Traversing the Torment Nexus

May 04, 2026

Against my normal judgment, I am going to America “in these times” [1].

Threat model: I may be asked for passwords to online services, but do not wish to reveal these – nor do I want to lie to a border guard.

Sketch of Solution: If I do not actually know my passwords, then I can explain this to any customs officer. By and large I do not know the vast majority of my passwords (being random) but of course know some (such as to a password manager).

[1] – A youth robot team that I mentor qualified for Worlds this year, and the team decided they wanted to go (it is in Houston). Although I have been skipping visits down south for some time now, I decided on balance to do this one.

Update: I went, and got back, and it worked! (That said I did not
get asked any “exciting” questions by any border agents)

Knowing Something Only Later

Okay, so let’s simplify this a bit and make it more concrete. I want to have access to my email and Mastodon once I have traversed the Torment Nexus (customs) but do not wish to give access to these accounts to any border guards.

I make these passwords completely random (far too complex to memorize) and write them in a file. Call this file passwords.

Next, I encrypt it using a new “capability based” library and command-line tool called Magic Cap. This yields two pieces: the Data and the Read Cap. Anyone may later combine these two pieces to yield the original passwords file.

I put the Data piece (essentially “the ciphertext”) onto a fresh, wiped laptop. This laptop will come with me to America. It has no passwords or other accounts on it (of course, the laptop itself is encrypted and has a user account, but revealing these doesn’t leak any important information).

The Read Cap stays safe in Canada. Once the Torment Nexus has been traversed successfully, I retrieve the Read Cap and combine it with the Data I brought along. This yields me the passwords file back, and I can then log into my email and Mastodon once again (I could change the passwords at this point of course).

If the customs agent ask me to reveal my email or Mastodon password, I can explain:

So, this is all well and good, but what if the agent asks me to do that – retrieve the Read Cap and use it to reveal my email and Mastodon accounts. Thus, the retrieval process becomes pretty important.

The Retrieval Process

I have brainstormed several ways to do this, hopefully in a somewhat secure manner. Choosing which is good might depend on what is stored in the file or what the penalty is for failing to reveal something.

What I have chosen to experiment with on this trip is the following procedure:

So, I then travel with two codes memorized: one “good” (leading to correct data) and one “bad”.

Then I may reveal either code the the border agent. This is sort of like a “duress” password on some mobile phone operating systems (that wipes the device when entered).

A related strategy is to give the Read Cap to a confederate, with particular instructions. I have also done this, and asked this confederate to send the “bad” Read Cap if I ask before a particular date and time.

One could also pre-arrange a special word, so that if it is said when asking, that means to send the “bad” one.

Since Magic Wormhole supports “pre-arranged” codes (i.e. that one makes up with no prior server interaction), you could also do the above but use cron-style scheduling software so that the Wormhole is simply not available until sometime after you’d expect to be past customs.

I’m sure there are many other schemes that could work well – get in touch!

Actual Software

The above is basically a “proof of concept” of real software that could accomplish this task (or one of its variations).

What would you use this for? Can you see any problems with this scheme? Are there better ways to accomplish this goal?

Follow-up on the Mastodon thread