Crypto Inheritance and Estate Planning for Self-Custodied Crypto

A sealed dated envelope beside a hardware wallet silhouette, joined by a dashed handoff line

Separate the legal claim from the technical access. Name the assets in your will or trust so they are legally part of your estate, but never write a seed phrase into a document that goes through probate, because a probated will becomes a public record. Then leave sealed, dated recovery instructions that your executor or heir opens only after your death. That single division — claim in the will, keys in the sealed packet — is what lets self-custodied crypto pass to the people you choose without being exposed while you are alive or lost when you are gone.

CryptoInvesting Team 39 min read

Introduction

Every other layer of self-custody security is designed to keep people out. Inheritance is the one place where you have to deliberately let someone in — but only the right person, only at the right time, and without weakening the defences while you are still using them. That tension is what makes crypto inheritance harder than ordinary estate planning.

A bank account has a death-certificate process, a named beneficiary, and a human on the other end of a phone who can restore access to your family. A self-custodied wallet has none of those. There is no provider to petition, no reset link, and no support desk; whoever holds the keys holds the coins, full stop. If the knowledge of how to reach those keys dies with you, the funds are simply gone, and no court order or grieving family can bring them back.

This guide is about the general, single-key case: one person holding their own crypto on a hardware wallet, perhaps with a passphrase, and wanting it to reach their family rather than vanish. That covers the large majority of self-custody holders.

It is deliberately not about multisig inheritance, where the handoff is built into the signing architecture itself. If your assets are held in a two-of-three or larger quorum, the right path is the dedicated multisig inheritance and estate planning guide, which covers signer succession and key-share distribution in depth. Here, the single key is the whole problem, and the whole solution.

One disclaimer belongs at the top, not buried at the bottom. This is educational material, not legal advice. Inheritance, probate, and tax law differ profoundly between countries and even between regions of the same country, and the legal instruments described here — wills, trusts, the role of an executor — have to be drafted to be valid where you actually live.

Where a specific statute is named, such as the United States Revised Uniform Fiduciary Access to Digital Assets Act, it appears strictly as an illustrative example of how one jurisdiction approaches the problem, never as an instruction to follow. The technical handoff patterns in this guide are jurisdiction-neutral and yours to use; the legal wrapper around them is a conversation for a qualified estate lawyer in your own jurisdiction.

What follows works outwards from the problem. First, why single-key inheritance fails by default, illustrated by the real cases that have turned fortunes into permanently locked coins. Then the central discipline — separating the legal claim from the technical access — and the table of where each piece should and should not live.

After that, the mechanics of the sealed-instruction handoff, the dead-man's-switch patterns and managed services that automate it, and a fully worked £180,000 single-holder plan you can adapt to your own numbers. The guide closes with the part most people skip and most heirs need most: how to educate someone who knows nothing about crypto to recover an estate safely, and to recognise the recovery scams that target the recently bereaved.

Why Single-Key Inheritance Fails by Default

If you die holding self-custodied crypto without a plan, the default outcome is total loss. This is not a worst case or an edge case. It is what happens by design, because the entire point of self-custody is that nobody but you, the key-holder, can move the funds. The property that protects you in life is the same property that strands your family in death.

Analyses of the Bitcoin blockchain consistently estimate that somewhere between 2.3 and 3.7 million bitcoin — on the order of 11 to 18 per cent of the coins that will ever exist — are permanently lost, sitting in addresses whose keys can no longer be reached. Forgotten passwords and discarded drives account for much of that, but a meaningful slice traces to a single, mundane cause: the owner died, and nobody else knew the keys existed, where they were, or how to use them.

Three ways the handoff breaks

When inheritance fails, it almost always fails in one of three ways, and naming them is the first step to designing each one out.

  • Nobody knows the crypto exists. The simplest failure. The holder kept their portfolio entirely private, the family had no idea there was anything to inherit, and the coins sit untouched forever because no one ever goes looking. A reference in a will fixes this for almost no effort.
  • They know it exists but cannot reach it. The family knows there is a hardware wallet in the drawer, but not the PIN, not the recovery phrase, and crucially not whether a passphrase is in play. The device is right there and entirely useless. This is the most painful failure mode, because the inheritance is visible and unreachable at the same time.
  • They can reach it but get robbed reaching it. An inexperienced heir, handed a seed phrase with no guidance, types it into the first "wallet recovery" website a search engine offers, or follows a stranger who promised to help, and the estate is drained at the moment of recovery. Recovery without education is its own failure.

