Forum Topics Bitcoin Custody Preferences
Sharks
Added 2 months ago

Thanks @wtsimis and @BigStrawbs70 for your responses. I really appreciate the time and thought you both put in to your responses.


I haven't looked into Coinkite but will definitely check it out.


And your reasoning does seem hard to fault Bigstrawbs. I think it's inevitable ill keep some VBTC, but still deciding how much.


Thanks again.

6
Sharks
Added 2 months ago

Hi all,


I've been looking to update how I custody my bitcoin and was wondering if anyone had some ideas.


I currently hold about a 50/50 split across VBTC ETF and holding Bitcoin directly on a Ledger wallet. I want to move it all over to the/a wallet but am nervous about self custody.


I've mostly been looking into either multi sig via Bitkey or Evoke, or simply doing my own multi sig arrangement and buying two more hardware wallets. I am very open to ideas, or thoughts about using multisig via Bitkey/Evoke.


I have read through this forum and picked up some good info, however as far as I could see it's been a while since BTC custody has been discussed.


11
wtsimis
Added 2 months ago

Hi @Sharks , I used ledger for 3 years but late last year moved to Coinkite Cold Card Q (mainly concerned with software security issues, nothing specific)

After broad research on the devices on the market i felt they provided best self custody solution and bitcoin only.

Add to this i have 2/3 multisig using cold card q's . When using multisig securing the units / seedphrase is an important consideration in terms location.

Been very happy to date and use sparrow wallet to monitor transactions.

I also run my own node using Bitcoin Knots which further secures my bitcoin.

Hope this helps.

You tube have some great tutorials on coinkites cold card q

Either way congrats on your journey to date and the future that lies ahead.

Don't hesitate to reach out if you want any further specific questions answered.





14
BigStrawbs70
Added 2 months ago

Hi @Sharks I went through a similar thought exercise a while ago but from the other angle. I used to hold my Bitcoin via self-custody but ended up moving all of it to the ETFs. My thinking was/is something like the following.

In Australia, with a stable government, strong property rights and the rule of law, there is zero chance of Bitcoin being confiscated or made illegal. If there were rumblings to do so, there would be plenty of warning, but we are past that as a practical risk. Secondly, the ETFs are extremely secure, audited regularly, and hold 1-1 for the Bitcoin in their funds. Yes, I get the notion of units vs. physical ownership, but the reality is, if I have $100 in the ETF and Bitcoin doubles, I will get the benefit of that. Thirdly, and this is the most important one for me, I sleep well at night knowing Bitcoin will be worth much more in 5 years, and even more in 10, etc but the thought of it going to some extreme price and not being able to access it because I lost my keys is something that used to worry me. Yes, there are multi-sig options, but what if I am on a plane with my family and something happens? I like the idea that my Will can treat my Bitcoin just like other securities that I hold and it can be passed on.

If we were in a different country where the rule of law and property rights were less ingrained, I would have a different opinion. But I can't help but think there is, pretty much, zero advantage in Australia to holding Bitcoin in a cold wallet vs the ETFs, with the former having a few risks that the latter just doesn't realistically have. By the way, due to KYC requirements on the exchanges, even if we got to a stage where Bitcoin became illegal and you used self-custody, the police could well come knocking asking for your coins in that theoretical world as they will know you own it, unless you are using an exchange that does not have KYC, and if you are, then you have so many other problems to worry about anyway.

So what am I trying to say? The notion of "not your keys, not your coins" is, in my opinion, a somewhat outdated notion, and there is no need for additional excitement/complexity in this space by overly complicating it.


16
Summer12
Added 11 months ago

Not sure if yo guys have seen this from the UK

https://www.bbc.com/news/articles/cj0r0dvgpy0o.am

A 12 year battle with the local council

I only holld A small amount, but increasing every week with DCA


4bd3bc3e1137dc3d8f3f47d955503b84d3ac8f.jpeg78ebe3d1078202dcb31ffbd50c86e6b838f272.png1a0d0817d32247ef7ee62c5feb82d14387a22e.jpeg7524ac0b0bbd2c1e1fd57f7afdac1616f200ae.jpeg6bd259e307b650b2a6219f228b2c837b6f94d2.jpege52a41e31f2b6e8f1d741323ebae287c61bf4f.jpeg

17
Arizona
Added 11 months ago

I am not across the mechanics of this at all, but the frustration must be off the charts! I can't begin to imagine.

7
DVV1974
Added 11 months ago

LESSON TO BE LEARNED: ALWAYS show the missus what she CAN and CANNOT throw out. Especially if she ain't tech savvy. And if unsure just don't touch it.

