Bullet proof custody setup

As your Bitcoin holdings grow, it becomes crucial to store your Bitcoin securely. The goal is to maintain full control over your funds while protecting against potential risks, without relying on third-party services that may introduce fees, unwanted risks, or even compromise control of your Bitcoin. Fortunately, securing your Bitcoin with a multi-signature (multi-sig) setup is more straightforward than it sounds.

Here’s our step-by-step guide to setting up an ideal Bitcoin security system.

What You'll Need

  1. Sparrow Wallet – Download and install this software wallet on your computer. It’s easy to use and perfect for setting up a multi-sig wallet.
  2. Three hardware wallets – Purchase Bitcoin-only hardware wallets from three different manufacturers. Brands like Coldcard, BitBox02, and Blockstream Jade are good options. You can purchase them from UTXO Dreams or direct from the manufacturer.
  3. A good quality home safe – For secure storage of your hardware wallet, seed phrases, and backup drives. Amazon has some good, affordable options like this one. Make sure it is fire proof.
  4. Two safety deposit boxes or vaults – Find a secure vault provider or bank that offers safety deposit boxes. Ideally, choose two providers that are geographically apart to ensure maximum security. Safety deposit boxes are affordable, typically ranging between $15 to $25 per month. Some major city options include:

    Step-by-Step Guide to Setting Up Your Multi-Sig Security

    1. Set Up Sparrow Wallet

    • Install Sparrow Wallet on your computer and familiarise yourself with its interface. This software will act as the control centre for your multi-signature wallet.

    2. Prepare Your Hardware Wallets

    • Set up each of your three hardware wallets as you normally would, including:
      • Check your wallets for authenticity, tampering and update the firmware to the latest version.
      • Generate each wallet's pin and seed phrase and securely write them down (on paper or a steel backup).

    3. Create the Multi-Sig Wallet in Sparrow

    • Open Sparrow and create a multi-signature (multi-sig) wallet.
    • Configure a 2-of-3 multi-sig setup, meaning two out of the three hardware devices are required to sign any transaction.
    • Add each of your hardware wallets to the multi-sig setup, ensuring all are properly configured as signing devices.

    4. Test the Multi-Sig Setup

    • Send a small amount of Bitcoin (e.g., 20,000 sats) into your multi-sig wallet to test the setup.
    • Perform test transactions (sending and receiving) using different combinations of two wallets (since this is a 2-of-3 setup) to sign the sending transaction. Test:
      • Wallet A + Wallet B.
      • Wallet A + Wallet C.
      • Wallet B + Wallet C.
    • Remember, you'll need to sign the transaction with 2 of your 3 devices and then broadcast the transaction to the bitcoin network.
    • When you conduct your first signing transaction, some wallets will conduct a simple multi-sig registration process - you'll be prompted on your device to do this.
    • Once you are confident that everything is working correctly, move to the next step.

    5. Create Backups

    • Take a backup of your multi-sig configuration in Sparrow and store it on a USB thumb drive. Make three backups, each on a separate USB drive.

    6. Secure Your Setup in Tamper-Evident Bags

    • Purchase quality tamper evident bags, such as these from BitBox. There are many options available.
    • Place each hardware wallet, its corresponding pin and seed phrase back up, and a USB thumb drive multi-sig file backup into separate tamper-evident bags.
    • You should now have three separate bags, each containing:
      1. A hardware wallet
      2. The pin and seed phrase for that wallet
      3. A USB thumb drive backup of your multi-sig configuration

    7. Distribute Your Security Setup

    • Bag 1: Place this in your home safe.
    • Bag 2: Store this in Vault 1 (one of your chosen vault or safety deposit box providers).
    • Bag 3: Store this in Vault 2 (the other vault or safety deposit box provider, located in a different geographical location).

    8. Store Your Vault Keys

    • When you sign-up with your vault / safety deposit box provider you'll receive a physical key for your unit. Keep these keys in your home safe.
    • You may also want to provide access to at least one vault to a trusted person (e.g., a spouse, next of kin, or trusted contact), ensuring they know about the setup and can access the vault should you become incapacitated.

    Why This Setup Works

    This setup is nearly bulletproof. Here’s why:

    • Even if an attacker steals one of your hardware wallets and/or seed phrase, they would still need access to at least one more signing device, as well as your multi-sig configuration details, to access your Bitcoin.
    • By spreading your signing devices across multiple physical locations (your home and two secure vaults), you dramatically reduce the risk of losing your Bitcoin to theft, accident, or disaster.
    • By using 3 wallets from 3 different manufacturers you are reducing the (albeit very unlikely) risk of an attack, design flaw, security incident or malicious behaviour impacting any one device manufacturer.
    • The entire setup costs less than $1000 to setup and about $30 per month to run. If this setup is for your SMSF, all of these expenses are payable by your fund. The peace of mind it brings is well worth the investment!

    With this setup, you remain in full control of your Bitcoin while adding layers of protection that make it nearly impossible for an attacker to compromise your funds - or for you to lose your bitcoin.

    Make sure you review your setup regularly, perform updates on your hardware wallets, and test the multi-sig setup from time to time to ensure everything continues to work as expected. We recommend every 6 months retrieving one of your wallets from your secure vault location and performing a test transaction (with your home vault wallet) and ensuring the wallet is in good working order, has the latest firmware.

    This is a robust, affordable, and secure way to store your Bitcoin, allowing you to sleep easy knowing your investment is safe.

    Shopping List

    Please note: We are an authorised reseller for the hardware wallets mentioned in this post however we are not affiliated with any other 3rd party product or service mentioned and do not receive any referral fees from any third party. As always, do your own research to make sure products and services are the right fit for you and your personal circumstances. If you need help, we are happy to provide our 2 sats. 

    Any questions? Any suggestions? Let us know.