Anti-coercion · the duress unlock

The duress unlock: a code that surrenders nothing.

By Helix · Published May 25, 2026 · ~2,700 words

Every encryption story ends at the same wall. The math is unbreakable, the keys are sealed, the network is dark — and then a person with power over your body says, "Unlock it." At that moment your strongest cipher is worth exactly nothing, because you are about to type the password yourself. The duress unlock is the answer to that moment: a second, real-looking code that opens the door an attacker is demanding — and quietly destroys or hides everything behind it.

What a duress unlock actually is

A duress unlock — sometimes called a panic password, a duress code, or a coercion PIN — is a second valid credential for your device or vault that does something very different from your real one. To anyone watching, it works perfectly. The screen accepts it. There is no error, no shake, no "wrong password" message, no second prompt. The device unlocks. The difference is what unlocks.

Set one way, the duress code performs an instant, silent burn: the moment it is entered, the real vault, its keys, your identity, your files and your message history are wiped beyond recovery, and what the attacker is then looking at is an empty or freshly-reset device. Set the other way, the duress code opens a decoy vault — a genuinely separate, genuinely empty dataset that looks like a real, lightly-used account. The attacker gets exactly what they demanded: an unlocked device. They just don't get your device.

The crucial property is that the attacker never learns there was a choice. A normal lock teaches a coercive adversary one lesson very fast: keep applying pressure until the screen turns green. The whole point of a duress unlock is to make the screen turn green on your terms, so the pressure stops before it reaches the thing you are actually protecting.

It helps to be precise about what a duress unlock is not. It is not a "panic button" that locks the screen — locking only signals that there's something worth protecting and invites more pressure. It is not a hidden app you refuse to open — refusal is itself a provocation. And it is not a fake screen that mimics an error — a sophisticated attacker recognizes a stalling tactic. A real duress unlock succeeds. The hostile interaction completes. The attacker gets what they were demanding and, ideally, walks away satisfied, having no reason to dig further. The best outcome of a coercion event is one the coercer believes they won.

How it works under the hood

The naive way to build this would be to store two passwords and a flag. That approach fails the instant a forensic tool images the device, because the flag and the second credential are sitting right there to be found. A duress unlock worth trusting has to be built so that the difference between "real" and "duress" is not a stored label an examiner can read — it is a difference in which keys get derived from what you typed.

In Helix, every passphrase you enter is run through a key-derivation function and used to attempt to unseal a volume. Your real passphrase derives the key that unseals your real vault. Your duress passphrase derives a completely different key that unseals a different volume — the decoy — or triggers the burn routine. There is no plaintext list of "valid passwords" anywhere on the device. There is only encrypted data and a function that, given the right input, produces the right key. Wrong input produces garbage and nothing opens. Different valid input opens a different world.

Because of that design, an examiner looking at the raw storage cannot point at a byte and say "this is the duress trigger." They see encrypted blocks. They can see that storage is occupied, but encrypted data is supposed to look like random noise — that's what makes it encrypted. The decoy and the real vault are both just noise until the right key turns one of them into meaning.

Two more behaviors round out the feature. First, wrong-attempt auto-wipe: you can arm the device so that a set number of failed unlock attempts triggers the same burn the duress code would. An attacker who decides to brute-force the PIN instead of coercing you destroys the very thing they were after. Second, quick-hide: a single gesture drops the real app out of sight and back to a decoy surface, for the in-between moment when you don't have time to type anything at all.

The burn path deserves a closer look, because "instantly wipe everything" is easy to say and hard to do right. Helix's burn is built on crypto-shredding: rather than trying to overwrite every byte of a vault that might be gigabytes — slow, and never fully guaranteed on flash storage — it destroys the cryptographic keys that make the data readable. Without the keys, every block of ciphertext is permanently indistinguishable from random noise. Hundreds of bits of key material, not gigabytes of files, are the thing that actually has to die, and they can die in the instant it takes to enter a code. By the time the attacker is looking at the screen, the data is already mathematically gone, even though the storage still holds the noise it became.

The decoy path has its own subtlety. A convincing decoy is not an empty screen — an attacker who forces you to unlock and finds a pristine, never-used vault may suspect they're being shown a fake. So a decoy can be lived-in: it can hold a believable amount of innocuous content, the kind of ordinary material a real person accumulates. The art of a good decoy is that it answers the attacker's question — "is there anything here?" — with a "yes" that's both true and harmless. They wanted to see what's on your device. You showed them something that's genuinely on your device. It just isn't the thing you were protecting.

The real-world threat it stops

Cryptographers have a deliberately blunt name for this threat: the rubber-hose attack. It refers to the oldest decryption technique in the world — hitting someone with a rubber hose until they hand over the key. The joke is dark because the point is serious: no amount of cryptographic strength helps once the attacker can compel the human who holds the key.

And compulsion is not exotic. It is routine. Consider the situations where someone with authority, leverage, or simple physical control says "open it":

In every one of these, end-to-end encryption is irrelevant. The message was already decrypted for you to read it; you are the endpoint. The lock is irrelevant; you can be made to open it. What you need is not a stronger wall but a door that, when forced, leads somewhere harmless. That is the duress unlock.