12
reddogaustin
Added 11 months ago

If i understand the "cryptoz", he likely has a cold wallet on that harddrive. If its circa 2013, bitcoin was worth pennies, and so people probably did not see the value/reason to separate or duplicate their wallet access codes from their wallet, i.e. their passphases and private keys (think a notepad file with a 64 character string in it, or a series of words).

The bitcoin remains on the blockchain. But without his access keys, he cannot create a new wallet to access the bitcoin.

Lesson. Separate/duplicate access keys.... or label them for the future "ex-partner"....

8
Bogan
Added 11 months ago

Self-Custody issues

As a disclaimer, most of what I have learnt about self-custody is via Matthew Kratter at Bitcoin University. He has a TON of free videos on YouTube, but I have also joined his actual site for like $120ish AUD per month for the last few months.

Rather than respond to individual questions individually, I thought I'd just do a 'brain vomit' on the page here, as is my usual style. I won't tell you specifically what I do, but I will talk about a few different options and issues as I (and some of the more paranoid crypto bros) see them.

Ledger

A lot of the super paranoid crypto bros don't like Ledger because they do not run free and open source software. Now, I don't have the IT skills to check it even if it did, but the argument is that there are enough computer nerds with their eyes on these things (for the ones which ARE free and open source) that someone would spot something if the wallet manufacturer had created a back door into their own hardware wallets. In addition, I understand Ledger have had their client email address list or something else not terribly serious hacked in the past. Not super awesome when your company's entire reason for being is a branch of IT security. I will tell you that the first wallet I purchased was a Ledger Nano (I think S), and it was pretty easy to use. However, part of its ease of use was the lower level of security (and features) when compared to a Coldcard Q. If you're wanting to spend $500 on a wallet, I can't imagine going past that to get the new swanky Ledger, but to be fair, I haven't tried it.

General

The more paranoid among us will also tell you that using the software provided by the wallet manufacturer decreases your security immensely. i.e. I ran my Ledger wallet on Ledger Live. This is a big no-no apparently as it facilitates Ledger rug pulling you. Coldcard, for example, doesn't even have their own software I believe. I am yet to work out how you get updates for your wallets if you aren't running the manufacturer's software.

I currently own, or have owned, the following cold wallets for comparison purposes:

  • Ledger Nano S
  • Blockstream Jade
  • Trezor 1
  • Coldcard Q


It's really obvious when setting these up that the Coldcard Q takes its security much more seriously than the others. It's also a lot more user friendly than the others if you're using it regularly. If you plan on putting your BTC in there and leaving it there until hell freezes over, then how user friendly it is isn't a massive issue. However, the best way to learn all this stuff is to practice it, so if you are planning on:

  • trialing a dozen different ways of setting up your wallets
  • sending test transactions between different wallets and exchanges before moving significant money across
  • playing with seed recovery (wiping your cold wallet and setting it up again)
  • playing with BIT 39 passphrases
  • messing around with BIP 85 hierarchical deterministic wallets
  • doing all of this a dozen times to make sure you know what you're doing if the shit ever hits the fan


then that user friendliness is VERY VERY helpful. I can tell you that entering passphrases into a Jade is a big fat pain in the ass compared to a CCQ.

Multi-sig wallets

Custodial

I think I saw a comment somewhere about this decreasing your security because you are giving someone else control over your custody so I wanted to mention that. The way things like Unchained and Casa work is as follows. Say you had a two out of three multi-sig setup. You hold two of the keys and Unchained/Casa holds the third. Depending on how much you pay them, they also help you set it up and can help with any other questions that you have about it. They have NO ability to do anything with your BTC as they only have one key. However, I believe they CAN see how much BTC that you have so for a pure paranoid crypto bro, these services are a total no-go. If you lose one of your keys, then they have a back-up. I believe they also have inheritance planning options whereby you can authorise certain people to access the key in the event of your death. The other option is that I believe they have a time lock on access to the key that they hold. i.e. if a bad actor manages to get his hands on the key at your house because you are under duress, but you have your other key in another city, then if they FORCE you to call Unchained to get the third key then there is a 48 hour waiting period or something along those lines.

Non-custodial

So my understanding of the preferred solution for the more paranoid among us is the multi-vendor multi-sig solution with your keys being geographically dispersed. This means that if you're running a 2/3 MS solution, you have for example a Trezor, a Jade and a Coldcard as your three different cold wallets so no one company can rug you. In addition, you would coordinate such a set up through independent software, such as Sparrow wallet. You would then keep your keys in three different places. You would then also have to decide WTF to do with all your seed backups. If you store your seed phrase on a plate with your $500 Coldcard Q, what's the point of having an unhackable cold wallet such as the CCQ when they can just look at the plate you've stored with it?