The cases that make it concrete

A handful of well-documented losses show each failure mode at scale. The QuadrigaCX collapse is the textbook example of keys dying with one person. When founder Gerald Cotten died in 2018, the Canadian exchange owed roughly 190 million Canadian dollars to about 115,000 creditors. Much of it was cold-wallet crypto that became inaccessible, because he alone held the keys and left no working succession. Ontario's securities regulator later concluded the operation had also been run as a fraud. So not every missing coin was simply locked away, but the access failure at its heart is real and instructive.

Stefan Thomas, an early adopter, has 7,002 bitcoin sitting on an encrypted IronKey drive he can see but cannot open, having exhausted most of his ten password guesses before the drive locks for good — a private, single-holder version of the same trap. James Howells famously threw out a hard drive holding around 8,000 bitcoin and has spent years fighting his local council for permission to search a landfill.

None of these involved broken cryptography. Each was an access problem: the coins were intact and the path to them was gone. That distinction matters because it tells you where to spend your effort. You cannot make the underlying maths any safer than it already is, but you can make the path to the keys survivable — and that path is entirely within your control to design, document, and keep current.

The lesson for a single-key holder is that the threat model for inheritance is the inverse of the rest of your security. Everywhere else, the danger is that access leaks to the wrong people. In inheritance, the dominant danger is that access reaches nobody at all.

A plan that obsesses over secrecy while leaving no recoverable path is not a secure plan. It is a guaranteed loss with extra steps. So your job in the next sections is to add a recoverable path that opens for the right person at the right time. You must do that without widening the attack surface while you are alive.

Separate the Legal Claim from the Technical Key

The organising idea of the whole guide is one sentence. The legal claim and the technical access are two different things, and you must keep them in two different places. The legal claim is the right to inherit. You establish it by naming the asset in a will or trust, appointing an executor, and letting the recognised process of your jurisdiction transfer ownership.

The technical access is the ability to actually move the coins: the recovery phrase, any passphrase, the device PIN, and the knowledge of where each lives. If you conflate the two by writing the seed into the will, you destroy your own security to achieve your inheritance. Keep them separate, and each does its job without compromising the other. You should treat this rule as the one you never bend.

Two-column figure contrasting the legal claim in a will or trust with the technical key in a sealed packet

Why the seed can never go in the will

A will is not a private document once it does its job. When a will goes through probate — the court-supervised process of validating it and settling the estate — it becomes part of the public record. In most jurisdictions, anyone can later visit the relevant court, request the file, and read it, regardless of whether they are family. Every motion, dispute, and inventory filed during probate joins that record.

Writing a recovery phrase or passphrase into a will therefore publishes your private keys to the world, on a delay, with the court's stamp on it. The point is not that probate is slow or hostile; it is that probate is public, and public is the one thing your seed phrase must never be. The same secret that the rest of your security spends years keeping off the internet would sit in a searchable courthouse file, available to anyone patient enough to wait for the estate to close.

This is why estate planners who want privacy often use a trust instead of a bare will, because assets held in a properly drafted trust generally pass outside probate and stay private — though the trust still names the existence of the crypto, not the keys. The distinction is worth raising with your lawyer early, since converting a bare-will plan into a trust after the fact is more work than choosing the right instrument at the outset.

Where each piece should live

The clean arrangement gives every component exactly one home, and never lets a secret sit in a document that can become public.

  • In the will or trust: the existence and rough nature of the crypto, the name of the heir or beneficiary, the appointment of an executor, and a pointer to the sealed instructions — for example, "my cryptocurrency holdings are described in a sealed instruction packet held at [location]." Never the seed, passphrase, or PIN.
  • In the sealed instruction packet: the operational detail — where the hardware device is, where the metal seed backup is, whether a passphrase exists and where it is held, and a beginner's runbook for recovery. Stored separately, dated, tamper-evident, and opened only after death.
  • In your head, ideally, or memorised: the passphrase itself, if you use one, with at most a single sealed offline copy held apart from the words. A passphrase known to nobody and recorded nowhere dies with you; a passphrase written beside the seed defeats its own purpose. This is the sharpest edge of the whole plan, covered directly in the next section.

