Bitcoin Self-Custody... Without Compromise

Michael Jordan

Chief Growth Officer of The Bitcoin Way and host of The Bitcoin Way Podcast.

As Bitcoin adoption continues its inevitable climb, the options for “securing your Bitcoin” grow in number.

I use quotation marks intentionally, because some options aren’t particularly secure, and in many cases it isn’t even your Bitcoin. At the very least, most violate the trustless intention and vision that Satoshi had when he created Bitcoin.

Bitcoin Exchanges

Long story short, don’t leave your Bitcoin on an exchange. If you do, it’s not your Bitcoin; it’s an IOU.

Exchanges and similar types of companies have a long history of failing (Mt. Gox, FTX, Celsius, BlockFi, etc.) and many have been found to not have all they Bitcoin that they sold customers to begin with. The Bitcoin you think you have on an exchange… might not really be there.

Don’t mess around with the scarcest asset ever to exist and don’t leave it on an exchange.

Collaborative Custody

There are many flavors of collaborative custody, so it’s difficult to break down the disadvantages of each one-by-one. As a common example of a collaborative custody setup, you’ll have three “keys” to your Bitcoin and two of the three are required to move or transact with it. The third key is stored by a third party and provided to you should you lose one of your other two keys.

It sounds good on the surface, having a backup plan in case you lose a key. But let’s look at some of the common issues with this setup.

Proprietary Tools

Many collaborative custody service providers provide a proprietary mobile app through which your Bitcoin must be sent and received. This means that the code - what is happening under the hood - is known only to them.

You have to trust that the app isn’t spying on you or tracking you and won’t fail when you need it most. Not a great start.

Inferior Bitcoin Hardware Wallets

Typically, one of the keys that you hold in this arrangement will be on a hardware wallet. Many service providers in the space support or even promote inferior quality hardware wallets (e.g., closed source code, supportive of multiple cryptocurrencies).

Unless you have someone with strong principles to guide you, you’re likely to get pushed into a hardware wallet that doesn’t best serve you and could even open you up to major security risks.

Know Your Customer (KYC)

Most collaborative custody solutions have to know how you are - your name, government ID, address, and other information in order to comply with various regulations.

This means that employees could feasibly access information about who you are, how much Bitcoin you have, and (if you’re required to transact on their app) when you send your Bitcoin.

You’ve gained no privacy by exiting the fiat system for Bitcoin if you’re effectively using a third party like a bank.

Video Authentication

If you lose a key and need your third party to provide the backup key to you, they’ll need to verify who you say you are. Some are beginning to use video verification… just as AI generated videos and avatars are becoming harder to discern from reality and will only become more so in the future.

I’ve seen videos of an AI avatar conduct an online video interview without any assistance from the real applicant. Besides this possibility for faking verification, you can bet that your third party is under constant attack from hackers looking to breach their data (so they know who owns what) and for those key backups (so they are one step closer to stealing your Bitcoin).

Censorship & Holding Periods

If a third party requires you to transact through their app, you could be subject to censorship or arbitrary holding periods on your Bitcoin. The former could be achieved through government coercion or if you just happened to pick an untrustworthy business partner.

Most service providers will disclose in advance that they have holding periods for larger transactions to add as a layer of security, and, of course, those time periods can be increased at their discretion. Again, there is no gain in leaving traditional financial institutions who have delays on wire transfers and other such money transmission mechanisms if you opt for these solutions. You lose the incredible self-sovereign advantages of Bitcoin if someone else can play “god” with your money.

Scheduled Maintenance

Companies that offer web apps and solutions routinely have scheduled maintenance whereby their app isn’t available for several hours at a time. Bitcoin is by design available 24/7/365 for those who hold it exclusively in their custody and there is no risk of hardware that you possess and software that you’ve already downloaded going offline.

App Store Dependency

Again with the apps! If you don’t have an Apple or Android phone, you’re probably out of luck accessing the apps, anyway.

We see more clients at The Bitcoin Way moving to de-googled phones with more privacy-focused apps. If you’ve done the right thing and claimed sovereignty over your digital life in other productive ways, collaborative custodial solutions may not work for you anyway.

Third-Party Failure

There is always the risk that your collaborative custody service provider could fail. If so, there is usually a set of complex instructions you must follow (and more information you must not lose) to regain access to your Bitcoin (e.g., may require a Linux computer, proficiency in using a command line, and other technical caveats). The average user will have no idea where to begin with this.

100% Outsourced Bitcoin Custody

Finally, there are some companies that refer to themselves as a “collaborative custody” solution but in fact leverage a different business model whereby three separate institutions each hold one of your keys and you have no direct access to move your Bitcoin without verifying your identity.

A compelling use case for this arrangement could possibly be made for a medium or large business that can’t simply rely on maintaining a hardware wallet. The problem is, these solutions are just as emphatically marketed to individuals - “give up your control of your keys and take on full counterparty risk” for us to store all of your keys.

That counterparty risk you take is the failure of one or more of these companies, regulatory changes in the jurisdiction of one or more institution, a major data breach, or any number of other threats - some known and others not.

I’d highly encourage you stay away from these options as an individual.

Bitcoin ETFs

Finally, we have the latest iteration of Bitcoin proxies - Bitcoin ETFs. The ETFs are definitively not Bitcoin. They are a financial product that give you exposure to Bitcoin’s price, but denominated in dollars. All of the freedoms and self-sovereignty that you gain through real Bitcoin ownership vanish with the ETFs.

This isn’t precisely a custody issue but rather a common misconception about what is actually being owned. That said, to the extent that you misperceive ETFs as “owning Bitcoin,” understand that it is still an IOU and that an exchange (Coinbase) is the custodian for 10 of the 11 ETFs (Fidelity custodies its own Bitcoin, but still, same counterparty risk as an exchange).

If you have a traditional portfolio or retirement accounts that prevent outright Bitcoin ownership these can at least expose you to Bitcoin’s market-outperformance over time, but don’t be confused about what it isn’t (not real Bitcoin).

Final Thoughts

Bitcoin was designed to be trustless and counterparty-risk-free. It’s no surprise that companies have sprouted up with one foot in traditional finance and one in Bitcoin to try bridging a gap they’ve made up in their minds.

But in reality, Bitcoin self-custody isn’t all that hard. It simply requires a new set of skills that the right teacher can help you learn quickly. And when you do, you’ll benefit from the entirety of Bitcoin’s promise as uncensorable, trustless, self-sovereign money.

If you need help on this journey, don’t delay. Generational wealth is at stake and The Bitcoin Way is here to help.

Follow us on social media

Master Bitcoin security

Learn from our 25 years of cybersecurity expertise

Book a free consultation