Welcome to this summary page on Bitcoin security. I have done a lot of videos, tutorials and content on the subject. Here, we will explain the topic in a simple way so you can find your way around !
The security granted to your bitcoins should be adapted to your needs and knowledge. There is no quick fix, so here are some questions to help you get started :
- How much do you want to secure?
- For what purpose?
- Who does the money belong to?
- Are you technically skilled ?
- Is it only for bitcoins or for other cryptocurrencies ? For NFTs ?
With this, we’ll already have a solid foundation to walk you through.
Let’s start with the beginning : your bitcoins will probably need to be secured on a wallet where you hold the private key.
Private key: It allows you to move your money. Only the holder of this key has access to the money. No one else.
Public key: Anyone can deposit money, but not move it. (think of it like an IBAN)
How to write your private keys correctly?
- Hide all phones and cameras
- Write in ink
- Use a template (ours is here)
- Write clearly
- Always keep all 24 words on the same sheet
- Write the words in the right order
- Make a copy (or more)
- Put your list in a folder or envelope
- Keep your 24 words in a dry, secure and secret place.
Recommended wallets depending on the amount you want to secure
– From 20 000€ to 100 000€ Hardware cold wallet with Passphrase –
– For more than 100 000€ –Multi sig wallet Sparrow – Dux Reserve- Spector – Electrum – Casa
– Lightning Network wallet : Wallet of Satoshi – Phoenix – Blue Wallet – Mumm – Breeze
Summary for 99% of people :
Blue Wallet -> Trezor -> Cold Card -> Multi-signature
Now let’s look at the choices and reasoning in more detail :
- If you need to share ownership of bitcoins: a multi-signature is mandatory
- If you need to spend your bitcoins on the go: a utility wallet will do, opt for a mobile / Lightning wallet
- If you just need to keep funds for a long time: a hardware wallet or multi-signature
- If you don’t have much money: a free mobile wallet
- If you have NFTs: a hardware on your metamask
- If you are a company: a multi-signature
Why not use third-party banks, exchanges and services?
Simply because this kind of security system is full of flaws and carries significant risks for your potential fortune. To secure 200€, why not (and still, it’s a bad habit). But if it’s about thousands, millions or billions, then forget it.
– The platform can be hacked at any time and there is no guarantee that an insurance or insurance funds will be there to save your capital. History is full of examples.
– Your account can be hacked by identity theft: someone with your email and ID can impersonate you.
– Your password (even with a password manager) and your 2-factor authentication (even with a yubikey) are not adequate security features for large sums of money.
– The state can easily confiscate your funds and forbid you to withdraw them.
– There is no privacy. You have entrusted your money to a trusted third party. This is a far cry from Bitcoin logic.
– In reality, you are holding fake bitcoins (aka paper bitcoin) and not real bitcoins.
I’m not your father: if you want to leave your bitcoins on a platform like Binance or FTX then do it, but it’s super risky. I strongly advise against it, especially for dormant sums (aka not your little trading bag or position). For those who have large sums (several millions), obviously the exchanges are even worse! Professional full custody solutions for institutions exists: it’s up to you to analyse the risks and trade-offs between this type of service and a large multi-sig.
Any questions? My DMs are open if needed or contact me via firstname.lastname@example.org.
Choose your wallet
Security n°1 – Free mobile wallet
These are the so-called hot devices, connected to the Internet. They are not optimal for securing large sums of money but work well for a start and for everyday spending. Your wallet is in your pocket and is accessible via an app and a PIN. This is the basic starter solution.
Today, I recommend Blue Wallet, it’s an app that is very simple and clear.On Android, I recommend the Samouraï which does the job very well but is a bit more complex with a password system and privacy based options
Green Wallet is also a good choice for beginners. There are tutorials for all of them available on the website and the YouTube channel.
Security n°2 – Cold physical wallet
Here we have physical hardware devices that will connect to your computer or mobile. This is ideal for securing larger sums over the long term. Generally, it is used less often: it is where your capital sleeps.
– Trezor is the easiest for beginners, in my opinion
– Ledger is very good: more secure and French
– BigBox02 is very good. tutoriel on our youtube
– Cold Card is more advanced for real bitcoiners. It offers the most security.
