physical digital safe
A real box for the codes, keys, files, and instructions that don't belong scattered across phones, screenshots, and cloud drives.
why arca
A dead phone. A missing recovery code. One founder. One parent. One office. Secrets must survive across places, across people, and over time. arca is for the stuff that shouldn't depend on one person, one app, or one building.
A real box for the codes, keys, files, and instructions that don't belong scattered across phones, screenshots, and cloud drives.
Secrets stay encrypted on the device and while syncing between devices. Custody first. Convenience second.
Use one arca as a safe. Put more in trusted places and the encrypted contents stay in sync.
One box can hold separate spaces for family, work, partners, or backup swaps.
Make the right things recoverable when the normal path is gone, without turning every secret into an easy grab.
Prepare a controlled path for family or trusted people if you're not around to unlock things yourself.
Keep production credentials, signing keys, runbooks, and recovery codes from becoming one person's private ritual.
Mirror an encrypted space into another arca: yours, a friend's, a partner's, or eventually a hosted box.
Let an AI agent request the narrow thing it needs without handing it the whole vault.
From the people behind Coldcard, Opendime, Tapsigner, Satscard, and other no-nonsense custody tools.
Trying to place arca next to tools you already know? View the comparison table for password managers, cloud drives, NAS boxes, home servers, HSMs, hardware wallets, safes, and recovery tools.
A safe for the data you can't afford to lose. Tamper-proof. Encrypted. Geo-distributed. Swarm cluster. Yours alone.
Product updates via Coinkite's Substack. Unsubscribe anytime.
data haven
A data haven is an old Internet idea: a place, jurisdiction, or technical system built to keep data available and protected. arca borrows the useful part of that idea and makes it physical: a box you choose, in a place you trust, for the secrets that should not disappear.
specs
arca is being built as embedded hardware for secret custody, not as another cloud account. Current target specs include:
Design and specs will likely change as we progress through the manufacturing process. The direction is hardware-enforced custody, boring power resilience, and controlled recovery paths.
details
We keep coming back to the same boring failure modes. The authenticator phone is gone. The seed words are in one building. The vendor login is in one employee's notes. The emergency plan is “ask Alice.” arca is for that pile.
arca is a physical digital safe for the secrets you do not want floating around your life. Seed words, recovery codes, passwords, emergency notes, business keys, signing material, and encrypted files get a dedicated box with hardware custody, sync rules, and recovery rules.
arca is for the small, ugly things that hold everything together: seed words, recovery codes, passwords, runbooks, inheritance notes, business keys, important encrypted files, and the instructions someone will need when the normal path is gone.
One arca is a safe. Two or three arcas are the answer to what happens if one building, laptop, phone, or person is gone. They can keep encrypted copies in different trusted places, with each box playing a different recovery role.
Yes. Isolated spaces mean an encrypted backup can live in a friend's, partner's, or hosted arca without handing them the contents. Think reciprocal safes, not a shared cloud folder.
A password manager helps you log in every day. A NAS stores a lot of files. arca is for the layer under both: root credentials, recovery codes, signing material, emergency instructions, and the rules for who can recover what.
Do not make family decode your digital life under stress. arca is meant to let selected material become recoverable by the right people under defined conditions. Not everything to everyone; the right packet to the right person.
Every company has the bad version of this: one founder, one admin, one laptop, one SaaS account, one person who remembers the ritual. arca is meant to turn those fragile access paths into a custody plan the team can survive.
Agents are going to need credentials and files. Pasting secrets into a chat window is a bad answer. Giving an agent the whole vault is also a bad answer. arca is being designed around narrow requests, policy checks, and constrained paths such as SSH.
Current target hardware is specific: Rockchip RK3328 running FreeBSD, Arm Cortex-M33 with TrustZone, ATECC608C and DS28C36BQ+T secure elements, secure RTC, motion sensor, active tamper-detect circuit, two USB inputs, Power Over Ethernet (PoE), and internal UPS. Design and specs will likely change as arca progresses through manufacturing.
Not yet. We are getting closer to a release timeline, initial quantities are expected to be limited, and we will publish launch notes and production details through the update list.
Coinkite. Same shop behind COLDCARD, OPENDIME, TAPSIGNER, SATSCARD, COLDPOWER, and other security hardware for people who care about custody more than convenience theater.
comparison guide
arca overlaps with servers, NAS boxes, cloud drives, password managers, HSMs, wallets, safes, and recovery tools. This table shows where those tools are useful, and what arca adds to the recovery layer.
The point is not to replace useful tools. It is to name the missing layer for critical secrets and recovery paths.
