Bitcoin Security Guide - A simple and secure setup for your Bitcoin Self Custody

Bitcoin self-custody is much like learning to drive a car–no one starts on the highway! You begin slowly, perhaps in a parking lot, progressing bit by bit. Driving is one of the riskiest activities people engage in, yet most eventually master it. Taking responsibility for your safety and that of others is an essential life skill. Similarly, if you can learn to drive, you can also learn to hold Bitcoin securely, free from counterparty risk!

🛡️ 1. Why Self-Custody?

Self-custody means you control your Bitcoin without relying on third parties.
It eliminates counterparty risks such as exchange failures or government seizures.
Listen to these podcasts to understand the basics: Podcast Episode 1 | Podcast Episode 2

🚀 2. Getting Started: Basic Self-Custody Setup

Purchase Bitcoin through ethical, preferably non-custodial brokers: BullBitcoin.com, Strike.me, River.com, Relai.app.
Use a reliable software wallet: Sparrow Wallet (Mac/PC/Linux), Nunchuk (iOS/Android/Mac/PC/Linux), Specter Desktop, Electrum
Read The 10 Commandments of Bitcoin Self-Custody.
1. You shall backup your bitcoin seed
2. You shall test your backups
3. You shall Self-Validate with your Full-Node
4. You shall not dox your bitcoin UTXOs
5. You shall not have single points-of-failure
6. You shall keep the Bitcoin Private Key always AirGap
7. You shall Coin Control (manage your coins)
8. You shall KISS (keep it simple stupid)
9. You shall never advertise about your HODL to others
10. You shall stay humble and stack more sats

🤖 3. Choosing a Hardware Wallet

A good hardware wallet must have these non-negotiable traits:
1. A screen for transaction verification
2. Be Air-gapped NO USB or Bluetooth or any other live connections to a computer or the internet
3. Secure Elements to protect the seed
4. Open-Viewable and Reproducible software to prevent vendor risks
5. Real secure boot to prevent unauthorized firmware changes
6. Use OPEN Standards avoiding proprietary vendor lock-in
7. NO remote validation or PIN servers
We recommend: COLDCARD Hardware Wallet and this is how to set up a COLDCARD

🗄️ 4. Backing Up Your Wallet

Use a metal backup: SEEDPLATE
How to use it: Video Guide
Redundancy matters. Make multiple encrypted MicroSD backups and store them securely: Backup Guide

🔒 5. Enhancing Bitcoin Security

Passphrases can boost security, but they add complexity. Learn how to use passphrases.
Ensure you have a metal backup for the passphrase.
Understand what an Extended Fingerprint (XFP) is.

✅ 6. Test Everything!

Test small deposits and withdrawals before committing large amounts.
Test your backup recovery process before trusting it with significant funds.
Choose a reliable software wallet and keep a backup of the last known working version in case of abandonware.

🌐 7. Privacy & Good Security Practices

Remember Privacy and Security go hand in hand. The fewer people who know your details, the less risk you incur.
NEVER use SMS-based 2FA, as it’s vulnerable to SIM-swapping.
Instead, use an authenticator app like Google Authenticator and TURN OFF cloud backups to reduce risk.
Use a unique email address without personal details (e.g., [email protected] instead of [email protected]).
We recommend iPhone over Android and Mac over Windows for added security.
Set your Mac and iPhone to Lockdown mode, which greatly protects you against attacks.
Switch your iMessage and FaceTime caller ID to your new email without personal details like phone number or full.name@email
Avoid Chrome browser extensions, many can become malicious
Reduce the amount of services and entities that know your home address or your name. Prefer LLCs, P.O. Boxes, etc...
Beware of phone scammers (listen to this example interview) or impersonators asking for your 6-digit Google Authenticator PIN–never share it.
Consider using a YubiKey as a second factor, but do not store your Bitcoin on it.
When sending large transactions to web services such as bitcoin exchanges, don’t trust the address/QR presented to you on the browser. Malicious code could change those. Maybe call the exchange and ask them to confirm the address before sending. Also, don’t send it all at once—first make a small transaction to that address and confirm it was received.

📚 8. Keep Learning

Watch Bitcoin security videos
Listen to Bitcoin-related podcasts
Explore this step-by-step guide by Matt Odell for robust Bitcoin custody.

Final Thoughts: Self-custody is a journey, not a one-time task. Stay vigilant, keep testing your setup, and continue learning. With the right knowledge and tools, you can secure your Bitcoin for the long term. Take action today!