RUFADAA as a United States example, not an instruction

One frequent question is whether the law will simply let an executor demand access to digital assets. The honest answer is that it varies enormously by jurisdiction, and you should not rely on statute to substitute for a working technical plan. As an illustration of how one country approaches it, most states in the United States have adopted some form of the Revised Uniform Fiduciary Access to Digital Assets Act, known by the initials R.U.F.A.D.A.A.

It gives a fiduciary — an executor or trustee — a legal authorisation pathway to manage a deceased person's digital assets, following a hierarchy in which any online tool the user set up takes priority, then the will or trust, then a service's terms of service. The critical point for crypto is what such a law can and cannot do. It can authorise an executor to access an account at a custodial service that holds records. It cannot conjure a private key out of nothing for self-custodied coins.

No statute anywhere can grant access to a key that was never written down or shared. Laws of this kind move the paperwork; they do not move the maths. Treat them as a reason to consult a local lawyer about the legal wrapper, never as a replacement for the sealed-instruction handoff that carries the actual access.

The Sealed-Instruction Handoff

The sealed-instruction packet is the mechanism that carries the technical access across the gap between your life and your heir's recovery, without exposing anything while you are alive. The idea is old and well understood from ordinary estate practice — a sealed, dated set of instructions, referenced by the will, held by a trusted party or in a known location, and opened only after death.

Crypto changes only the contents, not the principle. The packet does not need to be clever; it needs to be complete, current, and findable by the right person at the worst possible moment for clear thinking.

What goes in the packet, step by step

The packet is a short, dated, signed document — a single sealed page is often enough — that records the operational facts an heir needs and nothing more.

  • Step 1: the device. Where the hardware wallet physically is, what it is, and the PIN. Name the exact model, because an heir who has never seen one needs to recognise it; if it helps, point them to a plain-language reference such as our Trezor hardware wallet review. State plainly that it is a hardware wallet and that the heir will need the recovery phrase, not just the device, to be safe.
  • Step 2: the backup. Where the metal seed backup is kept, stored in a different location from the device so a single fire or burglary cannot take both. The packet says where it is; it does not transcribe the words a second time.
  • Step 3: the passphrase question. Whether a passphrase exists at all, and if so, where to find it or how it was arranged — without writing the passphrase itself next to the seed. This single line is the difference between a recoverable estate and a permanent loss, which is why it gets its own treatment below.
  • Step 4: the runbook pointer. A reference to the beginner's recovery guide, covered later in this article, so the heir knows the exact first steps and the scams to avoid before they touch anything.

What the packet leaves out matters as much as what it records. It never copies the seed words a second time, never stores the passphrase beside the seed, and never names the exact balances, since a figure that excites a dishonest holder is a figure better left vague.

It also avoids anything that ages badly: no exchange passwords, which rotate; no screenshots of balances, which mislead; no software wallet recovery files, which a beginner cannot safely use. The discipline is to record pointers and locations, not secrets and snapshots, so the document stays accurate for years and stays useless to anyone who opens it early.

The passphrase: a consequence you must plan for

A BIP-39 passphrase is an optional extra secret added on top of your recovery words that produces a completely separate wallet. For inheritance, only one fact about it matters, and it is not how it works mechanically — that derivation belongs in the dedicated seed-phrase backup and recovery guide, which explains what a passphrase is and how it derives a hidden wallet.

What matters for inheritance is the consequence: a passphrase the heir does not know is permanent loss, even if they hold the complete set of recovery words. The words alone open an empty or decoy wallet; the real funds sit behind the passphrase, and there is no recovery if it is missing. The passphrase therefore lives separately from the words — that separation is the whole security benefit, and it is also the inheritance trap.

Your plan must record, somewhere your heir can ultimately reach but a thief cannot, both that a passphrase exists and how it is recovered. The same separation principle applies to where you store the packet versus where you store the backup itself; the sealed backups and their geographic distribution are covered in the backup guide, and there is no need to duplicate that here.

Separation without a single point of failure

The packet introduces its own risk: a single sealed envelope that contains everything is a single point of failure, vulnerable to a dishonest holder, a house fire, or simple misplacement. The reconstruct-without-stealing principle solves this by splitting what any one party holds. A common arrangement gives the device location and PIN to one trusted person or location, and the passphrase recovery to another, so that neither can act alone but the executor can bring both together when the time comes.

