Blockstream on Nostr: As BTC climbs, understanding wallet tech is more critical than ever. In a world where ...
As BTC climbs, understanding wallet tech is more critical than ever. In a world where value rises and risks multiply, holding your own keys is your first line of defense.
This thread explores singlesig vs multisig wallets.
Don’t wait for disaster - know your options. 🧵
---
When it comes to Bitcoin wallets, a single private key provides total control - but also total risk.
Creating a singlesig wallet means backing up one 12-24 word seed phrase that represents the one private key that controls your Bitcoin.
But if you lose that key - those 12-24 words, whether stored on a hardware wallet or engraved on metal - your Bitcoin is gone. Permanently.
---
Creating a multisig (multisignature) wallet, however, adds another layer of security.
Multisig requires multiple keys to authorize transactions, adding redundancy. Common setups like 2-of-3 or 3-of-5 make it much harder for attackers to access your funds.
---
Setting up a multisig wallet comes with its own complexity. It’s not as simple as backing up more seed phrases - you’ll also need to back up the wallet descriptor.
Blockstream Jade natively handles this, storing multisig wallet descriptors with essential data like wallet fingerprints, derivation paths, and the extended public keys of all wallets in the setup.
---
With multisig, you might hold two keys on separate hardware wallets in different locations, while a third key is held by a trusted party.
Many companies offer multisig services to help you manage these setups, allowing you to distribute keys securely.
They won’t be able to spend the funds alone, but can assist if you lose a key.
---
Blockstream Green’s 2-of-2 multisig 2FA-protected accounts offer another approach to multisig.
The first key is on your device, protected by a PIN and backed up with a 12- or 24-word recovery phrase.
The second key is held on Blockstream Green servers, protected by two-factor authentication (2FA) that you control on a separate device using an authenticator app.
https://blockstream.com/green/
---
Now, even if someone gains access to your device or PIN, they can’t spend your funds without your 2FA method.
Even with your recovery phrase, 2FA is essential. However, if you lose access to your 2FA method, you’ll have to wait until a ~365-day CSV timelock expires to regain access to your funds.
https://help.blockstream.com/hc/en-us/articles/900001391763-How-does-Blockstream-Green-s-2FA-multisig-protection-work#h_a0e00982-eb22-42f9-af2f-997bf0f67a09
---
In an age of data breaches and physical threats, multisig can help protect your holdings even if one key is lost or compromised.
As a technology, it’s valuable for long-term cold storage, for enterprises splitting keys between executives, as a foundation for inheritance planning, and so much more
---
Don’t wait until you’ve mastered multisig to start self-custody.
Order a Blockstream Jade today - as you learn, Jade will be ready for multisig and more advanced setups.
https://store.blockstream.com/
---
Catch up and learn about hot vs. cold wallets in the last thread 👇
This thread explores singlesig vs multisig wallets.
Don’t wait for disaster - know your options. 🧵
---
When it comes to Bitcoin wallets, a single private key provides total control - but also total risk.
Creating a singlesig wallet means backing up one 12-24 word seed phrase that represents the one private key that controls your Bitcoin.
But if you lose that key - those 12-24 words, whether stored on a hardware wallet or engraved on metal - your Bitcoin is gone. Permanently.
---
Creating a multisig (multisignature) wallet, however, adds another layer of security.
Multisig requires multiple keys to authorize transactions, adding redundancy. Common setups like 2-of-3 or 3-of-5 make it much harder for attackers to access your funds.
---
Setting up a multisig wallet comes with its own complexity. It’s not as simple as backing up more seed phrases - you’ll also need to back up the wallet descriptor.
Blockstream Jade natively handles this, storing multisig wallet descriptors with essential data like wallet fingerprints, derivation paths, and the extended public keys of all wallets in the setup.
---
With multisig, you might hold two keys on separate hardware wallets in different locations, while a third key is held by a trusted party.
Many companies offer multisig services to help you manage these setups, allowing you to distribute keys securely.
They won’t be able to spend the funds alone, but can assist if you lose a key.
---
Blockstream Green’s 2-of-2 multisig 2FA-protected accounts offer another approach to multisig.
The first key is on your device, protected by a PIN and backed up with a 12- or 24-word recovery phrase.
The second key is held on Blockstream Green servers, protected by two-factor authentication (2FA) that you control on a separate device using an authenticator app.
https://blockstream.com/green/
---
Now, even if someone gains access to your device or PIN, they can’t spend your funds without your 2FA method.
