I've received many questions lately, but by far the most common question is “What's the best way to secure #Bittcoin?”

🧵So here’s a thread with my opinion on securing #Bitcoin
The first thing to understand is that there’s no "best way", but always a tradeoff.

You can always find ways to make it harder for someone to get your #Bitcoin, but if you over-complicate it, you could end up making it even too hard for yourself - many lost their funds this way.
Your goal should be to balance usability and security the way which works best for you.

This means very different things for different people, depending on your technical experience, understanding of Bitcoin, how much you are holding, etc.
For some, that means leaving Bitcoin on an exchange.

I strongly recommend at least learn to hold your own keys before buying, but if you can’t wait, it’s better to leave it there than holding yourself if that’d make you feel like you have no clue what’s going on.
If you feel ready to take self-custody, you could start with a hot wallet on mobile or desktop. That’s a good step forward, as it means you’re holding your own keys. But this introduces some more new concepts you should get familiar with.
So before doing that, make sure first that you know the basics: how to send and receive, test out with small amounts, try deleting everything and restoring from backup, then continue with real funds, just go at your own pace and don’t rush with what you don’t understand.
Next option is using hardware wallets. This should still be manageable for most “normal” people, without great effort, but again introduces more complexity.

You should make sure to never enter your backup words on a computer, learn to verify addresses on the device, and so on.
If you got that and feel ready to go further to upgrade your security, the next step is learning to use your own node.

Using your own node is an important improvement in terms of security and privacy, as you cease to rely on 3rd parties for interacting with the Bitcoin network.
Without using your own node, you're relying on someone else to interact with the network.

That someone could:

- Know which txs you're interested in - privacy issue
- Provide false information - security issue
- Go/ get shut down - resilience issue

Using your own node fix this
If you have reached this far - using a hardware wallet with your own node, you already made enormous progress. By this point, you should already have some understanding of what’s an xpub, how to verify an address, and why those things are important.
The next step is exploring the different types of hardware devices.

Here again, there are many options and a lot to learn, like supply chain attacks, retirement attacks, and other security concerns. You might come up with different answers for your specific needs.
You should pay extra attention to the trust issue of using just a single option, especially in the case of consumer hardware wallets.

You can consider using an airgapped laptop or an old phone to mitigate that, but there are pros and cons for any choice.
That’s why the final step I could recommend to explore here is using a multisig wallet.

Multisig lets you mix different devices to reduce trust in each one of them, and in case one is compromised - you are still in control of your funds.
There are more options along this scale with different tradeoffs, you could use a hardware wallet with a passphrase, you could do a guided multisig setup with some service provider, and many other options.
My suggestion is to find your personal point where you feel the balance between usability and security matches your needs best.
I just outlined the order I would sort by the most common approaches from the most user-friendly to the most security-minded, now it's on you to choose.
So take your time to learn, read, test, and understand the tradeoff and pitfalls. Ask questions, make sure you know what you’re doing, play with small amounts, then upgrade, just go at your own pace and continuously improve your security.
And just to clarify, I'm not a security expert, just a pleb sharing some experience.

Most cases I've seen of losing funds were because holders didn't care to understand what they use or backup properly, so that's why I warn mostly on that, but DYOR.

Stay safe, stack sats.
Lol I want an edit button for typos 😂

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Ben Kaufman

Ben Kaufman Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @_benkaufman

7 Jan
Secure your #Bitcoin like it’s worth 10x more than today.
Need help? Reach out! DMs open
Oh wow you guys are really reaching out 😅

Trying to keep up with all the messages, but will get to them all!
Read 4 tweets
7 Jan
“Early in life I have noticed that no event is ever correctly reported in a newspaper, but in Spain, for the first time, I saw newspaper reports which did not bear any relation to the facts, not even the relationship which is implied in an ordinary lie. I saw great
battles reported where there had been no fighting, and complete silence where hundreds of men had been killed. I saw troops who had fought bravely denounced as cowards and traitors, and others who had never seen a shot fired hailed as heroes of imaginary victories; and
I saw newspapers in London retailing these lies and eager intellectuals building emotional superstructures over events that never happened. I saw, in fact, history being written not in terms of what happened but of what ought to have happened according to various party lines.”
Read 4 tweets
6 Jan
👻Specter v1.0.0 is out!!!

Highlights (1/3)

- Massive refactoring of the history and UTXO tabs!
- Export transactions, UTXO, and addresses to CSV
- Address labeling from anywhere
- New Tor configurations page
- New testing framework
github.com/cryptoadvance/…
Highlights (2/3)

- Search, sort, and more in the transactions and UTXO tables
- Export historical prices of transactions to CSV
- Support all Tor features by having the Tor Browser open
- Tor-only option for any external requests
- Add UTXO tab to wallets overview
Highlights (3/3)

- Option to automatically generate a self-signed SSL certificate
- Fix Electrum export for signing with Coldcard
- Lots more bug fixes and improvements
Read 5 tweets
31 Dec 20
I've received many questions from people considering to set up a #Bitcoin multisig wallet but confused about the backup process, what should be backed up, and why.

🧵So here's a thread on backing up multisig wallets - what, why, and how.
The main caveat in a multisig wallet is that, while you need only a threshold of devices (ie. 2 of 3, 3 of 5, etc.) to sign a transaction, losing access to even a single device could potentially prevent you from being able to spend the funds - if you don't back up properly!
The reason is that (usually) in order to make a Bitcoin transaction, it is not enough to be able to sign it, but you also need to provide the "terms for spending", that is, the Script (code) that is used to lock the coins.
Read 20 tweets
29 Dec 20
math is hard ImageImageImageImage
Buy 1 sat, sell it for $26K, use that to buy 1 BTC, divided that into 100,000,000 sats. Repeat.

Checkmate maxis.
lol bet these guys are like “why’s everyone talking about pizza?”
Read 6 tweets
23 Dec 20
🧵Thread: 10 Rules for Verification on a #Bitcoin Hardware Wallet 👇
Rule #1: DO NOT TRUST THE COMPUTER SCREEN.

The very reason for using a hardware wallet is that your computer IS compromised, trusting it makes using the hardware wallet an expensive security theatre (or 2FA at best).
Always verify on the HWW device screen!
Rule #2: Verify your "receive" addresses BEFORE accepting funds.

A compromised computer can be tricked into displaying addresses that belong to an attacker. The only way to make sure you own the addresses is to display them on the HWW device and verify they match.
Read 21 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!