This mirrors the logic of multisig without requiring it: no single holder of any single packet can drain the estate, but the legitimate process can. For larger estates, this separation is not optional polish; it is what stops your inheritance plan from becoming the easiest attack on your funds. Think of each split as removing one person's ability to act alone while preserving the executor's ability to act with everyone's cooperation.

Choosing where the halves physically rest is half the work. A solicitor's deed box, a home safe, and a bank safe-deposit box each carry different access rules after a death. A bank box may be sealed pending probate. A document held by your solicitor is released to the named executor far sooner. The packet should account for this difference. Pick custodians whose post-death access timeline you have actually checked, not merely assumed.

Maintenance is the part people forget. Date every version, destroy superseded copies, and review the packet whenever the device, the backup location, or the passphrase arrangement changes — a stale packet pointing at a wallet you have since moved is its own quiet failure. A diary reminder once a year, and one more after any hardware change, keeps the document honest. The packet you wrote three devices ago is no longer a plan; it is a misdirection your heir will follow into a dead end.

Dead-Man's-Switch Patterns and Managed Services

A dead-man's switch automates the moment of handoff. Rather than relying on an executor to discover and act on a sealed packet, it releases access when you stop responding for a defined period, on the reasoning that prolonged silence means you have died or become incapacitated.

The pattern is appealing because it removes the need for anyone to prove death before access passes, and it works even if your executor never finds the packet. It is also the part of an inheritance plan most prone to going wrong, so it deserves a clear-eyed look at both the do-it-yourself and the managed versions, and an honest list of how each can fail.

The do-it-yourself switch

The simplest dead-man's switch needs no technology at all. A trusted person — a sibling, an adult child, a long-standing friend — holds your sealed instruction packet under an explicit agreement. If they cannot reach you for a defined period, say three months of no contact across several attempts, they open it and follow the steps. You maintain a regular check-in, so the absence is meaningful.

The strengths are that it costs nothing, depends on no company staying in business, and keeps the secrets entirely outside any service. The weaknesses are equally plain: it depends entirely on the honesty and longevity of one person, it can be triggered by a long illness or a stint abroad rather than death, and it offers no protection if that person decides to open the packet early. Splitting the packet, as described above, blunts the dishonesty risk; clear written conditions blunt the false-trigger risk.

Managed and built-in services

Several custody services build the switch into the product, removing the burden of designing your own. Casa, a long-running self-custody and collaborative-custody provider, offers an inheritance feature as an illustrative example of the managed model. As of mid-2026, its base inheritance plan grants a named recipient access to the vault after a six-month period of owner inactivity, and that base inactivity model is available globally, requiring no death certificate.

A separate Enhanced Verification option removes the six-month wait in favour of manual review against a submitted death certificate, but that enhanced tier is limited to United States-based Private Clients. The trade-off is the recurring fee and the dependence on the provider continuing to operate and honour the arrangement. Read the current terms before committing, since inheritance features and their regional availability change, and the version live when you sign up is the one your heir will meet.

The deeper mechanics sit outside this single-key guide. How a coordinator or multisig service structures these handoffs, and how the named providers compare on price, is a separate question. For that head-to-head, the dedicated crypto security stack by holding size comparison shows which setup fits each estate. The operational-security hub below routes to the collaborative-custody providers in depth. Here, the point is simpler: built-in inheritance is a viable alternative to a hand-rolled packet for holders who would rather pay than maintain.

The honest risk list

Whichever version you choose, weigh it against the same failure modes before you trust it with an estate.

  • Single point of failure. If one person or one service holds everything needed to release the funds, that person or service is now the weakest link in your entire security. Split holdings, or pick a service whose own internal controls you have actually examined.
  • False triggers. A long hospital stay, an off-grid trip, or a lost phone can read as death to a switch. Build in generous timeouts, multiple contact attempts, and a way to cancel a triggered release before it completes.
  • Provider shutdown. A managed service can change terms, be acquired, or close. A plan that depends on one company should have a fallback sealed packet that works even if the company disappears overnight.
  • Premature disclosure. Any switch held by a person can be opened early by that person. Tamper-evident packaging, split custody, and an executor with oversight reduce, though never fully remove, this risk.

