Sherlock Holmes fights Moriarty at the Reichenbach Falls
Sherlock Holmes fights Moriarty at the Reichenbach Falls

Got state secrets? Or maybe 50 BTC? Don’t trust your government or lawyers? And you want to make sure that if you die, your secrets are passed on? Don’t worry, I got you covered. In this post, I’ll introduce you to a simple no-bullshit dead man’s switch written in Rust.

Dead Man’s Switch

According to Wikipedia:

A dead man’s switch is a switch that is designed to be activated or deactivated if the human operator becomes incapacitated, such as through death, loss of consciousness, or being bodily removed from control. Originally applied to switches on a vehicle or machine, it has since come to be used to describe other intangible uses, as in computer software.

A Dead Man’s Switch (DMS) can be handy and common scenarios might be:

  • Password to your encrypted files: You gave a trusted person an encrypted USB drive and the DMS sends the password to decrypt it.
  • Bitcoin Multisig: Sending 1 of 3 keys to a trusted person. You hold 1 key, your friend holds another key, and the DMS holds the last key.
  • Instructions: Sending instructions on how to access something of value or importance.
  • Goodbye Note: Sending a goodbye note to loved ones.

A DMS is specially useful when you don’t trust the government or lawyers to handle your affairs after you die. It’s also useful when you don’t want to disclose your secrets while you are alive.

The idea is simple:

  1. You set up a DMS.
  2. You need to check in periodically.
  3. If you don’t check in, the DMS is triggered.

In this post opening picture, is depicted an image from Conan Doyle’s story The Final Problem, where Sherlock Holmes fights Moriarty at the Reichenbach Falls. Eventually, both fall to their deaths. I am pretty confident that Sherlock Holmes had a DMS in place to send Watson a message.

I’ve tried finding nice implementations of DMS, but to no avail. They all were either unmaintained or plaged with spaghetti code. My inspiration to build one came from two sources. First, a friend of mine told me that he is using a bunch of badly-written shell scripts with some cron jobs to manage his DMS. Second, there might be a genuine need for a simple DMS in the privacy community. For example,, despite being closed source, and you have no idea who’s behind it, has gathered enough users in a subscription model and they are not accepting new users anymore. If people are paying for this, they can pay for a Linux server somewhere. But they would need a simple DMS to run on it.

How to Use It

Disclaimer: Use at your own risk. Check the f****(as in friendly) code.

I invite you to check out the code on GitHub at storopoli/dead-man-switch. The license is AGPL-3.0, which means you can use it for free as long as you share your code. The package is also available on, Rust’s package manager.

DMS is very easy to use and deploy. I’ve made an extra effort to make sure that it builds with Rust version 1.63.0, which is the current Debian stable Rust version1. There are several alternatives on how to deploy it. Here are the two easiest ways:

  1. Building from Source:

    1. In a fresh Debian/Ubuntu server install the following dependencies:

      sudo apt-get install -y cargo pkg-config libssl-dev
    2. Install the DMS:

      cargo install dead-man-switch
    3. Run the app with:

  2. Using Nix. This is the easiest just do nix run github:storopoli/dead-man-switch.

Once, you successfully run the app, you will see the following output:

Initial Screen of Dead Man's Switch
Initial Screen of Dead Man's Switch

If you read the instructions carefully, all you need to know is detailed in these 3 steps:

  1. Edit the Config at /root/.config/deadman/config.toml and modify the settings.
  2. Check-In with c within the warning time.
  3. Otherwise the Dead Man’s Switch will be triggered and the message with optional attachment will be sent.

Upon the first run, the app will create a configuration file at an OS-agnostic config file location:

  • Linux: $XDG_CONFIG_HOME, i.e. $HOME/.config|/home/alice/.config
  • macOS: $HOME/Library/Application Support, i.e. /Users/Alice/Library/Application Support
  • Windows: {FOLDERID_RoamingAppData}, i.e. C:\Users\Alice\AppData\Roaming

In this example, I am running it from a Debian server as the root user. Hence, the configuration file is at /root/.config/deadman/config.toml.

