LastSignal LastSignal
Open source, Self-Hosted, Privacy Oriented

Your Final Message.
Delivered When It Matters.

Build your digital legacy with gentle email check-ins.
If you stop replying, your end-to-end encrypted messages are delivered to the people you choose. A self-hosted dead man's switch for delivering encrypted messages to your loved ones β€” when you're gone or unresponsive.

Get Started How It Works

True end-to-end encryption

The server can't read your messages. By design.

Your messages are encrypted in your browser using each recipient's public key before they ever leave your device. The server only stores encrypted blobs it cannot decrypt.

Recipients decrypt messages in their browser using their private key, protected by a passphrase only they know. No backdoors, no master keys, no exceptions.

πŸ”

Client-side encryption

Encrypted before upload

πŸ–₯️

Zero-knowledge server

Stores only ciphertext

πŸ”‘

Public-key cryptography

Only recipients can read

Open source

MIT licensed, fully auditable

Self-Hosted

Your server, your data

Zero-Knowledge

The server can't read your messages

End-to-End Encrypted

XChaCha20-Poly1305 + Argon2id

How It Works

Three simple steps to protect what matters most. No complicated setup, no technical knowledge required.

01

Invite Recipients

Add recipients by email. They'll create a secret passphrase that only they know β€” the server never sees it. This passphrase is the key to unlock your messages.

02

Write Your Messages

Compose messages for the people you care about. Everything is encrypted in your browser before it ever touches the server. Only your recipients can read what you've written.

03

Stay Active

Respond to periodic check-ins to confirm you're okay. If you stop responding, your messages are delivered automatically. Simple as that.

πŸ’‘

What if you miss a check-in?

No need to panic. You'll receive multiple email reminders. After missing check-ins, there's a grace period, then a cooldown window where you can cancel delivery with one click. You can also add a Trusted Contact who can confirm you're alive but unreachable, delaying delivery by your chosen amount.

Built for Privacy, Designed for Humans

Every feature is designed with security and simplicity in mind. No compromises, no complexity.

Client-Side Encryption

Your messages are encrypted in your browser using industry-standard algorithms. The server only sees encrypted data it cannot decrypt.

Passwordless Login

No passwords to remember or steal. Sign in securely with a magic link sent to your email. Simple, secure, and hassle-free.

Flexible Timing

Set your own check-in schedule. Choose how many reminders you want to receive and how often, so delivery fits your pace.

Emergency Stop

Use a recovery code to pause delivery even without email access, so you can stay in control.

Complete Audit Trail

Every security-relevant action is logged. Know exactly what happened and when, without compromising your privacy.

Docker Ready

Deploy in minutes with Docker. All you need is an SSH-enabled server and a reliable SMTP provider.

Built on Proven Cryptography

LastSignal uses the same encryption trusted by security professionals worldwide. Your messages are protected by XChaCha20-Poly1305 and Argon2id β€” algorithms designed to resist even the most sophisticated attacks.

  • Messages encrypted before leaving your device
  • Private keys never touch the server
  • Decryption happens entirely in recipient's browser

Important: Encryption is only as strong as the recipient's passphrase. The server stores salts that could enable offline attacks if compromised. Why this matters β†’

Deep dive into the security model
// Your message
"I love you. Take care of each other."
// What the server sees
7f3d8a2c9e4b1f6d
a5c8e2f1b4d7a9c3
2e5f8b1c4a7d0e3f
... (encrypted)

Frequently Asked Questions

Got questions? Here are answers.

No. There is no business model, no paid product, and no managed service. LastSignal is a self-hosted project you run yourself. We do not host it, operate it, or monitor it for you. It is provided as-is, without warranties or guarantees; bugs may exist. You are solely responsible for configuration, data, recipients, legal compliance, and any consequences of use.

There is no managed service, hosting, or paid plan. You run it on your own server. If you'd like a quote for consulting help with setup, customization, troubleshooting, or deployment, email hello@lastsignal.app.

No. Messages are encrypted in your browser before being sent to the server. The server only stores encrypted data and doesn't have the keys to decrypt it. This is called "zero-knowledge" architecture.

You'll receive a recovery code when you first sign up. Store it safely β€” you can use it to stop message delivery even without email access. Think of it as your emergency backup.

Unfortunately, there's no recovery option β€” that's the trade-off for true security. The passphrase is the only way to decrypt messages. Recipients may optionally add a hint to help them remember the passphrase when needed, but this feature should be used with caution, as it could weaken security if misused.

The code is publicly available. Security researchers can audit the code, and users can independently verify the client-side encryption. The security model is documented in detail on the Security page.

A Trusted Contact can confirm you are alive but temporarily unreachable after the final reminder. Each confirmation delays delivery by the amount you choose. They cannot read messages or access your account.

Yes. You can set a per-recipient delay (up to a year). The email goes out immediately, but decryption is blocked until the delay passes. Useful if you want someone to read a message only after a certain time.

Yes. You can allow only specific email addresses to request sign-in links, so the instance stays private.

Absolutely β€” that's the whole point! LastSignal is completely free and fully self-hosted. All you need is a server with SSH access and a reliable SMTP provider. Full instructions are in the README.

Use Cases

Real-world ways people can use LastSignal to protect sensitive information and preserve a digital legacy at the right moment.

Family planning ahead

Family Emergency Instructions

Leave clear steps for loved ones: contacts, documents, and immediate actions to take if you're unavailable.

Bitcoin recovery plan

Bitcoin Wallet Recovery

Leave Bitcoin wallet recovery instructions so your children can access it when it matters most.

Executor playbook

Executor & Legal Guidance

Share private notes for an executor: where to find documents, who to contact, and how to proceed.

Protected disclosure

Whistleblower Safeguard

Release documentation or a tip only if you miss check-ins, ensuring sensitive disclosures reach trusted recipients.

Operational continuity

Founders & Projects

Hand off repositories, keys, and operational playbooks so a co-founder can keep a project running.

Personal closure

Personal Farewell & Legacy

Leave a final message that reaches the right people at the right timeβ€”private and protected.

πŸ’Œ

Take Control of Your Digital Legacy

Your final words deserve to be protected. LastSignal ensures they reach the right people, at the right time, with uncompromising privacy backed by publicly auditable code and end-to-end encryption.

View on GitHub Security Model

MIT License β€’ No tracking β€’ No vendor lock-in