A Worked Plan: The £180,000 Single-Holder Estate

The patterns above are easier to judge against a concrete estate. Consider a single holder — call her Mara — with a £180,000 crypto position. She splits it the way a careful self-custodian typically does. Roughly £150,000 sits in cold storage on a hardware wallet protected by a passphrase. About £20,000 sits in a hot mobile wallet she uses for regular activity. Around £10,000 sits on a reputable exchange.

She has one adult child as her intended heir, who knows almost nothing about crypto. Her goal is that all £180,000 reaches that child, intact, whether she dies tomorrow or in thirty years, without exposing any of it while she is alive. The hot-wallet figure she keeps deliberately small, since the mobile device she carries every day is the one most exposed to loss, theft, and the everyday risks covered in the mobile wallet security guide.

What each component needs

The three pots have genuinely different inheritance requirements, and treating them identically is a common mistake.

  • The £150,000 cold position is the hard part and the bulk of the estate. It needs the full sealed-instruction handoff: device location and PIN, metal-backup location, and the passphrase arrangement recorded separately. Because of its size, Mara splits the packet so that the device details and the passphrase recovery are held by two different trusted parties, with her executor able to combine them.
  • The £20,000 hot wallet is small enough to treat as operational rather than vault-grade. Its recovery phrase goes into the same sealed packet, but with a note that the heir's first action is to move these funds to the cold setup or a new wallet, since a hot wallet that has touched the internet for years is the least trustworthy of the three.
  • The £10,000 on the exchange is the one pot with a conventional path: the exchange has a bereavement process, and an executor with a death certificate and the legal authority granted by the will can usually claim it. The packet records which exchange and the registered email, and nothing more sensitive than that.

Some holdings are easy to forget. Suppose part of the cold position is not idle but working. Coins may be locked in staking, or supplied to a DeFi protocol for yield. The wallet might also hold an NFT worth thousands, or a liquidity position in a pool. These holdings are invisible to an heir who only restores the wallet and glances at the coin balance. A staked token shows as a smart-contract claim, not a plain coin, and the heir will not know to look.

Mara records each active position by name. She lists the protocol, the rough size, and the extra step needed to unstake, withdraw, or exit the liquidity pool before the funds move freely. Should the heir rush? No. A staking position often has an unbonding period. A yield position may carry exit fees. So the first transaction should be a careful withdrawal through the right dapp, not a panicked transfer. An estate that ignores its on-chain positions can leave real value stranded behind a contract nobody knew to call.

The same thinking covers the odder corners of a portfolio. An NFT is an asset, so the packet should say where it lives and what it is worth. Governance tokens that confer a vote are still value, and you should note them. If you ran a validator, or hold older mined coins on a separate device, write that down too. The principle is blunt: anything with value that an heir would not stumble upon by restoring one wallet must be named explicitly, or it is effectively lost.

Cost and effort, side by side

Mara weighs three approaches against each other, and the comparison is as much about effort as money.

  • Doing nothing. Zero cost, zero effort, and a near-certain outcome of total loss of the £170,000 in self-custody. The exchange portion might be recoverable by a determined executor; the rest dies with her. This is the baseline every other option beats.
  • The self-managed sealed plan. The cost is the price of a metal backup and tamper-evident packaging, plus a lawyer's fee to reference the packet correctly in a will or trust. The effort is real but front-loaded: design it once, then review on a schedule. For an estate this size, this is the proportionate default.
  • A managed inheritance service. An annual fee and an ongoing dependence on the provider, in exchange for the built-in switch and removing most of the design burden. Worth considering if Mara doubts she will keep a do-it-yourself plan current, or has no reliable executor to lean on.

The tax and probate timeline Mara cannot ignore

A worked plan is not only about access; it is about the clock the estate runs against. In the United Kingdom, where Mara lives, crypto held at death forms part of the estate for inheritance-tax purposes, valued at its market price on the day she dies. Her executor has to declare that value and may face a tax bill before the assets can be distributed.

This creates a trap unique to volatile assets: the tax is fixed against a date-of-death valuation, but the coins can fall sharply before the heir is able to sell. An estate valued at £180,000 on a Tuesday can be worth far less by the time probate concludes months later, yet the liability was set at the higher figure. Mara notes this plainly in the packet so her executor understands the pressure to value, report, and act within statutory deadlines rather than waiting for a better price.