40 of 40 rows shown
| Category / example | What it is for | How arca is different |
|---|---|---|
| Umbrel | Running a personal server and self-hosted apps at home. | It overlaps around personal control, local box, sovereignty vibes. arca is not mainly an app server; it is a dedicated safe for critical secrets and recovery material. Not a home server. A safe. |
| Start9 | Sovereign personal server and self-hosted services. | It overlaps around physical appliance, self-hosting, Bitcoin-adjacent audience. arca should not be framed as a general compute platform; resilience and controlled recovery are the center. A Start9 runs services; arca protects the access paths. |
| CasaOS / Zima / home-server boxes | Friendly home-lab app hosting. | It overlaps around local ownership and physical hardware. arca is narrower and higher-stakes: secrets, keys, files, instructions, continuity. Less dashboard, more vault. |
| Synology DiskStation / RackStation | Polished NAS software, file shares, backups, photos, surveillance, and small-business storage. | It overlaps with arca because it is the mainstream “box at home/office for important data” comparison. Synology is broad storage and apps; arca is a purpose-built safe for critical secrets and recovery paths. Synology stores your files; arca safeguards the secrets that unlock your life/business. |
| QNAP NAS | Hardware-rich NAS options for home, creators, teams, tower units, and rackmount business storage. | It overlaps around local storage, multi-bay resilience, SMB/team use, and appliance ownership. QNAP is storage infrastructure; arca is narrower: controlled custody for secrets, instructions, and continuity. QNAP is infrastructure; arca is the emergency-access layer. |
| UGREEN NASync | Consumer/creator NAS marketed around private cloud, local control, and no subscription. | It overlaps around local control and a modern personal-cloud appliance story. arca is not a subscription-free cloud drive; it is a recovery safe for the few things that matter most. NASync can be your cloud; arca is your recovery safe. |
| Ubiquiti UniFi UNAS | UniFi-integrated network storage for file storage and sharing. | It overlaps around rackable appliance, simple ecosystem fit, and storage for homes/businesses. UniFi NAS belongs to network/storage infrastructure; arca belongs to the trust and recovery layer. UniFi stores files in your network; arca stores the paths back into your life. |
| ioSafe / CRU disaster-proof NAS | Fireproof/waterproof NAS storage, often Synology-powered, focused on physical disaster protection. | It overlaps most on physical safety: a NAS in a rugged disaster-resistant shell. ioSafe hardens disks/data against fire/flood; arca should protect encrypted secret contexts, tenancy, recovery flows, and controlled release. ioSafe hardens the storage box; arca hardens the recovery plan. |
| Nextcloud | Self-hosted cloud files, calendar, contacts, collaboration. | It overlaps around user-owned sync and collaboration. arca should not become a productivity cloud; it stores and governs critical secret material. Nextcloud for work files; arca for the keys to the kingdom. |
| Syncthing | Peer-to-peer file synchronization. | It overlaps around device-to-device sync. Syncthing syncs folders; arca defines a safe, access rules, tenancy boundaries, and recovery flows. Sync is a mechanism, not the product. |
| Resilio Sync | P2P file sync. | It overlaps around distributed file copies. arca is not a generic folder replicator; it is for secret custody and controlled recovery. Encrypted survivability, not just replication. |
| iCloud | Consumer cloud storage, device backup, photos, keychain, family convenience. | It overlaps around backup and cross-device availability. arca reduces dependence on one Apple account/cloud account and creates a physical custody boundary. What if the account is the failure point? |
| iCloud Keychain | Consumer password/autofill convenience. | It overlaps around password and secret storage. arca is not primarily autofill; it is continuity for secrets that must outlive devices/accounts. Autofill is convenience. arca is continuity. |
| Google Drive / Dropbox / OneDrive | Cloud files, sharing, collaboration. | It overlaps around off-device copy and access from multiple places. arca is physical, encrypted, purpose-specific, and not a general cloud bucket. Cloud storage is not a digital safe. |
| Proton suite / Proton Pass / Proton Drive | Privacy-oriented consumer cloud, password manager, encrypted files. | It overlaps around privacy, encryption, account security. arca adds physical locality, survivability, multi-location boxes, and recovery planning around people/places. Private cloud is still cloud; arca is a box you can place. |
| 1Password | Password management for individuals, families, and teams. | It overlaps around secrets, sharing, emergency access features. arca is broader than passwords and more physical: files, instructions, keys, recovery contexts, and device-level custody. Password managers manage logins; arca protects critical access paths. |
| Bitwarden / Vaultwarden | Password management, including self-hosted options. | It overlaps around secrets, teams, sharing, open/self-hosted appeal. arca is not just a credential database; it is a physical safe and resilience network. A vault app is not the same as a vault appliance. |
| KeePassXC / Strongbox | Local password databases and encrypted files. | It overlaps around local control and encrypted secret storage. arca adds dedicated hardware, sync model, isolated spaces, recovery flows, and possibly hosted/reciprocal boxes. Local file vaults are portable; arca is placeable. |
| HashiCorp Vault | Enterprise secrets management, dynamic credentials, infrastructure automation. | It overlaps around team secrets and access control. arca is for physical custody and continuity, not only cloud/devops runtime secrets. Vault handles infrastructure secrets; arca protects the continuity layer. |
