Track all activity and notifications
For detailed information on how the detection system works, see our Activity Detection Documentation.
We maintain a comprehensive test suite with a target of 80% code coverage. To run the tests:
# Run tests for all packages
go test ./...
# Run tests with coverage reporting
go test -coverprofile=coverage.out ./...
go tool cover -func=coverage.out
# Generate HTML coverage report
go tool cover -html=coverage.out -o coverage.htmlWe use golangci-lint to ensure code quality. Run the linter locally before submitting pull requests:
# Run the linter using the provided script
./scripts/run-golangci-lint.sh
# Or directly if you have golangci-lint installed
golangci-lint runThe script will automatically install golangci-lint if it's not already available on your system.
We welcome contributions to Dead Man's Switch! Whether you're fixing bugs, adding features, improving documentation, or writing tests, your help is appreciated.
- Backend Development: Go-based API and business logic
- Frontend Development: HTML templates and JavaScript enhancements
- Testing: Unit tests, integration tests, and end-to-end tests
- Documentation: User guides, API documentation, and examples
- Security Improvements: Identifying and fixing security issues
We believe in a robust testing strategy:
- Backend Tests: Go unit and integration tests with dynamic coverage requirements
- Frontend Tests: End-to-end tests using Playwright
- Continuous Improvement: Our coverage threshold increases with each commit
For detailed guidelines, see our Contributing Guide.
This project is licensed under the MIT License - see the LICENSE file for details.