Tips- Use a Bitcoin wallet for storing bitcoin and large purchases.
- Spending frequently? Consider a Lightning Wallet.
- Using a full node is important. However, it has pros and cons. Learn more here.
- Respect your privacy? Learn how to try and keep it here.
Tips- What is a hardware wallet?
- A hardware wallet is a good option if you are not computer savvy.
- Different hardware manufacturers may use different methods of doing offline transactions. Each have trade-offs. Research what is best for you. For example, a hardware wallet may use an SD card, QR Code Scanner or USB.
Tips- Use a Lightning wallet for smaller frequent transactions like online shopping.
- Just want to store bitcoin? Consider a Bitcoin wallet.
- Learn about the Lightning network here.
Tips- Wallet managers are graphical interfaces you can install that make it easier to setup and manage your nodes and wallets in one central location.
The basic functions of a wallet are to:
- send and receive bitcoin
- store private keys that grant access to bitcoin available at the paired bitcoin addresses
- create a wallet password and/or PIN
- create a backup of your wallet
To send bitcoin, copy & paste the receiver's bitcoin address into the "send to" field of your bitcoin wallet.
QR Codes
QR codes are generated along with bitcoin addresses for senders to easily scan with devices such as a smartphone. Scanning the QR code will automatically fill the wallet's "send to" field with the bitcoin address. QR codes can also contain the amount being requested.
Send Fee
Sending bitcoin has a transaction fee. Fees should be handled by the wallet software, so you shouldn't need to worry about fees as a beginner. Increasing your transaction fee helps speed up your transaction confirmation.
Bitcoin wallets can generate an unlimited number of unique bitcoin addresses for receiving bitcoin.
Bitcoin Address Example: 35JZ72myPm2HUNLHq2ozA6Z2dvbmSCFV3W
How to receive bitcoin
To receive bitcoin, someone just has to send bitcoin to a bitcoin address generated by your wallet. When you give the sender your bitcoin address, they can input it into their "send to" field of their wallet.
QR codes are generated along with bitcoin addresses for senders to easily scan with devices such as a smartphone. Scanning the QR code will automatically fill the wallet's "send to" field with the bitcoin address. QR codes can also contain the amount being requested.
When you receive bitcoin
Every time you receive bitcoin, the transaction will have something called transaction confirmations. Every transaction starts with 0 confirmations which is considered to be at higher risk of being double spent. Generally speaking, a transaction that receives 1 confirmation is doable for most people to accept as completed when transacting a smaller value.
Every Bitcoin wallet will have some sort of display for you to check how many confirmations a transaction has at that very moment.
Tips- Wallets can generate bitcoin addresses while disconnected from internet and will still receive bitcoin sent to it.
- Re-using bitcoin addresses to receive bitcoin is poor privacy practice.
- Seed Phrase
A seed phrase is a standard wallet backup method. In the basic form, it's a list of 12 or 24 words but some wallets allow you to create a 25th word (also called a passphrase) to your 24 word seed phrase. It's the most common wallet backup type because it's the most convenient and secure. It's also a universal standard between Bitcoin wallets so it can be used to restore a wallet using most of the available Bitcoin wallets out there.
Standard Bitcoin wallets and hardware wallets generate a seed phrase for you to secure and store away safely. Typically, it's generated during the wallet's initial setup process.
You always want to generate a seed phrase offline so that it never gets exposed to the internet. See the wallet backups tab to learn how.
Caution- Record the 12 or 24 seed phrase words in the exact order it was presented as. When you restore the wallet, it will only accept the words in the exact same order they were originally presented to you.
- Backup file: this digital file backs up the whole wallet and can be used to restore it. The Bitcoin Core full node software is an example of a wallet that uses this backup method. This is not a widely used backup method for wallets.
- Private key(s): this is a long string of characters/numbers generated by a wallet that grants access to bitcoin available at the paired bitcoin address. For almost all wallets, you have to go out of your way to retrieve individual private keys because the seed phrase backup method is more convenient and safer.