Even with your recovery phrase, 2FA is essential. However, if you lose access to your 2FA method, you’ll have to wait until a ~365-day CSV timelock expires to regain access to your funds.
https://help.blockstream.com/hc/en-us/articles/900001391763-How-does-Blockstream-Green-s-2FA-multisig-protection-work#h_a0e00982-eb22-42f9-af2f-997bf0f67a09
---
In an age of data breaches and physical threats, multisig can help protect your holdings even if one key is lost or compromised.
As a technology, it’s valuable for long-term cold storage, for enterprises splitting keys between executives, as a foundation for inheritance planning, and so much more
---
Don’t wait until you’ve mastered multisig to start self-custody.
Order a Blockstream Jade today - as you learn, Jade will be ready for multisig and more advanced setups.
https://store.blockstream.com/
---
Catch up and learn about hot vs. cold wallets in the last thread 👇
quoting note1ynx…2pueWith Bitcoin hitting all-time highs, self-custody isn’t just an option—it’s essential.
Leaving BTC on an exchange? A risky bet.
The real choice: hot wallet vs. cold wallet. Understanding the trade-offs between managing Bitcoin on internet-connected devices or a hardware wallet is key to safeguarding your BTC. 🧵
---
Hot wallets are always connected to the internet, making them convenient for quick transactions but vulnerable to online threats. They include web wallets, mobile wallets, and desktop wallets.
While each offers benefits, their constant internet connection exposes them to potential risks.
---
Web wallets are the least secure, with private keys stored in the browser or on a web server. This high exposure means your assets are only as safe as the browser’s defenses - high convenience, high risk.
Web wallets aren’t recommended for long- or mid-term Bitcoin holdings but are useful for quick payments or connecting to websites.
---
Mobile wallets, like Blockstream Green, BlueWallet, and Muun, offer slightly more security, with private keys stored on your phone. Phones generally have secure elements for key protection, but mobile wallets are still online, meaning your Bitcoin remains at risk if the device is compromised. Mobile wallets are great for day-to-day payments and mid-term holdings but aren’t suited for long-term storage of large holdings.
---
Blockstream Green allows users to add an extra layer of security for larger or long-term holdings on a mobile wallet by offering 2FA-protected accounts. This enhanced security means an attacker would need both your recovery phrase and 2FA to access your wallet. Setting up multiple 2FA methods is recommended, prioritizing the authenticator app on a separate device, with options like email, SMS, or call as backups.
https://youtu.be/CyCQjjSYIBY?si=HPlXYNZuC-tlBaQD
---
Desktop wallets, such as Blockstream Green, Sparrow, and Electrum, run on your computer and store private keys locally. While they’re generally safer than web wallets, desktop wallets are still exposed to online threats. Malware or viruses can compromise your keys, making desktop wallets more secure than web or mobile wallets but not invulnerable.
https://blockstream.com/green/
---
Blockstream Green on desktop also offers 2FA-protected accounts, adding a strong layer of defense: even if someone gains access to your device or knows your PIN, they can’t spend your funds without your 2FA method. Even if someone has your primary recovery phrase, 2FA is still required for fund access. However, if you lose your 2FA method, you won’t be able to access your funds for ~ 365 days until the CSV timelock expires.
https://help.blockstream.com/hc/en-us/articles/900001391763-How-does-Blockstream-Green-s-2FA-multisig-protection-work#h_a0e00982-eb22-42f9-af2f-997bf0f67a09
---
Using a Bitcoin node, like Bitcoin Core, connects you directly to the network, adding control by bypassing third-party servers. However, if private keys are stored on an internet-connected computer, they’re still at risk. Pairing a Bitcoin Core node with a hardware wallet through Hardware Wallet Integration (HWI)—a solution developed by Blockstream Research’s achow101 - significantly enhances security by keeping keys offline, though it requires careful setup.
https://github.com/bitcoin-core/HWI
---
Cold wallets, also known as hardware wallets, are designed for ultimate security. A hardware wallet like Blockstream Jade generates and stores your private keys offline, making them virtually immune to remote attacks.
When a hardware wallet is paired with a hot wallet for transaction signing, the hot wallet coordinates the transaction, sends it to the hardware wallet for signing, then the hardware wallet sends it back to the hot wallet to broadcast.
---
With a hardware wallet, your keys are generated offline and never touch an internet-connected device.
https://store.blockstream.com/jade
---
In the end, each wallet type has its role, but for the highest security, an open-source hardware wallet - a cold wallet - is essential for safeguarding Bitcoin.
Don’t wait until you have a hardware wallet to start self-custody. A mobile wallet is fine for beginners - practice backing up, sending, and receiving Bitcoin now. As your holdings grow, you can upgrade to a hardware wallet for added security