as mentioned it leverages 2-of-3 multisig model with a time-delayed execution enforced by server-side policies. during setup, the benefactor designates a beneficiary and an encrypted backup of their mobile key is stored using a data encryption key secured via spake2-authenticated channels. the encrypted inheritance package is uploaded to bitkey's infrastructure and linked to the beneficiary’s account but remains inaccessible until claim execution.

when the beneficiary initiates a claim, bitkey enforces a 6-month delay period, during which the benefactor can cancel the request. the claim process requires rotating the recovery authentication key and verifying ownership via multi-channel authentication. after the delay expires, the system releases the encrypted mobile key backup which the beneficiary decrypts using their authentication credentials. the beneficiary then generates a partially signed bitcoin transaction, signs it and submits it for co-signing by bitkey’s server key which is completing the 2-of-3 multisig requirement. the signed transaction is then broadcasted to transfer funds to the beneficiary's wallet.