If you open the configuration file, you will see the following content. I’ve added some default values for inspiration2:

username = ""
password = ""
smtp_server = ""
smtp_port = 587
message = "I'm probably dead, go to Central Park NY under bench #137 you'll find an age-encrypted drive. Password is our favorite music in Pascal case."
message_warning = "Hey, you haven't checked in for a while. Are you okay?"
subject = "[URGENT] Something Happened to Me!"
subject_warning = "[URGENT] You need to check in!"
to = ""
from = ""
timer_warning = 1209600
timer_dead_man = 604800

The configs are self-explanatory. You might need some help to set up and find a reliable SMTP server. One option is to use Gmail. Unfortunately, Proton or Tutanota are not supported because they don’t support SMTP. Just grab the support page of your email provider and search for SMTP settings. Plug the values in and you are good to go.

I want to bring your attention to the timer_warning and timer_dead_man configs. These are very important.

The way DMS works is by checking in periodically. If you don’t check in within the timer_warning time, the DMS will send a warning message to your own email, i.e. the from email declared in the config, with the message message_warning and subject subject_warning.

If you still don’t check in within the timer_dead_man time, the DMS will send the “Dead Man’s” message to the to email declared in the config, with the message message and subject subject.

The timers are in seconds, and the default values are:

  • Warning Timer: 2 weeks
  • Dead Man’s Timer: 1 week

Feel free to change these values to your liking.

You can also add an attachment to the Dead Man’s Message. Just add an attachment field to the config file with the absolute path to the file. For example:

attachment = "/root/important_file.txt"

A good idea is to make this file encrypted. Actually, it’s even better if you encrypted the whole fucking thing. You can use PGP or age. For example, this is a PGP-encrypted message:



In this message there’s a nice Easter Egg for you, my friend. The password is the name of the waterfall depicted in this post, all together and in PascalCase.

Upon checking in, the timer will be reset to the Warning Timer, even if you are already in the Dead Man’s Timer.

If both timers run out, the messages will be sent and DMS will exit.

The Implementation Details

For the stupid smelly nerds that want to go beyond the “JUST MAKE A FUCKING .EXE AND GIVE IT TO ME”.

Before we dive into the code, here are the dependencies that I am using. I’ve tried to keep them to a minimum, since I want this to be a dead-simple program. This also helps with reducing the incidence of bugs and narrowing the attack surface:

The app is divided into a library and a binary. The library is contained in the file and the binary in the, both under the src/ directory. Here’s a representation of the structure of src/:


As we can see, it is divided into 4 modules:

  • Handles the configuration file.
  • Handles the email sending.
  • Handles the timers and timer logic.
  • Handles the Terminal User Interface (TUI).

Feel free to dive in any of these files to understand the implementation details. I’ve made sure that the code is both well-tested and well-documented.

Contributions are Welcome

If you want to contribute to the project, feel free to open a pull request. I’ve marked a few issues as good first issue to help you get started. Check out the GitHub repository.


I’ve built a simple no-bullshit Dead Man’s Switch so that any person can use it. Feel free to use it and share it with your friends. Let’s hope that we don’t go to a dystopian future where everyone needs to use it. Although, I am pretty sure that Sherlock Holmes would have used it no matter what. Probably the way he would have used it is by:

  1. Set-up a non-KYC email account that supports SMTP.
  2. Sign-up for a non-KYC VPS with Bitcoin or Monero.
  3. Access the VPS via Tor using Tails.
  4. Change the server’s default SSH port to a random one.
  5. Disallow password authentication and only allow key-based authentication.
  6. Encrypt everything in the case the server is seized.


This post is licensed under Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International.


  1. Please check Debian’s rustc package for more details. ↩︎

  2. Please don’t go to bench 137 in Central Park, NY. That was just an example. ↩︎