Advanced Security

Multisig: Distributing the Risk of Holding Bitcoin

Single-key Bitcoin storage has one fatal weakness: if that one key is lost, stolen, or compromised, your funds are gone. Multi-signature (multisig) wallets solve this by requiring multiple keys to authorise a transaction — distributing trust and eliminating single points of failure. For anyone holding significant bitcoin, multisig isn't optional — it's the standard.

How Multisig Works

A multisig wallet is defined by its threshold: M-of-N means M keys are required out of N total. Common configurations:

• 2-of-3 — 3 keys exist, any 2 can sign. Use: personal with backup + geographic distribution
• 3-of-5 — 5 keys exist, any 3 can sign. Use: corporate treasury, family inheritance
• 1-of-2 — 2 keys exist, either can sign. Use: shared access with a partner

A 2-of-3 setup is the most popular for individuals: keep one key at home, one in a bank safe deposit box, one with a trusted family member or attorney. To spend, you need any 2 — no single location can be compromised to steal funds.

Why Multisig Beats Single-Key for High Amounts

• No single point of failure — no one location can be robbed for all funds
• Inheritance planning — heirs can access funds if one key holder dies
• Removes vendor trust — no hardware wallet manufacturer holds all your keys
• Institutional-grade security accessible to individuals

"A 2-of-3 multisig setup means an attacker needs to compromise two separate locations, held by two separate people, simultaneously. This is a fundamentally different security model." — Jameson Lopp

Multisig Software (2024)

Sparrow Wallet, Specter Desktop, and Caravan are well-regarded open-source tools for creating and managing multisig setups. Unchained Capital and Casa offer guided institutional-grade multisig services for those who want professional support.

Want to go deeper?

• Bitcoin security — lopp.net
• Securing your wallet — bitcoin.org

Air-Gapped Wallets: The Highest Level of Physical Bitcoin Security

An air-gapped device is one that has never touched the internet and never will. For Bitcoin storage at the highest security tier, air-gapping your signing device means your private keys exist only on hardware that cannot be remotely accessed — ever. Not through Wi-Fi, not through Bluetooth, not through USB. This is the setup used by serious long-term holders, treasury managers, and security professionals.

How Air-Gapped Signing Works

Signing a Bitcoin transaction with an air-gapped device follows a PSBT (Partially Signed Bitcoin Transaction) workflow:

1. Create an unsigned transaction on your internet-connected watch-only wallet
2. Export the PSBT to a USB drive or QR code (offline data transfer)
3. Sign the transaction on the air-gapped device
4. Export the signed transaction back via USB or QR code
5. Broadcast from your online device

At no point does the signing device connect to the internet, and at no point does your online device see your private key.

Hardware for Air-Gapped Setups

• Coldcard Mk4 — dedicated Bitcoin-only hardware wallet with air-gap mode (QR or microSD only)
• Seedsigner — open-source, DIY air-gapped signer built on a Raspberry Pi Zero (no persistent storage)
• Passport — Foundation Devices hardware wallet with air-gap capability

"The only device that can't be hacked remotely is one that isn't connected. Air-gapping your signing key is the last line of defence." — Bitcoin security principle

Is Air-Gap Necessary for Everyone?

For most users holding under $10,000 in bitcoin, a quality hardware wallet like a Ledger or Trezor is sufficient. Air-gapped setups add meaningful friction — the security benefit justifies this friction only for larger amounts or specific threat models. Understand your risk level and scale your security accordingly.

Want to go deeper?

• Bitcoin security deep dive — lopp.net
• Coldcard documentation

Seed Security: Protecting the Master Key to Your Bitcoin

Your seed phrase is the most important thing you own in Bitcoin. Twelve or twenty-four common English words that can regenerate every private key in your wallet — forever. Whoever has these words has your bitcoin. No password, no 2FA, no customer service can help if the wrong person gets them. Getting seed security right is non-negotiable.

The Core Rules

• Never photograph your seed phrase — photos go to cloud services, can be hacked
• Never type it into any computer — keyloggers, screenshots, clipboard capture are all risks
• Never store it digitally — no emails, no password managers, no encrypted drives
• Always write it on paper first — then migrate to metal for permanence
• Never show it to anyone — legitimate services never need your seed phrase

Metal Backup: Surviving Fire and Flood

Paper degrades, burns, and gets wet. For long-term storage, your seed phrase should be stamped or engraved onto metal. Products like Cryptosteel, Bilodeau, and SteelWallet provide metal backup solutions. Alternatively, a set of metal letter stamps and a steel plate from a hardware store costs under $30 and works just as well.