The hardware wallets are very secure and cannot be hacked remotely.
All the options mentioned here offer a passphrase solution.
One device alone = a list of 24 words = access to the money
One device + one passphrase = a second hidden account
The passphrase is therefore an additional security layer above your classic private key. A password that unlocks a hidden account accessible via a new PIN. This can be used to split your funds and thus increase your security. There are tutorials on this, for small amounts as well as large ones!
– Security n°3 – Multi signature
The principle here is to combine several existing wallets and thus create a new wallet. In a 2/3 system, 2 private keys are needed to sign the transaction and send the money. A 3/5 is 3 keys out of 5 and a 2/2 is two keys out of two.
There are benefits for each set-up and fundamental questions to ask:
– How many keys in total?
– Who holds the keys?
– Do we do the arrangements ourselves or do we use a third party service?
– Are the keys well dispersed in the different locations?
This kind of multi-sig system can be done with classic (hardware) devices that are already initialized and via dedicated software such as Sparrow, Spector or Dux Reserve.
- Tutoriel Dux – https://youtu.be/KVRm7D1Xdec
- Turoriel Sparrow – https://youtu.be/epP3GZDPeiY
- Tutoriel Spector – https://youtu.be/mV1KS-Uwjew
Go further: steel carving and the legacy plan
Carving your 24 words into steel can help preserve them over time: this is easy and accessible to all. There are several solutions:
The simplest and cheapest is via a blockmit system: you will hit your steel washers into steel.
Other solutions exist such as Ledger Capsule or steel plates. Their price are around 80€.
Here is a complete guide and some alpha on the subject: Silexperience and https://blog.lopp.net/metal-bitcoin-seed-storage-stress-test/
The Legacy plan
This is an essential step in securing your stacks for the long term. Here we follow the advice of Pamela Morgan in her book, “Crypto Inheritance Planning”. This is also the topic of Chapter 6 of the Beginner’s Course.
Here are three useful links:ion débutant
Being anonymous is an excellent form of security. It protects you from possible attacks, so here are a few things to keep in mind (be careful, it can be tricky for beginners):
Never have security devices delivered to your home address
- Name your UTXO correctly
- Do not reuse Bitcoin addresses
- Buy non-KYC bitcoin (Bisq, ATM)
- Don’t talk about your cryptos to your friends and family
- Do not disclose the number of bitcoins you own
- Use unique email addresses per exchange
- Use online aliases
- Use a VPN and Tor
- Use your own node
- Use CoinJoin
For a better understanding, here are some videos on the subject
Frequently asked questions
– Which solution do you recommend?
- For my expenses: Blue Wallet and Samurai on mobile, Phonex for the LN.
- For my regular use: Trezor and Ledger via Sparrow
- For long-term HODL: multi-signature with ColdCard via Spector
- This is not for everyone, I use it because my job is to test solutions.
– What happens if Ledger goes bankrupt?
We lost a French unicorn. Concerning your bitcoins, not much. They are secured on the Ledger and will remain so even if the company goes bankrupt. You can always transfer your bitcoins to another wallet. With the mnemonic seed (list of 12 or 24 words) you can also recreate your wallet on other media like Trezor or Electrum.
– Can I recreate a wallet on another platform?
Yes, you need the 24-word private key and you need to know the derivation path just in case (e.g. 24/m/0/0/0 /1)
– I secure my money in X exchanges, I don’t have 24 words, is it correct ?
I use a 2 factor authentication.This is not the best, you should move a large part of your bag onto a Ledger or a real wallet and keep only a small percentage for trading.
– Where can I find these blockmits?
On the merchant site or with the 3D print file in the Discord
– Any last advice?
Go at your own pace, watch the videos and tutorials before you choose and start. Once your wallet is initialized, deposit 5 euro/dollar, destroy it, recreate the wallet and see if the money remains. Get comfortable with the back-up systems before moving on to the more advanced security level. Keep a clear inventory of your security for your legacy plan.
If you need to, there is a wallet and security channel on the Discord and lots of tutorials on the channel.
Good luck !