She does not attempt to draft the tax treatment herself, because the rules change and the thresholds shift. Instead, the packet records that a tax liability will arise, names the estate lawyer who will handle it, and flags that any later realised gain or loss after death is a separate matter for the heir. This is exactly the boundary the guide keeps drawing: Mara documents the existence of the obligation and the contact who manages it, and leaves the legal mechanics to the professional. The point of recording it at all is so nobody discovers the deadline by missing it.

The heir's day-one runbook

Mara writes the recovery steps for someone starting from zero, because that is who will read them. The runbook insists on a strict order. First, do nothing fast and trust no one who makes contact unprompted, because scammers watch for exactly this moment. Second, open the sealed packet and read all of it before touching any device.

Third, recover the wallet using the recovery phrase and passphrase on the named hardware device, never on a website. Fourth — and this is the instruction Mara underlines — the very first safe action after regaining access is to move every coin to a brand-new wallet the heir alone controls, with a freshly generated phrase. Any old secret may have been seen by someone during the handoff, so the inherited keys are treated as burnt the moment recovery succeeds.

She also writes the steps in the order the funds should be touched. The exchange balance comes first, because its bereavement process is the most forgiving of mistakes. Then the hot wallet. Then the cold position last, once the heir has rehearsed the motions on the smaller pots. A calm, ordered runbook turns a frightening technical task into a sequence a beginner can actually complete. It is the single most valuable page in the whole packet.

Educating Your Heir

A perfect plan handed to an unprepared heir is still a fragile plan. The final piece of inheritance is preparing the person who will use it, and the goal is a careful balance: the heir should know enough to act when the time comes, but not so much that they become a security risk while you are alive. The tool for striking that balance is graduated disclosure — releasing knowledge in layers, with the most sensitive layer never released at all until after death.

Graduated disclosure: what to tell, and when

While you are alive, the heir needs three facts and no secrets: that a plan exists, roughly what the estate is worth so they take it seriously, and where the sealed instructions can be found. They do not need the recovery phrase, the passphrase, or the device PIN, and giving any of those early simply widens the circle of people who can compromise your funds today for a benefit that only matters after you are gone.

The secrets stay sealed; the existence and location of the plan are shared. If the heir knows only "there is crypto, it is worth taking seriously, and the instructions are in the packet at the lawyer's office," they have everything they need to start, and nothing a thief could use. That single sentence, repeated until it sticks, is more durable than any document, because it survives a lost note and a panicked memory alike.

A primer written for a beginner

Inside the packet, alongside the operational steps, include a short plain-language primer that assumes no prior knowledge. Give it a paragraph each on four things. First, what a recovery phrase is and why it controls the money. Second, that no legitimate person, company, or "support agent" will ever need it, so anyone who asks is a thief. Third, what a hardware wallet does. Fourth, the meaning of the passphrase if one is used.

The primer is not trying to make the heir an expert. It is trying to give them enough context that the runbook's instructions make sense and the obvious traps are visible. A heir who understands why they must never type the phrase into a website is far safer than one merely told not to. Understanding, not obedience, is what holds up when the instructions run out and the heir has to make a judgement call alone.

A dry run while you are alive

The most underused tool in heir education is a rehearsal. Without ever revealing a live secret, you can walk the heir through the shape of the recovery on a throwaway wallet — one you create with a fresh phrase, fund with a trivial amount, and treat as a teaching aid rather than a store of value. The heir practises finding the device, entering a PIN, restoring from words, and moving the test funds to a wallet they control, so the real sequence is familiar rather than alien.

A rehearsal surfaces the gaps a written runbook hides. The heir who has never held a hardware wallet learns what the buttons do, where the screen confirmations appear, and how slow and deliberate the process feels when done correctly. They also learn the emotional truth that matters most: that nothing about legitimate recovery is urgent, and that any pressure to hurry is a sign of fraud rather than a feature of the technology.

You repeat the dry run after any meaningful change — a new device, a moved backup, a revised packet — so the heir's mental model never drifts out of date. The cost is an afternoon and a few pounds in test funds. The return is an heir who, at the worst possible moment, is executing a remembered routine instead of decoding a stranger's instructions under grief and time pressure. A plan rehearsed once is worth more than a plan merely written, because muscle memory survives panic in a way that paper does not.