"Your seed phrase is the master key to your entire financial life in Bitcoin. Treat it with more care than you treat your passport." — Jameson Lopp

Passphrase: The 25th Word

Most hardware wallets support an optional BIP39 passphrase — a user-chosen word or phrase added to the 24-word seed. This creates a completely separate wallet from the same seed. Benefits: protects against physical theft (attacker gets seed but not passphrase), enables plausible deniability (small decoy funds on base seed, real funds behind passphrase). Critical downside: the passphrase must also be memorised or securely stored — lose it and the funds are gone forever.

Want to go deeper?

• Seed phrase security — lopp.net
• Wallet security guide — bitcoin.org

Bitcoin Inheritance Planning: Making Sure Your Bitcoin Outlives You

Bitcoin's greatest strength — that only the key holder can access the funds — becomes its greatest weakness in death. If you're hit by a bus tomorrow, can your family access your Bitcoin? For most people who haven't planned, the answer is no. Unlike a bank account, there's no recovery process, no customer service, and no government authority that can override the cryptography. Inheritance planning is a responsibility every serious Bitcoin holder must address.

The Core Challenge

Your heirs need two things: access to your seed phrase (or private keys) and instructions on how to use them. Give them too much information in advance and you risk theft. Give them too little and the funds are lost forever at your death. The goal is a system where your family can access the funds after you're gone, but cannot easily access them while you're alive.

Common Approaches

• Sealed letter with attorney — seed phrase in a sealed envelope held by a lawyer, opened only at death
• Multisig inheritance — 2-of-3 setup where your estate attorney or trusted person holds 1 key
• Shamir's Secret Sharing — mathematically split the seed into shares distributed to multiple people (none sufficient alone)
• Inheritance services — companies like Unchained Capital and Casa offer Bitcoin-specific inheritance services

"If your family can't access your Bitcoin when you die, it's not wealth transfer — it's permanent loss. Planning is not optional." — Bitcoin inheritance principle

What Your Heirs Need

A complete Bitcoin inheritance package should include: the seed phrase (secured separately from instructions), the hardware wallet device, the wallet software name and version, any passphrase (stored separately), step-by-step recovery instructions, and a trusted contact who understands Bitcoin who can help them. Consider writing a "Bitcoin letter" explaining everything your heirs would need to know, stored securely and updated annually.

Want to go deeper?

• Bitcoin security and inheritance — lopp.net
• Securing your wallet — bitcoin.org

Operational Security (OpSec): Staying Safe in the Bitcoin World

Technical security is only half the battle. The other half is operational security — the practices and habits that prevent attackers from ever knowing you have bitcoin worth targeting in the first place. Most Bitcoin theft doesn't involve breaking cryptography. It involves social engineering, physical threats, and exploiting the habits of people who are careless about what they share publicly.

The Threat Model Question

OpSec is personal. Your threat model depends on how much bitcoin you hold and who might know about it. A person with $500 in a mobile wallet has a very different threat profile from someone holding $500,000 in a hardware wallet. Ask yourself: who knows I have Bitcoin? What would happen if my home was broken into? What if a sophisticated scammer targeted me? Your answers should shape your practices.

Core OpSec Principles

• Don't talk about your holdings — "not your keys, not your coins" is well-known; also: not your secret, not your security
• Don't post purchase confirmations on social media — announcing you bought BTC at a price reveals you hold it
• Be careful with address reuse — reusing addresses links all transactions publicly on-chain
• Never confirm to strangers what you hold — even "I only have a little" can be enough to make you a target
• Secure your email — exchange accounts are linked to email; email security = exchange security
• Use a hardware wallet for significant amounts — software wallets on phones can be compromised

"The best security practice is for attackers to not know you're a target. The second best is making the attack too expensive to bother with." — Jameson Lopp

The $5 Wrench Attack

A classic Bitcoin security thought experiment: what if an attacker knows you have Bitcoin and is willing to use physical force? The best technical countermeasures include: multisig (you genuinely cannot sign alone), geographic key distribution (you'd need to travel to get all keys), and decoy wallets with small amounts (plausible deniability with a passphrase). No amount of cryptography protects you from physical coercion — distribution and deniability do.

Want to go deeper?

• Bitcoin OpSec guide — lopp.net
• Wallet security — bitcoin.org