Surviving a Blockchain Blackout
The Chronolox Double-Lock Security System
When designing a time-locked vault for digital inheritance or highly sensitive corporate handovers, one critical question inevitably arises: What happens if the primary blockchain or relayer network ceases to exist before the time-lock expires?
To solve this, Chronolox implements a proprietary architecture known as the Double-Lock Security System. Designed specifically for immutable secrets scheduled for one year or less, this system guarantees that a payload remains entirely secure until its scheduled date — and perfectly recoverable afterward — even in the event of a catastrophic network failure.
1. The Primary Lock: Hardware-Enforced Privacy
The primary route for all Chronolox vaults relies on Oasis Sapphire, an EVM-compatible blockchain utilizing hardware Trusted Execution Environments (TEEs).
When a user creates a secret, the client application generates an asymmetrical X25519 envelope. This means the payload is encrypted locally before it ever touches the internet. It is routed through a relayer network and stored on-chain, where decryption can only occur inside the secure enclave of the Sapphire TEE.
The smart contract explicitly checks the decentralized consensus block time. If a recipient attempts to unlock the vault even a second early, the enclave simply refuses to compute the decryption key. Because block timestamps are verified by a decentralized network of validators, bypassing the lock via local clock manipulation is impossible.
2. The Fallback Lock: Mathematical Certainty
But hardware and blockchain networks are not immune to permanent outages. What if the Sapphire network or Chronolox relayers permanently disappear? This is where the fallback path activates.
Simultaneously, the client application wraps the secret in a secondary layer of encryption using BLS threshold cryptography tied to the public drand (Distributed Randomness) beacon. This is the "Mathematical Lock."
The protocol calculates a precise future drand round number corresponding to the vault's unlock date (based on the quicknet's 3-second intervals). The ciphertext is then stored transparently as transaction calldata on the Polygon blockchain.
Before the global drand network broadcasts that specific future round, the ciphertext is mathematically impossible to decrypt. However, once that time arrives, anyone possessing the ciphertext and the correct recipient credentials can decrypt the payload locally. This fallback mechanism requires absolutely zero interaction with Chronolox servers or the Sapphire blockchain.
The "Resilience Trade-off"
While the Double-Lock system provides ultimate redundancy, mathematical time-locks have one critical limitation: they are entirely stateless. They cannot enforce dynamic, contract-level logic.
Because of this, Chronolox intentionally disables the drand mathematical fallback in two specific advanced scenarios:
- Multi-Party Consensus (N-of-M): If a vault requires multiple signatures (e.g., two out of three board members) to unlock, a stateless offline lock would allow a single rogue recipient to decrypt the fallback locally once the time arrived, entirely bypassing the consensus rule.
- Auto-Destroy (Read-Once): If a secret is flagged to permanently self-destruct after a single viewing, providing an offline fallback would allow the recipient to decrypt the local ciphertext an infinite number of times, breaking the destruction guarantee.
When creators require these advanced access controls, they must accept the "Resilience Trade-off." The vault skips the mathematical fallback and anchors its security exclusively to the primary Oasis Sapphire hardware enclave to enforce the strict multi-party or self-destruct state rules.
The Golden Rule
The architecture of the Double-Lock Security System is built around a non-negotiable protocol mandate: Users must always be able to retrieve their secrets after the time-lock expires, even if the creator company completely disappears. By combining the dynamic contract capabilities of hardware enclaves with the offline, stateless certainty of mathematical threshold cryptography, Chronolox ensures that digital legacies survive both the test of time and the unpredictability of Web3 infrastructure.