The recovery scam aimed at the bereaved

The people most likely to be defrauded out of an inherited estate are grieving, inexperienced, and publicly known to have come into money — which is precisely the profile fraudsters hunt. The FBI's IC3, its internet-crime complaint division, has issued repeated public advisories about this. Fictitious "law firms" and recovery services target cryptocurrency victims, often the elderly and the recently bereaved. They promise to help reclaim funds while exploiting the victim's emotional state. Some go further and impersonate government bodies to seem legitimate.

Classic inheritance-scam letters work the same vein, arriving unsolicited and claiming a windfall that requires an upfront payment or a shared secret to unlock. The instruction for your heir is blunt and belongs in the runbook. Nobody who contacts you first can be trusted. No legitimate process requires the recovery phrase. Any "recovery specialist" who reaches out after a death is a fraud until proven otherwise through channels the heir initiated independently.

The strongest technical handoff in the world is undone by a single transcribed phrase given to a confident stranger at a vulnerable moment, and forewarning is the only defence that scales. A line in the runbook that simply says "if anyone contacts you about this money, they are lying" does more good than a page of nuance, because it is the one rule a frightened person can hold onto under pressure.

Who to trust, in order

End the packet with a short, ordered list of who the heir should turn to, so they are never improvising under pressure.

  • The named executor first. The person you appointed in the will, who has the legal authority and the context to coordinate the estate.
  • A qualified estate lawyer in your jurisdiction. For the legal transfer and any probate process, reached through contact details you recorded in the packet, not found by a panicked web search.
  • Trusted family, only for support, never for secrets. Emotional and practical help is welcome; the recovery phrase and passphrase are not theirs to see.
  • Nobody who makes first contact. Any adviser, recovery service, or helpful stranger who reaches out unprompted after the death is presumed hostile.

Conclusion

Crypto inheritance comes down to one deliberate division and a small amount of disciplined paperwork. Separate the legal claim from the technical access. Name the existence of the assets in a will or trust, so they are legally part of the estate. Keep the recovery secrets out of that public document. Put them inside a sealed, dated instruction packet opened only after death.

That single split is what lets your funds reach your family without being exposed while you use them or lost when you are gone. Everything else in this guide — the sealed packet's contents, the dead-man's-switch patterns, the passphrase consequence, the heir's runbook — is detail in service of that one principle.

The failure modes are well documented and entirely avoidable. Funds are lost because nobody knew they existed, because the family could see the device but not reach inside it, or because an unprepared heir was robbed at the moment of recovery. A will that references the crypto closes the first gap, a complete and current sealed packet closes the second, and a beginner's runbook with a clear warning about recovery scams closes the third.

None of this requires technical brilliance. It requires deciding the question while you still can, writing it down clearly, keeping it current, and telling the right person that a plan exists without telling them the secrets.

Two boundaries are worth restating. This guide is educational and not legal advice. The legal wrapper around your plan should be drafted by a qualified estate lawyer where you live. Any statute named here, including the United States fiduciary-access law, is an example of one jurisdiction's approach rather than an instruction. And if your holdings live in a multisig rather than under a single key, the handoff is a different and more elegant problem, handled in the dedicated multisig inheritance guide.

Wherever your assets sit, the worst plan is the one that never gets written. Spend the afternoon now, while the choice is yours to make, so that the most loving and the most practical thing you can do with your crypto — pass it on — is not left to chance.

