When it comes to self-custody of your bitcoins, there is one inescapable fact: the responsibility is yours. You are responsible for your own funds, you are responsible for keeping them safe, you are responsible for everything. This can be a daunting prospect, but there are ways to approach self-custody in a simple way.
Protecting your bitcoin can be considered similar to building a house. First, you have to lay the foundation, then you build a frame on top, from there you fill in the walls, insulation, utilities, etc. For each house piece you want to add, you must have completed the previous piece correctly or the entire house will be left unsafe and unstable.
When it comes to bitcoin security, your seed phrase is the foundation of your security. It is both the most important and potentially the weakest security point. Just as the foundation of a house affects its stability, your opening sentence affects the security of your wallet.
So how do you store a seed phrase securely? Below are some key considerations to keep in mind when figuring out how to protect your seed phrase.
Sharing is bad
Your opening sentence is your money. Every private key needed to authorize spending, every address, and every bitcoin account in your wallet – all of these pieces are generated from your seed phrase. Anyone who has access to your seed phrase has access to the funds stored in that wallet. Therefore, it is imperative to create and secure a backup of this seed phrase.
If something happens to your hardware wallet or the device you installed your software wallet on, your only hope is the backup of your seed phrase. If you lose that backup seed phrase, your money is gone. Your money can be accessed in two ways when you hold your funds yourself: either through the wallet you are using or by backing up your seed phrase. Your bitcoin wallet protects a copy of your keys on that device, but it can't help you protect the seed phrase backup.
Nobody you must be given access to your seed phrase; No matter how cold and callous they may seem, you can't be sure they will handle it responsibly. They can still misplace a copy of your seed phrase or leave it lying around unprotected, without any malicious intent on your part.
So, rule one: never share your seed phrase with anyone. Any exception to this rule, under any circumstances, should be thought through carefully before breaking it. After all, being too trusting could put your bitcoin at risk.
Computers are not your friends
It is vitally important to avoid recording your opening phrase in any digital format. Computers are incredibly complicated machines and therefore prone to a number of security problems. People's devices are hacked regularly. Copies of your seed phrase may be at risk when stored digitally. In short, your laptop or smartphone is vulnerable to malware and spyware. If a hacker gains access to your device, he may be able to read your files and extract your seed phrase from any type of digital storage he can access. For this reason, you should avoid storing your seed phrase digitally.
This especially applies to storing anything on a remote digital service, such as a cloud storage provider. If your email account was ever compromised, the hacker could use your credentials to log into any cloud storage service and access your seed phrase.
Under no circumstances should you:
- Save your seed phrase to a cloud storage site like iCloud or Google Drive
- Take pictures with your phone or other digital camera.
- Send it by any digital means, such as email or text message.
- Enter it anywhere other than the bitcoin wallet you are using
- Handle it in front of any camera
- Say it out loud near a microphone.
The only copy of your seed phrase must be physical and completely isolated from the Internet.
This is why it is also not recommended to keep considerable amounts of bitcoin in a software wallet on your computer or mobile phone. Simply put, your internet-connected devices are vulnerable to hackers. Therefore, if you want to keep your bitcoin safe, you should invest in a hardware wallet.
Use Durable Backups of Starter Phrases
One important decision should catch your attention when it comes to backing up your opening sentence: what do you write it on? This may seem like a silly question if you're new to this space, but unless you stop using bitcoin, you'll need to secure your seed phrase for the rest of your life.
Durability is incredibly important. You could simply write your opening sentence on a piece of paper and put it in a drawer, but how long will it stay safe? Paper is flammable: it degrades. If you spill water on it, the ink may bleed and your backup may become unreadable. The paper is not suitable for long-term storage.
Metal is a much better option and numerous products on the market are designed to store your opening phrase in metal. Some solutions use small individual metal plates with letters on them, so you can slide them into a frame and fix them in place to engrave your words, such as shop.ledger.com/products/the-billfodl”>Bill Fodl.
Metal tile backups are reusable, so over time, if you spawn and move to new wallets, the same backup kit can be reused for the new seed phrase. It is also possible to easily “destroy” your backup if necessary by removing the tiles. If you move somewhere where you can't take your backups due to the risk of someone else finding them, for example when passing through an airport, you may not want to leave your backup intact.
Other shop.ledger.com/products/solidhodl/single”>metal backrests Use engraving tools to scratch or etch the words directly into a flat metal surface, providing even greater protection against threats like fire. This is extremely secure, but destroying a copy of your opening phrase engraved in metal is extremely difficult. To be really sure that it is destroyed, you must polish the entire face of the metal plate until no trace of the words remains.
