Keeping your private keys and seed phrase secret and secure are essential when you self-custody your bitcoin.

Private keys are used to spend bitcoin and seed phrases are used to generate private keys.

If you exclusively control your private keys, and the seed phrase from which they’re generated, then you exclusively can spend your bitcoin – you alone control your money.

Even though bitcoin is a digital asset that exists as transaction records on a public blockchain, you can think of your private keys and seed phrase as manifestations of your bitcoin, which can be held in your possession.

The power of controlling your own private keys comes with added responsibility. If your keys are compromised or lost, then your bitcoin can be stolen or permanently lost. Proper custody of your private keys (and your seed phrase) is therefore crucial.

If you use a custodial wallet app, like Strike, then the app will safeguard the private keys on your behalf. When you’re ready, you can take self-custody of your bitcoin by setting up a self-custodial wallet and then sending it to a Bitcoin address where you control the private keys.

Threats to your private keys and seed phrase

To protect your private keys and seed phrase, it’s essential to understand the common threats to their security. If someone gains access to your private keys or seed phrase, they can steal your bitcoin by sending it to an address they control.

Threats to your private keys:

• Theft: If someone physically steals your hardware wallet, paper backup, or any device that stores your private keys or seed phrase, then they could steal your bitcoin.
• Loss: Losing your hardware wallet or the paper/steel where your seed phrase is written can result in permanent loss of your bitcoin.
• Hacking: Hackers use malware, key-strike recording software, or phishing attacks to steal your private keys or seed phrase from your computer or phone. They might target unsecure wallet apps or trick you into installing fake software that compromises your security.
• Scams and phishing: Scammers may pose as legitimate services or support teams, tricking you into revealing your private keys or seed phrase through fake websites, emails, or messages.
• Inheritance issues: Without a proper plan, your bitcoin could be lost if your seed phrase isn’t securely passed on to your loved ones. If mishandled, it might fall into the wrong hands or become irretrievable after you die.

Understanding these threats is essential to taking the necessary precautions to secure your bitcoin and ensure it remains accessible only to you.

Best practices for keeping your private keys and seed phrase safe

To effectively protect your private keys and ensure the security of your bitcoin, it’s important to follow best practices and avoid common mistakes.

What you should do:

• Use a hardware wallet: When you own an amount of bitcoin that is significant to you, and it’s economical to do so, buy a hardware wallet to store your private keys offline to protect against online threats.
• Password protect your wallet: Hardware and software wallets often let you protect access using passwords, PINs, biometric, or 2-factor authentication.
• Record your seed phrase on steel: In addition to writing down your seed phrase, record it by imprinting the words on a steel plate to protect it from physical damage like water or fire.
• Store backups in separate secure locations: Keep backups of your seed phrase in different, secure locations to prevent loss from theft or disasters. This may include avoiding keeping your seed phrase at your home, so that nobody simply comes across your seed phrase by happenstance.
• Opt for Bitcoin-only wallets: Use wallets dedicated to bitcoin to minimize risks associated with multi-cryptocurrency wallets.
• Consider multi-signature wallets: Use multi-signature (multi-sig) setups that require multiple keys to authorize transactions, then geographically distribute those keys and seed phrases to avoid single points of failure.
• Consider a passphrase for added security: A passphrase functions like an extra word added to your seed phrase, creating a unique wallet accessible only with both the seed phrase and passphrase. This enhances security of your hardware wallet by requiring the passphrase to be entered each time you access your funds, providing additional defense if the device is stolen or compromised.
• Consider passphrase for fund segregation and decoys: You can use a seed phrase alone to create a “decoy” wallet with a small amount of funds, while the combination of seed phrase + passphrase secures your main holdings.
• Stay updated, cautiously: Review and research before installing updates to your wallet’s software or firmware to protect against security vulnerabilities.
• Set up an inheritance plan: Ensure your seed phrase is passed on securely to your loved ones after you die, so that it’s not easily accessible to just anyone, like a lawyer, who could take all the funds..

What you should avoid:

• Avoid digital exposure: Never photograph, email, upload, or share your private keys or seed phrase online (or over the phone). If someone hacks into your email, phone, or computer, they could easily take your private keys or seed phrase.
• Avoid sharing your seed phrase: Never share your seed phrase with anyone, including over the phone or with someone claiming to be customer service. Always assume that if someone wants to know your seed phrase or private keys, they are trying to steal your bitcoin.
• Avoid buying hardware from 3rd party resellers: To ensure your wallet hasn’t been tampered with, it’s best to purchase directly from the manufacturer’s website. Some manufacturers also have stated policies of deleting your purchase history and shipping details after a period of time for added security.
• Avoid encrypting your seed phrase with excess complexity: It may be tempting to store your seed phrase with additional encryption, including different word orders, patterns or dividing up the seed phrase, but this isn’t recommended as it is more likely to result in you locking yourself or your family out of your wallet forever, rather than mitigating theft.
• Avoid storing your seed phrase in unsecure locations: It goes without saying that your seed phrase should not be readily accessible so that no one simply discovers it haphazardly.
• Avoid downloading untrusted software: Only use trusted wallet software and browser extensions to reduce the risk of malware or faulty software stealing your keys.
• Avoid discussing bitcoin holdings: Don’t tell other people how much bitcoin you own or your self-custody arrangements.