| Doppler / Infisical / 1Password Secrets Automation | Developer secret distribution and environment management. | It overlaps around team secret workflows. arca should be the controlled origin / recovery boundary, not just CI/CD secret injection. Runtime secret delivery is not long-term custody. |
| AWS Secrets Manager / GCP Secret Manager / Azure Key Vault | Cloud-managed application secrets and KMS integrations. | It overlaps around secret storage and access policy. arca reduces reliance on a cloud provider/account as the only root of recovery. Cloud secrets still depend on cloud access. |
| Enterprise HSMs / CloudHSM / Thales / Utimaco | High-assurance key generation, signing, compliance, tamper resistance. | It overlaps around critical keys, signing material, security hardware. arca is family/team continuity and personal/business secret resilience, not only enterprise cryptographic operations. HSMs protect keys in systems; arca protects access paths in life. |
| YubiHSM / Nitrokey HSM | Smaller hardware-backed key storage/signing. | It overlaps around hardware key custody. arca can hold richer recovery contexts and files, across places and tenants. A hardware key is one object; arca is the safe around the plan. |
| YubiKey / hardware security keys | 2FA/passkey authentication. | It overlaps around account protection. arca stores the recovery and continuity material around accounts, devices, keys, and instructions. Security keys prevent entry; arca preserves recovery. |
| Hardware wallets: Coldcard, Trezor, Ledger, Jade | Bitcoin/private-key signing and custody. | It overlaps around seed words, keys, security culture. arca should be adjacent, not a replacement: it safeguards recovery material and broader secrets, not just coin signing. Wallets sign. arca safeguards what must be recoverable. |
| Seed plates / steel backups | Durable offline seed phrase backup. | It overlaps around physical resilience for seed words. arca handles more data types, sync, tenancy, and controlled access paths. Steel survives fire; arca coordinates recovery. |
| Paper backups / notebooks | Simple offline storage. | It overlaps around physical access and low-tech durability. arca provides encryption, structure, sync, and controlled sharing. Paper is simple but brittle operationally. |
| Home safes | Physical security for documents and valuables. | It overlaps around place-based custody. arca is a digital safe: encrypted contents, sync, isolated spaces, and access policies. A safe for the digital things paper safes do not understand. |
| Safe-deposit boxes | Offsite physical custody. | It overlaps around geographic separation. arca can be active, encrypted, synchronized, and multi-tenant rather than a passive box at a bank. Offsite custody without turning secrets into static paper. |
| Estate-planning vaults / legacy contact tools | Passing information to heirs. | It overlaps around inheritance and emergency access. arca is not only after-death access; it also covers daily continuity, teams, reciprocal backup, and agent access. Inheritance is one use case, not the whole product. |
| Dead-man-switch services | Triggered release after inactivity/death. | It overlaps around emergency release / continuity. arca should avoid being boxed into this; dead-man-switch is a feature pattern, not the product category. Dead-man switch is one door in the safe. |
| Shamir / SLIP39 / social recovery | Splitting recovery material among people/devices. | It overlaps around multi-person recovery and resilience. arca can host richer encrypted contexts and manage where they live, not only split one seed. Secret sharing solves one recovery problem; arca manages the broader secret estate. |
| Data rooms / legal document vaults | Sharing sensitive documents with lawyers, investors, counterparties. | It overlaps around controlled access to important files. arca is owner-controlled physical custody and recovery, not transaction-driven document exchange. Data rooms are for deals; arca is for continuity. |
| Backblaze / Arq / Time Machine | Backup and restore of computers/files. | It overlaps around data loss prevention. arca is not a whole-computer backup; it protects the critical secrets needed to recover life/business. Backup everything elsewhere; keep the keys to everything in arca. |
| VeraCrypt / Cryptomator / age / GPG files | Encrypted containers/files. | It overlaps around encryption and local custody. arca adds productized hardware, sync, tenancy, and recovery workflows around encrypted material. Encryption is a primitive; arca is the operating model. |
| Encrypted USB drives | Portable encrypted files. | It overlaps around physical encrypted storage. arca is less about carrying one drive and more about durable, placed, synchronized safes. USB drives travel; arcas can stand guard. |
| SSO / Okta / IdP | Central identity and access management. | It overlaps around access control, teams, account recovery. arca is not an identity provider; it can preserve root recovery material and emergency instructions if identity fails. IdP grants access; arca preserves the path back. |
| PAM tools / CyberArk / BeyondTrust | Enterprise privileged access workflows. | It overlaps around high-value credentials and approvals. arca can serve smaller teams/families and physical continuity use cases that enterprise PAM does not address. PAM is enterprise process; arca is physical continuity. |
| Local-first personal knowledge bases / Obsidian vaults | Notes, memory, documents. | It overlaps around important personal information. arca is for secrets and recovery material, not everyday notes. A notes vault is where you think; arca is where you recover. |
| AI agent secret stores / tool credentials | Letting agents use credentials safely. | It overlaps around agent access boundary. arca's angle is physical custody plus policy-controlled narrow access over constrained paths such as SSH, not just a software secret store. Agents need scoped access without inheriting the whole vault. |
No rows match that search.