Not Your Keys, Not Your Coins
In November 2022, FTX — the second-largest cryptocurrency exchange in the world, valued at $32 billion — collapsed overnight. Over a million customers discovered that their coins were gone. Not stolen. Not hacked. Simply never theirs to begin with. FTX had been using customer funds as collateral for risky trades. When confidence evaporated, the house of cards fell in days.
Mt. Gox. QuadrigaCX. Celsius. Voyager. BlockFi. The list of exchanges and lending platforms that have lost customer funds is long, and it keeps growing. Each time, the story is the same: users believed they owned Bitcoin. What they actually owned was a number on a screen — a database entry that said they had Bitcoin — while the actual private keys sat on a server they had no control over.
Bitcoin is a bearer instrument. Whoever controls the private key controls the coins. There is no recourse. There is no chargeback. There is no FDIC insurance. The ledger does not care about your screenshot. If you do not hold your private keys, you do not hold Bitcoin. You hold a promise — and promises are breakable.
"Not your keys, not your coins."
— Andreas Antonopoulos, Bitcoin educator
This is not a warning to scare you away from Bitcoin. It is the most important feature Bitcoin has. Self-custody is not a risk — it is the point. Bitcoin gives you the ability to be your own bank for the first time in human history. This guide teaches you how to do that safely.
The Custody Spectrum
Not all wallets are created equal. The word "wallet" is used for everything from a Coinbase account to an air-gapped signing device in a safe. Understanding the spectrum of custody — from completely trusting others to completely trusting yourself — is the foundation of a good security strategy.
The right approach for most people is to use an exchange temporarily to purchase Bitcoin, then immediately withdraw to a hardware wallet you control. Use the exchange like a cash machine — get in, get out, don't leave anything behind.
Private Keys & Public Addresses
At the core of Bitcoin is a simple but profound mathematical relationship. A private key is a randomly generated 256-bit number — essentially a number between 1 and 2²⁵⁶, which is larger than the number of atoms in the observable universe. From this private key, your wallet derives a public key through elliptic curve cryptography. From the public key, it derives your Bitcoin address — the identifier you share with the world.
The relationship is one-way. Given a private key, you can always compute the public key and address. Given an address — or even the public key — it is computationally impossible to reverse-engineer the private key. This asymmetry is what makes Bitcoin ownership possible without a trusted third party.
Your wallet is not a place where Bitcoin is stored. Bitcoin lives on the blockchain. Your wallet is a keychain — it holds the private keys that prove you have the right to move the coins recorded at your address.
Private Key
Your spending password. The master secret. Anyone who has it controls your Bitcoin. Store offline, store in multiple secure locations, never share.
Public Key
Derived from your private key. Used to verify your signatures. Cannot be used to steal coins. Can be shared freely.
Bitcoin Address
The hash of your public key. Your public "account number." Share this when receiving payment. Generate a new one for each transaction for privacy.
Signature
Created by combining your private key with transaction data. Proves you authorized the spend without revealing your private key. Math, not trust.
The Seed Phrase — Your Master Key
Managing a raw 256-bit private key — a 64-character hexadecimal string — would be a nightmare. Lose one character and your Bitcoin is gone forever. This is why the industry adopted BIP39: the Bitcoin Improvement Proposal that encodes private keys as a human-readable sequence of common English words called a seed phrase or mnemonic.
When you set up a hardware wallet for the first time, it generates a random seed — a number so large it could never be guessed — and converts it into either 12 or 24 simple words drawn from a standardized list of 2,048 words. Every wallet, address, and private key you'll ever use is derived from this single seed. Lose the device, just restore from your words. Get a new device, same words, same Bitcoin.
Here is what a 24-word seed phrase looks like — except this is an example for illustration only. Never store your real seed phrase digitally, never take a photo of it, never type it into any website:
These 24 words encode 256 bits of entropy — a number so vast that even if every computer ever built searched randomly for your seed, they would not find it before the sun burns out. The order matters. Every word matters. Every space matters. This list of words is your Bitcoin.
| Seed Type | Words | Entropy | Security | Notes |
|---|---|---|---|---|
| 12-Word | 12 | 128-bit | ✓ Sufficient | Used by most consumer wallets. Astronomically secure. |
| 24-Word | 24 | 256-bit | ✓ Maximum | Double the entropy. Preferred by Coldcard, Trezor. Belt-and-suspenders security. |
| + Passphrase | 24 + custom | 256-bit+ | ✓ Elite | The "25th word." Infinite additional wallets. See Chapter 05. |
The 25th Word — The Passphrase
BIP39 includes an optional feature that most people never use — and most advanced Bitcoiners consider essential. It is called the passphrase, or informally, the 25th word. It is not a word at all. It can be any string of any characters at any length: a word, a phrase, a sentence, a random string of symbols. It is added to your 24-word seed before your wallet derives your keys.