Sources

Frequently Asked Questions

Should I write my seed phrase into my will?
No. A will that goes through probate becomes a public court record, so anyone can request and read it once the estate is processed. Writing your seed phrase, passphrase, or PIN into that document hands your private keys to the public. The rule is to separate the two halves of the handoff: name the existence of the crypto in the will so it is legally part of the estate, and leave the actual recovery secrets in a sealed, dated instruction packet that is referenced by the will but stored separately and only opened after death. The will establishes the legal claim; the sealed packet carries the technical access. They should never live in the same document.
What is a dead-man's switch, and do I need one for my crypto?
A dead-man's switch is a mechanism that releases access instructions to your heirs if you stop responding for a set period, on the assumption that prolonged silence means you have died or become incapacitated. It can be a do-it-yourself arrangement, such as a trusted person holding a sealed envelope with regular check-ins, or a built-in feature of a custody service, such as Casa's base inheritance plan that grants a recipient access after a six-month period of owner inactivity. You do not strictly need one if a named executor can find your sealed instructions through your will. The switch mainly helps when you have no reliable executor, or want access to pass without anyone having to prove death first. Every version carries a single-point-of-failure and false-trigger risk you must weigh.
How can my heirs access my hardware wallet without me handing them the seed while I am alive?
You do not have to reveal the secrets while you are alive. The standard pattern is a sealed, tamper-evident instruction packet that records where the hardware device is, where the metal seed backup is, and whether a passphrase exists and where it is stored, all dated and signed. Your heir is told only that the packet exists and where to find it, never its contents. After your death, your executor or heir opens it and follows the steps. This reconstruct-without-revealing principle lets the access survive you without ever exposing the keys during your lifetime. If you want stronger separation, split the packet so that no single person holds both the device location and the passphrase until both are needed together.
What happens to my crypto if I die without an inheritance plan?
In almost every case it is lost permanently. Self-custodied crypto has no provider to call, no password-reset, and no support line that can restore access; whoever holds the keys controls the coins, and the keys die with the knowledge of where they are and how to use them. Estimates derived from on-chain analysis put between 2.3 and 3.7 million bitcoin as permanently lost, a meaningful share of which traces to holders who died without passing on access. When QuadrigaCX's founder died in 2018 holding the only keys, the exchange owed roughly 190 million Canadian dollars to its creditors, much of it in cold-wallet crypto that became inaccessible. No plan does not mean your heirs inherit the difficulty of recovery; it usually means they inherit nothing.
Do I need a lawyer to leave crypto to my heirs?
This guide is educational and not legal advice, and inheritance law differs by country and by region, so a qualified estate lawyer in your own jurisdiction is the right person to draft the legal instruments. A lawyer handles the legal claim: naming the assets in a will or trust, appointing an executor, and making sure the document is valid where you live. What a lawyer generally should not hold is the technical access itself: the seed words, passphrase, or PIN. Keep those in your sealed instruction packet, referenced by the legal documents but never written into them, so a public probate filing never exposes your keys. The legal claim and the technical access are two jobs, and only one of them belongs with the lawyer.
How do I leave crypto to someone who knows nothing about it?
Assume the heir starts from zero and write the plan for that person rather than for yourself. Use graduated disclosure: while you are alive the heir needs to know only that a plan exists, roughly what it is worth, and where the sealed instructions are, never the secrets themselves. Inside the packet, include a plain-language primer that explains what a recovery phrase is, that nobody legitimate will ever ask for it, and the exact first steps to take. The single most important instruction is the first safe action after recovery: move the funds to a brand-new wallet the heir controls, because any old secret may already be known to others. A short, calm runbook written for a complete beginner is worth more than a technically perfect scheme they cannot follow.
Is a managed inheritance service like Casa better than my own sealed plan?
It depends on how much complexity you can maintain and how much you trust yourself to keep a do-it-yourself plan current. A managed service such as Casa builds inheritance into the custody product: its base plan grants a named recipient access after six months of owner inactivity and is available globally, while the Enhanced Verification option, which uses a death certificate and removes the waiting period, is limited to United States Private Clients. That removes the burden of designing your own handoff, at the cost of an ongoing fee and dependence on the provider continuing to operate. A self-managed sealed plan costs nothing and depends on no third party, but relies on you keeping it accurate and on your heir or executor finding and following it. Neither is universally better; match the choice to the size of the estate and your appetite for ongoing maintenance.

← Back to Crypto Investing Blog Index

Financial Disclaimer

This content is not financial advice. All information provided is for educational purposes only. Cryptocurrency investments carry significant investment risk, and past performance does not guarantee future results. Always do your own research and consult a qualified financial advisor before making investment decisions.

Our Review Methodology

CryptoInvesting Team maintains funded accounts on every platform we review. Each review includes a full registration and KYC cycle, a real deposit and withdrawal test, and a hands-on evaluation of the trading or earning interface. Fee data, APY rates, and supported assets are verified against the platform directly — not sourced from aggregators. We re-check published figures quarterly and update pages when terms change. Referral partnerships never influence editorial ratings or recommendations.