Bitcoin Address Example:
1J7mdg5rbQyUHENYdx39WVWK7fsLpEoXZy
Private Key of the above bitcoin address Example:
KxFC1jmwwCoACiCAWZ3eXa96mBM6tb3TYzGmf6YwgdGWZgawvrtJ
Caution- If for some reason you decided to backup private keys individually, know that if you ever spend from it, many wallets send the remaining bitcoin balance to a new bitcoin address meaning you need to backup the new bitcoin address and private key that the remaining bitcoin was sent to. If this happens, the old private key will be empty.
Tips- Always keep your backup private, store it securely and offline. (see wallet backups tab)
- Record a seed phrase in the exact order it was given.
- Seed phrases should be generated on a device disconnected from the internet.
You can recover your wallet by typing in the seed phrase words (in the exact order it was originally presented) into the new wallet's restore option.
If you created a passphrase for your 24 seed phrase (also known as a: 25th word), you will also type that in along with the 24 words to restore your wallet.
Tips- Never enter a seed phrase on a device connected to the internet.
- Never enter your seed phrase unless you are restoring your wallet.
- Type the seed phrase in the exact order it was originally given for a successful restore.
If you are new or want to be cautious, try:
Doing a test backup and restore with an empty wallet. Get familiar to how the process is. If you tested on a device connected to the internet, delete the empty wallet and create a new one (on an offline device again) so that your backup is not exposed to the internet. Proceed to use new wallet.
Sending a test transaction to the wallet. Just a small amount. Then check if your wallet received the bitcoin. If this is cold storage you can check on a block explorer to see if it received the bitcoin.
Tips- Multiple live instances of the same wallet can exist simultaneously on different devices.
A hot wallet is just a wallet that connects to the internet. It's intended for less secure easy access spending for things like shopping.
A cold storage wallet is a wallet that never touches the internet. It's intended for secure storage of bitcoin and not-so-easy access but secure spending of bitcoin.
Now that you know the difference between hot and cold, you should separate the bitcoin you intend to spend frequently from the bitcoin you plan to store with high security.
In other words:
Keep the bitcoin you want to protect with the highest security using cold storage methods. This may include offline backups, hardware wallets and air gapped desktops/laptops.
Keep smaller amounts you intend to use for things like shopping on a wallet that will connect to the internet regularly such as a Lightning wallet.
Tips- Did you know you can have a "watch-only" instance of an already existing wallet?
Standard Bitcoin wallets and hardware wallets will generate a wallet backup called a seed phrase when you go through the initial setup process. A seed phrase is just 12 or 24 words that you can use to restore a wallet in the future. Some wallets allow you to add a 25th word (also known as a passphrase) to your 24 word seed phrase.
Things you need to know about a seed phrase
A seed phrase should:
- Always be generated offline for the best security
- Be recorded in the exact order it is presented to you.
- Never be shared
- Never be entered into an internet connected device
- Be backed up in a way that resists water, fire, physical damage and stands the test of time.
- Be stored in a private and secured location (possibly in two locations for redundancy)
- Intro
- A) Hardware Wallet - Simple
- B) Air Gapped Desktop or Laptop - Advanced
- C) Hot Wallet - For Everyday Spending
Any standard Bitcoin wallet or hardware wallet can be used to generate a seed phrase offline. This could be accomplished on a hardware wallet, desktop, laptop or mobile device. Doing so ensures the seed phrase is never exposed to the internet.
In the following sections you will learn the process of creating a seed phrase offline on:
- A) A hardware wallet (simplest option)
- B) An air gapped desktop or laptop (advanced option)
- C) Hot wallet (for everyday spending)
If you aren't technical, many will recommend that you make life simpler by investing in a hardware wallet. A hardware wallet is also a great option for any user in general.
A hardware wallet:
- Generates a seed phrase offline for you by design
- Stores the bitcoin private keys offline by design
- Gives a better user experience when spending from cold storage while keeping the wallet unexposed to the internet or viruses.
- Is small and portable
- Is compatible with any computer or laptop
Seed Phrase Instructions When Using a Hardware Wallet
- A hardware wallet will generate a seed phrase for you while disconnected from the internet by default. During initial setup, it should also ask you to create a wallet PIN. Some wallets will also ask if you want to create a passphrase (also called a 25th word) - if so, i'd recommend creating one.