The result is profound. A different passphrase — even a single character different — produces a completely different wallet with completely different addresses and completely different Bitcoin. The 24-word seed without the passphrase opens a wallet. The same 24-word seed with your passphrase opens a different, hidden wallet.
This creates a powerful security architecture. Imagine someone finds your 24-word backup. Without the passphrase, they can access that wallet — so put a small decoy amount there. Your real stack, protected by the passphrase they don't have, is mathematically invisible to them. Even under duress, you can reveal the 24 words knowing your real Bitcoin is safe.
Hardware Wallets — The Gold Standard
A hardware wallet is a small dedicated device — purpose-built to generate and store your private keys in a secure, isolated environment. It never connects to the internet. It signs transactions internally and only transmits the signed transaction — never the key itself. Even if your computer is fully infected with malware, your Bitcoin is safe because the key never leaves the device.
When you sign a transaction on a hardware wallet, the process looks like this: your computer prepares the unsigned transaction, sends it to the device, the device displays the details on its own screen (address, amount), you verify them with your own eyes and confirm with a physical button, the device signs internally, and returns the signed transaction to your computer. The private key never touched the internet at any point.
Multisig — The Vault
A standard single-signature wallet requires one private key to spend funds. Multisig — short for multi-signature — requires multiple keys. A 2-of-3 multisig, for example, creates a wallet that requires any 2 signatures out of 3 possible keys. You might keep one key at home, one in a bank vault, and one with a trusted family member. Any two of the three can move the Bitcoin. None of them alone can steal it.
Multisig eliminates the single point of failure that haunts single-signature wallets. Lose one key? You still have two. One location burns down? You still have keys elsewhere. One device is compromised? The thief still can't move your coins without a second signature.
Popular multisig setups include 2-of-3 for individuals (resilience without complexity), 3-of-5 for high net worth individuals and families, and 2-of-3 or 3-of-5 for company treasuries with geographically distributed key holders.
| Setup | Can Lose | Need to Spend | Best For |
|---|---|---|---|
| 1-of-1 (Standard) | 0 keys | 1 key | Everyday use, small amounts |
| 2-of-3 Multisig | 1 key | Any 2 keys | Personal long-term storage |
| 3-of-5 Multisig | 2 keys | Any 3 keys | Large holdings, family vaults |
| 2-of-2 Multisig | 0 keys | Both keys | Two-person authorization (business) |
Tools like Sparrow Wallet, Specter Desktop, and Unchained Capital make multisig accessible to individuals without a technical background. If you're serious about long-term self-custody, multisig is the destination.
Backup — The Vault Is Only as Strong as Its Copy
A hardware wallet is not a backup. The hardware wallet can be lost, destroyed, stolen, or discontinued. Your backup is your seed phrase — and the security of your Bitcoin ultimately depends on how well you protect those words. Paper is a start. But paper burns, paper floods, paper fades.
The industry has converged on metal backups as the standard for serious self-custody. Several companies sell stainless steel plates or titanium capsules designed to hold seed words. Some use stamps, some use tiles, some use engraving. All of them survive fire (steel melts at 1,400°C, house fires peak around 600°C), water, corrosion, and physical damage that would destroy a paper backup in seconds.
Cryptosteel
Stainless steel letter tiles that slide into a capsule. Fire resistant, waterproof. Can fit a 24-word seed in multiple configurations. Battle-tested product.
Blockplate
Simple stainless steel plate with a punch tool. Letters are stamped permanently into steel. Minimalist, inexpensive, no special tools needed beyond the punch.
Billfodl
Similar to Cryptosteel. Letter tiles in a stainless steel enclosure. Includes extra letters. Tamper evident seal. Widely used in the self-custody community.
DIY
A metal letter stamp set from a hardware store and a stainless steel sheet works just as well. The method matters less than the material — use metal, not paper.
- Never store your seed phrase digitally — no photos, no notes apps, no cloud, no email, no password manager
- Never type your seed phrase into any website, ever, for any reason — this is always a scam
- Store your backup in at least two separate physical locations — your home and a second secure location
- If using a passphrase, store it separately from your seed — they should never be in the same place
- Test your backup before you put significant Bitcoin in the wallet — restore from seed, verify same addresses
- Make sure someone you trust knows where the backups are in the event of your death
- Never take a photo of your seed phrase — iCloud, Google Photos, and device backups are not secure
Threat Model — Know What You're Defending Against
Good security is not about being paranoid — it is about being accurate. Different people face different threats, and your security setup should match your actual threat model, not someone else's. A person with $500 in Bitcoin needs a different approach than someone with generational wealth on-chain.
Your Sovereign Stack — The Action Plan
Theory without action is just knowledge on a shelf. Here is a practical sequence for moving from exchange custody to true self-sovereignty. This is not a checklist — it is a journey. Take each step deliberately, test before you trust, and never rush when moving irreversible money.