It's worth dwelling on why this category of attack has grown, not shrunk, as encryption has improved. For most of the history of digital surveillance, the cheapest path to someone's data was technical: intercept the network, break the cipher, exploit the software. As consumer encryption got genuinely strong, that path got expensive — and attackers, being rational, moved to the path that stayed cheap. The cheapest exploit against a device with unbreakable encryption is the person holding it. This is sometimes called the shift "from the wire to the wrist," and it's why physical coercion is now a first-class threat for anyone holding something valuable, rather than a Hollywood edge case. The stronger your crypto, the more your adversary's attention moves to you. Anti-coercion isn't a niche add-on to encryption; it's the layer that becomes more necessary precisely because the encryption works.

Why it matters to the people Helix is built for

This is not a feature for an abstract threat model. It maps directly onto the lives of the people who buy serious operational security.

Crypto holders and whales. If your phone holds keys to seven figures, you are a walking incentive for a "$5 wrench attack" — the in-person version of theft where someone takes you somewhere quiet and waits for you to unlock the wallet. A duress unlock lets you comply with a real-looking unlock that reveals a decoy wallet holding a token balance, while your actual holdings — sealed behind a different key, optionally gated by dual-control approvals — never appear. You gave them a phone. You did not give them your treasury.

Lawyers. Privilege does not survive a forced unlock. If you carry client communications, a duress code that opens an empty decoy lets you be compelled to "cooperate" without surrendering material you are professionally and legally bound to protect.

Family offices and executives. Travel to jurisdictions with arbitrary search powers is a normal cost of doing business. A duress unlock turns a hostile inspection into a non-event: the device opens, there is nothing of interest, everyone moves on.

Journalists and the targeted. Source protection is a life-and-death obligation. A reporter detained at a border, or an activist stopped at a checkpoint, can hand over an unlocked phone that genuinely contains nothing — because the burn already happened the moment the duress code went in, or because the decoy was the only thing the device ever showed.

How Helix implements it

Helix treats the duress unlock as a first-class part of the anti-coercion layer, not a bolt-on. You arm it in advance and choose its behavior:

Crucially, none of this is silent against you. Helix's philosophy on the shield side is that it never kills your session behind your back — it alerts you and lets you decide. The duress unlock is the inverse: it is the one place where you want the action to be silent, because the whole value is that the attacker cannot tell anything happened. You arm it deliberately, knowing exactly what each code will do, so that in the moment you don't have to think — you just type.

The decoy vault is built on the same hidden-volume design that gives Helix its plausible deniability: the real vault and the decoy are independent encrypted datasets, and the existence of the real one cannot be proven from the storage alone. If you want the full mechanics of that, read our companion piece on the deniable hidden volume.

One more design choice matters: you should rehearse it. A defense you've never practiced fails under stress, and a coercion event is the most stressful moment imaginable. Helix lets you test your duress code in a safe mode so that entering it under pressure is muscle memory, not a frantic recall of which code does what. The goal is that in the actual moment — heart pounding, someone watching your hands — you don't have to think. You enter the code you've entered a hundred times in practice, and the right thing happens. Anti-coercion that lives only in a settings menu you configured once and forgot is anti-coercion that won't be there when you reach for it.

How it fits the rest of the anti-coercion layer

The duress unlock is the front line, but it's strongest as part of a coordinated set. Think of the anti-coercion features as answering a spectrum of "who has control of the device, and can you act?"

No single one of these covers every coercion scenario, which is exactly why they exist together. The duress unlock handles the most common and most direct case — the person standing in front of you saying "open it" — and hands off cleanly to the others when the situation is different. Defense in depth isn't redundancy for its own sake; it's the recognition that coercion comes in many shapes and a single trick can't answer all of them.

The honest limits

We will not sell you certainty we cannot deliver, because the people who need this most are exactly the people a false sense of safety gets hurt. Here is the real caveat.

Decoy deniability has limits under a sophisticated forensic adversary. A casual inspection — a border officer thumbing through an unlocked phone, a thief checking a wallet balance — is defeated cleanly by a decoy. A well-resourced forensic team is a different opponent. They can compare storage images taken at different times and notice that "free space" changed in ways a truly empty device wouldn't. They can analyze write patterns, wear-leveling artifacts, and timestamps. They cannot necessarily decrypt your real vault — the math still holds — but a determined examiner may be able to argue that a hidden volume probably exists, even if they can't open it.

That distinction matters enormously depending on your adversary. In some jurisdictions, the mere demonstrable existence of hidden data can itself be used against you — there are places where you can be compelled to produce keys and penalized for failing to, regardless of whether the examiner can prove what's inside. A duress unlock does not change the law. It changes what a person staring at your unlocked phone in the moment can see, which is often the entire game — but it is not a magic shield against a forensic lab with time, court orders, and intent.

It also cannot protect data that already left the device. If your messages were backed up to a cloud, screenshotted by a contact, or synced to a second device without these protections, the duress unlock on this device does nothing for those copies. Anti-coercion only protects what is sealed under the key you are being forced to surrender.

Used with eyes open, it is one of the most valuable tools in the kit. Used as a magic word you expect to beat any adversary on earth, it will let you down. We'd rather you know that now.

The bottom line

Encryption protects your data from someone who doesn't have you. The duress unlock protects your data from someone who does. It is the difference between a vault that's unbreakable and a vault that's also safe to be forced to open — because forcing it open surrenders nothing. For anyone whose threat model includes a real human with real leverage standing in front of them, that is not a nice-to-have. It is the whole point.

Get Helix — from $199See every feature

Core $199 · Operator $499 · Sovereign $999 — fixed, published pricing, paid in crypto, no account required.

The deniable hidden volume The dead-man's switch Remote wipe a seized device All features