It is often said that “not your keys, not your coins” but as many people have unfortunately discovered, sometimes it is also “your keys, still not your coins”. This is due to common mistakes made while doing self-custody such as not keeping backups or storing seed phrases in insecure ways.

Having done this and worked in IT security for years, I would like to share some tips for making sure your self-custody is done safely:

  • Split your holdings into “hot” and “cold” wallets which are stored offline. Hot wallets are your everyday spending wallets whereas cold wallets are stored offline. You want the majority of your coins in cold wallets. It’s fine to store a small amount of spending money on your PC or phone just like you would have cash in a wallet, but don’t store $10,000 worth of BTC on your phone and then get on the subway with it.
  • Make sure you keep at least one backup of your seed phrase. The 3-2-1 strategy is a great way to think of backups. You need three total copies at all time, two of which are stored on different types of storage media, and one of which is stored off-site. This will protect you against both accidental data loss due to hardware failure and localized disasters like flood, fire, etc.
  • Keep your seed phrase and its copies as offline as possible. If you store them on the same computer you browse the web with, you have a large “attack surface” which greatly increases the chance they will get stolen.
  • Consider multi-sig wallets. Multi-sig accounts require signatures from multiple wallets to make transactions. You can choose other parties you trust like family members to hold the other wallets. The benefit of multi-sig over Shamir’s Secret Sharing Scheme and other methods is that it doesn’t require all of the keys to be in the same place at the same time. The downside is that it requires trust in and cooperation from other parties, and many crypto users don’t know other crypto users they can trust.

Ok you say, but if I make a backup, how can I trust my off-site or local backup provider? Are you saying I should put my seed phrase in a safe deposit box or dropbox and call it a day?

Absolutely not. That would be very dangerous. And so would “splitting up” your words and storing them in different locations. Somebody able to get enough words may be able to guess the rest. You should never store your plaintext seed phrase on any cloud provider or cloud-based password manager.

There are two solutions to the problem of needing to store seed phrases with parties you can’t trust 1000% or in environments you cannot fully control:

  • You can first encrypt the seed phrases using an open-source battle-tested software like Veracrypt. This way, somebody who gets a copy of your encrypted seed phrase can’t open that encrypted vault without the password. You could store the vault anywhere. A veracrypt container works just like a folder. You can drag and drop a file into it and that file is now encrypted. You can have the entire container stored as a single file you can easily copy to other locations.
  • You can split up your seed phrase with something like Shamir’s Secret Sharing Scheme. With SSSS you can take any secret like a seed phrase, split it up into parts (which look like random text), and give those parts to any party. The parts don’t do anything on their own, you need a sufficient number of these parts (called the threshold) to recombine and make the full secret. You can choose this threshold and make it 2 of 3, 3 of 100, whatever you’d like. Crucially, having some parts or threshold - 1 part doesn’t get you any closer to the seed phrase than no parts.