This is an opinion editorial by Will Schoellkopf, host of the “It’s So Early!” Bitcoin podcast.
We often hear, “Not your keys, not your coins,” but have you done the “big scary?”
Much emphasis has been placed on getting your satoshis off of exchanges, and rightfully so! The Mt. Gox exchange hack has led to lost coins, but “recent market conditions“have also led to the halting of withdrawals from major institutions with a lot of assets under management like Binance and Celsius. These are not lost, but denied access presents a new vulnerability for sovereign individuals to consider: If your child resets your hardware wallet, or your dog eats your seed phrase, can you recover your funds?
For all the emphasis placed on security, not enough is placed on recovery. Buy yourself peace of mind today! Test recovery of your keys, so you retain the ability to spend your sats. Do it now; before you are in a panic from a security compromise.
The “big scary” is losing access to your hardware wallet, so you really do need your seed phrase to recover. Only once you’ve proven your recovery of your keys to yourself are you truly a sovereign individual. Fortune does not favor the bold, it favors the prepared! Follow the below to prepare yourself for the worst, so you can know your security and recovery is the best for you. Of course, please complete the following with smaller amounts of sats so you do not risk the loss of your entire life savings. We are not on a rocky boat as we attempt this!
Perform recovery phrase check on your hardware wallet with your seed phrase in hand.”The big scary”: On purpose enter your PIN incorrectly three or sixteen times to reset your hardware wallet.Disconnect, then reconnect your hardware wallet to your wallet software to verify it recognizes it as a “brand new” device with zero balance.Re-enter your seed phrase into your hardware wallet, and verify the wallet software now confirms the same satoshi balance of your UTXOs.
*Note: It is recommended after confirming this process works to not utilize the recovered wallet as your main wallet.
Key A is under your control via hardware wallet A (And you backup the wallet config file).Key B is under your control via hardware wallet B (And you backup the wallet config file).Key C is under the control of your collaborative custodian (Ex: Casa, Unchained Capital).Key S is under your control via hardware wallet S. It is a single signature seed phrase.
*With multisig, you need not only the keys to the treasure chest, but also the map of where to find it! With single sig, as long as you have the only seed phrase, you can re-derive the xPub. For multisig, you don’t need all three keys, but you do need the wallet config file to re-derive all three xPubs! Note, these platforms may also offer (3-of-5) multisig as well.
Step 1: Exercise all three nominal cases with a collaborative custody platform
Send some sats from hardware wallet S to your multisig address.Try and fail to spend those sats with just wallet A, just wallet B and just wallet C.Use hardware wallet A+B to send to single signature wallet S.Use hardware wallet A + custodian key C to send to single signature wallet S.Use B+C to send to S.You should feel good. Now send more sats back to your multisig address, but not too much!
For safekeeping, you kept your cold storage hardware wallet in your sweaty gym bag that you never use, and no thief in their right mind would ever want to rifle through! And you buried your paper copy of your seed phrase in the ground, so it’d be safe from anyone looking for it and easily destroyable if you were in a pinch. Unfortunately, The Bitcoin Dog had other plans! She loves the smell of your sweaty socks, and loves to dig up a freshly dug hole in the yard. Thankfully, you’re not in any physical danger, so you can calmly restore your multisig vault.
Step 2: The “big scary” — lose a key, but not your collaborative custodian
Reset hardware wallet A and shred seed phrase A (Equivalent destruction as above).Report a “lost key” with your collaborative custodian (Ex: Casa or Unchained Capital).Generate a new seed phrase for key A and load into hardware wallet A.The collaborator replaces/creates a new 2-of-3 multisig with new wallet A and original B.With your hardware wallet B with original seed phrase B, sign a transaction with your collaborator to send sats from the old vault to the new vault.
Note: In this scenario, it is not an emergency. If it was an emergency, you would instead send your Bitcoin directly to your single-sig address controlled by hardware wallet S. For example, if seed phrase A was stolen from a trusted family member’s home, and the attacker is now coming to your home to steal the other seed phrase, this is an emergency. Break glass. Send your vault balance to your single seed hardware wallet with your collaborative custodian’s help before the attacker attempts to impersonate you with your custodian or tries to steal the second seed phrase from you.
With new vault A+B, send some sats to S to prove you have control of the new vault.You feel good, now send the rest from the old vault to the new vault.Use A+C to send to S.Use B+C to send to S.Only send test amounts to S. There is no need to send it back to your multisig vault!
Step 3: Final boss — collaborator compromised
Download and install Caravan, Electrum, or Sparrow.Upload the wallet configuration file to restore the multisig vault in a new location.Partial Sign Bitcoin Transaction (PSBT) with hardware wallet A.PSBT with hardware wallet B.Send test sats to hardware wallet S, then all of it.
You did it! The apocalypse happened. Your collaborator was compromised, and yet you were still able to recover your bitcoin yourself and take self-custody of your satoshis. After this nightmare is over, you might reflect on why you even did collaborative custody in the first place?
“Comforting” to trust a custodian with one key.”Comforting” to trust a custodian with the wallet configuration file and three xPubs.”Comforting” to trust a custodian to help with inheritance and multisig key setup with your loved ones when you pass.”Simpler” to replace a lost key and send your sats to a new vault.
Now that you’ve implemented multisig yourself, will you pursue a new collaborator, or go back to Step 1? There’s no right answer. Everyone’s security needs are unique!
This is a guest post by Will Schoellkopf. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc. or Bitcoin Magazine.