As an aside here, if you are not planning on withdrawing your BTC often or at all, there is the option of storing your cold wallets in their blank state so no-one can steal all your BTC by finding your wallet. You then have to recover your cold wallet using your seed phrase each time you want to use it. What this means is that technically you can run a MS solution using just one cold wallet, and just recover it two times using 2 of 3 of your recovery phrases for the ultimate pain in the ass.

Running your own server

I did see someone mention Electrum servers. This is just another layer of security that is total overkill for almost everybody in my opinion and completely irrelevant until you get to the stage of running your own node first. My understanding is that if you are running Sparrow wallet through, say, the Blockstream server, then Blockstream can theoretically peak in and see your transactions. They CANNOT steal your BTC, but if you have a bazillion dollars of BTC, they may be able to see that AND it's also possible they could work out your physical address via your IP address or something along those lines (I am not an IT guy). The concern is that a bad actor with that information could physically come and try and get your keys off you. Did I mention many of these recommendations come from people I would characterise as paranoid? It is at this juncture that I remember that just because you're paranoid, that doesn't necessarily mean that everybody isn't out to get you!

If you buy a Start 9 server, then you can run Sparrow via your own node on your own Electrum server, and you have more privacy. The Start 9 does have a bunch of other features I am not all over, but I can tell you it allowed me to download the entire Blockchain in about 35 hours, and on my old laptop with an external SSD was literally taking months. What I do like about it is that you can run your own private version of mempool.space. Apparently searching your own BTC addresses on mempool.space is bad juju, and I used to do it ALL THE TIME!

Complexity

This is a huge issue. You CANNOT transfer a huge amount of BTC into your new fancy self-custody solution until you are super comfortable with it. Are you happy with your back-ups? Can you re-generate it from scratch if need be? Importantly for MS set-ups, the backup also includes the three public keys so your software understands the full set-up you're using. You can sign with two of the private keys, but without the third public key, Sparrow (for example) simply doesn't know what wallet you're trying to sign.

The biggest risk with BTC is the custody risk. The biggest issue for me is if my disinterested wife and my 11 year old son can sort it all out if I peg it unexpectedly? I can tell you, it does get easier though. You can be setting up a new solution and think you will never understand what you're doing, and then a month later you'll be transferring some sats for like the 5th time using that set-up and all of a sudden you'll wonder what all the fuss was about.

UTXO management

Ok, if I haven't lost you already...

Sparrow wallet has superior UTXO management to any other software I've played with. What this means is that all the BTC that you own isn't sitting there in one completely fungible lump like a wheelbarrow full of gold coins. It is more like the notes in your wallet and is generally made up of a bunch of lumps, or Unspent Transaction Outputs. For example, if you're transferring a million sats out of, says, Ledger Live, and you have UTXOs of 10 mill sats, and 10 UTXOs of 100 thousand sats each, how much control do you have over what gets sent? And do you even care? Well, you have a bit of control, and yes you should care. The potential problem here is that if you end up leaving yourself a bunch of small UTXOs, when on chain fees get really high (which they will), then you will end up with stranded sats, because the UTXO chunks will be too small to economically spend them. Ledger Live has some ability to choose whether to minimise your fee (take the entire amount you're transferring from one big UTXO if possible) or some other option. However, with Sparrow you can view your individual UTXOs and just click on which ones you want to spend from. Your total on chain transaction fees are higher if you are spending from more individual UTXOs, NOT if you are transferring more total sats.

Bitcoin University on YouTube has a few videos on UTXOs if you're wanting to learn more about this.

If you've read this far and have any questions feel free to hit me up directly. I am quite happy to talk about this stuff as it assists in cementing in my recently gathered knowledge AND my wife is also happy for me to talk about it to someone other than her... :D

15
Stannis
Added 11 months ago

Hi @Bogan, thanks for the post, would love to chat more.

In mentioning Electrum, I was under the impression that it was needed, but perhaps it is overkill, then? Beginning to start running my own node. I have run nodes for other consensus mechanisms in the past but never bitcoin. Still waiting for the blockchain to sync up…

Would like to hear whether you reckon it’s even worth spinning up a node, for security purposes, not profit. Or is this also overkill, in your opinion?

Currently holding on a coldcard q but would love to hear if you reckon it is any good? Not sure if there is a direct message feature on here, but feel free to message if so. Cheers

6