- Now that you generated the seed phrase, wallet PIN and/or passphrase (if offered), you can plan on how you want to securely back them up. See next tab "SECURING YOUR SEED PHRASE LONG TERM" for options.
This may include recording it physically, secret hiding places, encrypted storage devices, hints, a home safe or a bank deposit box. Each option has pros and cons and you might find that using a combination of methods suits you best.
- Now execute the plan (or at least partially) before continuing so that if your device dies right now you have the info to restore your wallet
- When you're ready, proceed to send bitcoin to the wallet.
If you are technical, good with technology and confident in your abilities a hardware wallet is still a great option. But if you want to create your own cold storage using an air gapped desktop or laptop, you have some options. These methods requires 1 online computer (for generating and broadcasting a PSBT) and 1 offline computer (for signing a PSBT).
Spending From An Air Gapped PC / Laptop
The most difficult part about creating your own cold storage is learning how to spend from your cold storage using the air gapped device (without exposing it to the internet).
Here are options:
- Use a Bitcoin wallet capable of doing Partially Signed Bitcoin Transactions (PSBT). Electrum is one wallet that can do PSBTs and here is the documentation on how to set it up.
- Still use a bitcoin wallet capable of doing a PSBT but also use a wallet overview interface software to make things simpler like specter.
- Use Bitcoin Core to generate, sign & broadcast a PSBT
- You can also bring the wallet online to spend from it but that obviously defeats the purpose of cold storage and it'd no longer be considered cold storage once brought online.
Seed Phrase Instructions Using Your Own Air Gapped Desktop / Laptop
Requirements: An offline desktop or laptop and internet access (WiFi or Ethernet)
- Decide on which operating system you want to use. Some operating systems are more secure than others. For example, Windows will be less secure than a Linux operating system.
- Ensure your selected device is a clean device. If you're using a fresh install of an operating system that is considered clean. If you are using a pre-existing install and unsure, best practice is to just reset the device to a clean state even if the device is never going to touch the internet.
You can be sure a device on the software level is clean by re-installing the operating system or if you know for sure the device is clean then continue.
- Connect your chosen device to the internet and download a wallet. Alternatively, download a wallet from another device and transfer the install file to your offline device using something like a USB storage device.
- Important Step: Disconnect the internet and never reconnect it.
If you're using wifi, disable WIFI and enable airplane mode. If you're using an ethernet cable, disconnect it physically and disable the ethernet adapter in the operating system settings.
- Install the wallet you downloaded.
- Open the wallet program and go through the intital setup process and make sure you record important info such as the seed phrase, passphrase and PIN. Don't record the info on the same device.
Some wallets allow you to add a passphrase (also called a 25th word) to the 24 word seed phrase - it's recommended you do this if offered.
- Now that you have your seed phrase, passphrase and PIN - plan on how you want to secure them. Execute the plan (or at least partially) before continuing so that if your device dies right now you have the info to restore your wallet. Do not record the wallet info on the same device or any internet connected one. See next tab "SECURING YOUR SEED PHRASE LONG TERM" for options on securely storing your seed phrase.
This may include recording it physically, secret hiding places, encrypted storage devices, hints, a home safe or a bank deposit box. Each option has pros and cons and you might find that using a combination of methods suits you best.
- When you're ready, proceed to send bitcoin to the wallet. You can even send a small test transaction first and check the bitcoin address on a Bitcoin block explorer to see if it received the bitcoin. Send the rest once you are confident.
Note that there are always additional things you can do to work towards better security for you and your bitcoin, such as:
- Looking into free and open source operating systems such as Linux
- Using a dedicated desktop or laptop to broadcast your offline transactions.
- Looking into more open computer hardware (and firmware) with no backdoors such as at Raptor Computing Systems
- Verifying your downloaded wallet to ensure it's the legitimate software.
- Staying more private by using Bitcoin Core over TOR to broadcast transactions.