Lastly, there are shop.ledger.com/products/cryptosteel-capsule-solo”>capsule-based solutions. These use small steel letter tiles, but instead of sliding them onto a flat frame, they are loaded into a steel tube around a rod to hold them in place. This can provide the benefits of reusability while ensuring that any deformation caused by fire does not scatter or dislodge the letter tiles.
When choosing between metal tiles or steel plates, carefully evaluate the pros and cons of both. But remember: wear something metallic. Don't trust your bitcoin on flimsy paper.
Physical security
Now that we've established how to store your seed phrase, where should you store it? It is important to keep the opening phrase on a sturdy piece of material, but it is also important to keep it in a place that is difficult to physically access. It should be kept somewhere you can keep locked, such as a safe or lockbox. A safe is better than a safe deposit box as it is bulkier and more difficult to physically transport. A safe secured to a wall is even better, as it requires the destruction of a wall to remove the safe.
If you don't have a safe or security deposit box, keep your seed phrase out of sight. Place it in a filing cabinet or desk drawer in a room that other people cannot access. The important thing is to make sure that wherever it is, no one else can access it.
Splitting your backup
You may not have a single place that can be safely protected to house your backup seed phrase. There are two options that can allow you to keep a secure backup without saving your seed phrase in a single location. If you are considering splitting your seed phrase backup, follow a well-known protocol or don't do it at all.
Split your backup yourself
XOR seed It is a mechanism. It is a process that allows you to take a pre-existing seed phrase and split it through a mathematical process into two (or more) new seed phrases. These new seed phrases are completely valid and can then be recombined to regenerate the original seed phrase from which they were created. This allows you to split your seed phrase into parts and store it in multiple locations. Is very However, it is important to note that you should have 100% of the initial phrases split; If you lose even one, you will not be able to regenerate the original opening phrase. A big benefit of XORing is that you can do it by hand.
Shamir's shared secret
The second is Share Shamir's secret. Similar to seed XORing, SSS splits the seed phrase into multiple parts, but uses a very different mathematical process to do so. Unlike seed XORing, Shamir shares allow you to recover your original seed phrase with less than 100% of the shares. It can be configured as a multisig, i.e. as long as you have 3 of 5 backup shares, you can regenerate your seed phrase. The only drawback is that only certain wallets support the use of Shamir and it cannot be done by hand.
Under no circumstances should you split your seed phrase manually. If you don't follow a secure and widely analyzed protocol like Seed XOR or Shamir Secret Sharing, don't even consider it. Naively splitting your seed phrase into multiple parts can dramatically reduce the security of your bitcoin. Guessing 12 or 24 random words and guessing someone's opening sentence is statistically impossible, but what if someone has 4 of those words? Or 6 of those words? In fact, it's starting to get handy to guess the rest of the opening sentence.
Another alternative, if you use a Ledger, is the shop.ledger.com/pages/ledger-recover”>Ledger recovery service. This optional paid service uses a variant of Shamir's secret sharing called Pedersen Verifiable Secret Sharing (PVSS). This allows you to back up access to your wallet without a seed phrase after going through an identity verification process with your government ID.
Social Recovery
If you find yourself in a situation where you don't have a safe place to store backup copies of your seed phrases, there are workarounds. Wallets and services like Unchained, Casa, and Nunchuck Wallet offer multi-signature solutions where a third party can hold one of your keys for you. For example, if you have a 2-of-3 multisignature, they can contain one key. This ensures that as long as you don't lose the two keys you keep, they can help you transfer your funds to a new wallet.
Keep it secret, keep it safe
At the end of the day, protecting your bitcoins is your responsibility. It's something you need to take seriously and make the right effort to maintain; No one will come to save you if you don't take it seriously. As Gandalf warned Bilbo in The Lord of the Rings: “Keep it secret, keep it safe.”
That's your job as a Bitcoiner, to keep your seed phrase hidden from other people and safe from those who wish to take it away from you. The simple tips in this article are the vast majority of what you need to do to achieve this.
Don't try to reinvent the wheel. She simply engraves her opening phrase on a durable medium like metal and keeps it physically safe from prying eyes and thieving hands. Keep it locked in your safe or in a room that is not frequently accessed by other people. Check it from time to time. That's all you have to do.
Don't overcomplicate things in your head, just keep it simple and your bitcoin will be safe.