A hot wallet is just a wallet that connects to the internet for sending bitcoin. Creating and spending from a hot wallet is easy but it's much less secure than a hardware wallet or cold storage. A hardware wallet can be a good substitute for a hot wallet too.
Seed Phrase Instructions For Hot Wallets
Requirements: A desktop/laptop/tablet/smartphone, internet access (WiFi or Ethernet)
- Ensure your selected device is a clean device. If you are unsure, it's best to reset the device to a clean state.
You can be sure a device on the software level is clean by re-installing the operating system or if you know for sure the device is clean then continue.
- Download a wallet on to your device.
- Install the wallet you downloaded.
- Disconnect / Disable the internet.
- Open the wallet program and go through the intital setup process and make sure you record important info such as the seed phrase, passphrase and PIN.
Some wallets allow you to add a passphrase (also called a 25th word) to the 24 word seed phrase - it's recommended you do this if offered.
- Now that you have your seed phrase, passphrase and PIN, plan on how you want to secure them. Execute the plan (or at least partially) before continuing so that if your device dies right now you have the info to restore your wallet. Do not record the wallet info on any internet connected device. See next tab "SECURING YOUR SEED PHRASE LONG TERM" for options on securely storing your seed phrase.
This may include recording it physically, secret hiding places, encrypted storage devices, hints, a home safe or a bank deposit box. Each option has pros and cons and you might find that using a combination of methods suits you best.
- You can reconnect the internet once you are ready since this is a hot wallet.
- Fund the wallet with bitcoin.
When planning how to secure your backups you need to think of a few things:
- How technical are you and how much effort do you want to put in
- What do you want to store the backup on
- Where do you want to store your backups
- How many copies of the backup do you want to create
- How will your backup resist physical, water or fire accidents and stand the test of time
Please note that each method has pros and cons. You are not limited to just these methods and may decide to use a mix of methods.
A) Physical Material - Most Straightforward Option (Non-Technical)
- Purchase a purpose built metal seed phrase backup that is soley designed to be durable, resistant and long lasting. This is a very popular method that users choose.
- Record your seed phrase on some sort of material. Typically, you want the material and method of recording to be durable, resistant to fire / water and to stand the test of time.
Your Options:
PROS: Simple and non-technical.
CONS: If someone finds your unencrypted seed phrase, they can take all the funds.
B) Encrypted Offline Storage Devices - More Complex Option (Technical)
- Decide on if you want software encryption or hardware encryption
- You want to encrypt the devices with a difficult password
- Use multiple storage devices because electronics can die or data can become corrupt
- Regularly check status of storage devices on an offline device
- Add a new encrypted storage device to your stash once in a while to avoid old equipment all dieing at the same time
- Decide on how you want to store, secure and/or memorize your device password.
You can store your seed phrase on encrypted storage devices such as USBS, SD Cards and storage drives.
With this method:
Note that some storage devices are designed to be more security oriented than others, for example some more expensive USB thumb drives and hard drives use tamper-resistant epoxy to resist physical tampering and some can wipe themselves after X amount of failed login attempts (You need to be very cautious in your planning if you use these types of devices). See Best secure drives 2020: top USB drives to protect your data (Article)
PROS: Encrypted, content on the drive is unknown to anyone CONS: Technical, more prone to user errors, requires creating / securing an additional password (for the encrypted devices), requires maintenance, electronics becoming faulty, digital data corruption
Tips- Storage requirement for storing wallet backups and passwords are minimal. Even a 1 GB storage device is enough to hold the data.
Caution- Just because something is encrypted doesn't mean it's completely safe from physical attacks, so keep them in a private and secure location.
- This method requires extra maintenance and routine check-ups to ensure devices are in working order. You should add new encrypted storage devices to the pile periodically to reduce your chance of all devices dieing at the same time.
Typically, you want to store backups in private and secure location. You may also decide to store backups in more than 1 location in the event 1 location gets compromised.
You can store backups in secret hiding spots, hidden items, a personal safe, a bank vault, etc.
For additional security, put your backups in a waterproof bag and a fire resistant bag. You can put any electronic devices in a faraday bag. You can also put items in a tamper-evident bag. These can all be purchased on things like Amazon for cheap.