Blockstream on Nostr: With Bitcoin hitting all-time highs, self-custody isn’t just an option—it’s ...
With Bitcoin hitting all-time highs, self-custody isn’t just an option—it’s essential.
Leaving BTC on an exchange? A risky bet.
The real choice: hot wallet vs. cold wallet. Understanding the trade-offs between managing Bitcoin on internet-connected devices or a hardware wallet is key to safeguarding your BTC. 🧵
---
Hot wallets are always connected to the internet, making them convenient for quick transactions but vulnerable to online threats. They include web wallets, mobile wallets, and desktop wallets.
While each offers benefits, their constant internet connection exposes them to potential risks.
---
Web wallets are the least secure, with private keys stored in the browser or on a web server. This high exposure means your assets are only as safe as the browser’s defenses - high convenience, high risk.
Web wallets aren’t recommended for long- or mid-term Bitcoin holdings but are useful for quick payments or connecting to websites.
---
Mobile wallets, like Blockstream Green, BlueWallet, and Muun, offer slightly more security, with private keys stored on your phone. Phones generally have secure elements for key protection, but mobile wallets are still online, meaning your Bitcoin remains at risk if the device is compromised. Mobile wallets are great for day-to-day payments and mid-term holdings but aren’t suited for long-term storage of large holdings.
---
Blockstream Green allows users to add an extra layer of security for larger or long-term holdings on a mobile wallet by offering 2FA-protected accounts. This enhanced security means an attacker would need both your recovery phrase and 2FA to access your wallet. Setting up multiple 2FA methods is recommended, prioritizing the authenticator app on a separate device, with options like email, SMS, or call as backups.
https://youtu.be/CyCQjjSYIBY?si=HPlXYNZuC-tlBaQD
---
Desktop wallets, such as Blockstream Green, Sparrow, and Electrum, run on your computer and store private keys locally. While they’re generally safer than web wallets, desktop wallets are still exposed to online threats. Malware or viruses can compromise your keys, making desktop wallets more secure than web or mobile wallets but not invulnerable.
https://blockstream.com/green/
---
Blockstream Green on desktop also offers 2FA-protected accounts, adding a strong layer of defense: even if someone gains access to your device or knows your PIN, they can’t spend your funds without your 2FA method. Even if someone has your primary recovery phrase, 2FA is still required for fund access. However, if you lose your 2FA method, you won’t be able to access your funds for ~ 365 days until the CSV timelock expires.
https://help.blockstream.com/hc/en-us/articles/900001391763-How-does-Blockstream-Green-s-2FA-multisig-protection-work#h_a0e00982-eb22-42f9-af2f-997bf0f67a09
---
Using a Bitcoin node, like Bitcoin Core, connects you directly to the network, adding control by bypassing third-party servers. However, if private keys are stored on an internet-connected computer, they’re still at risk. Pairing a Bitcoin Core node with a hardware wallet through Hardware Wallet Integration (HWI)—a solution developed by Blockstream Research’s achow101 - significantly enhances security by keeping keys offline, though it requires careful setup.
https://github.com/bitcoin-core/HWI
---
Cold wallets, also known as hardware wallets, are designed for ultimate security. A hardware wallet like Blockstream Jade generates and stores your private keys offline, making them virtually immune to remote attacks.
When a hardware wallet is paired with a hot wallet for transaction signing, the hot wallet coordinates the transaction, sends it to the hardware wallet for signing, then the hardware wallet sends it back to the hot wallet to broadcast.
---
With a hardware wallet, your keys are generated offline and never touch an internet-connected device.
https://store.blockstream.com/jade
---
In the end, each wallet type has its role, but for the highest security, an open-source hardware wallet - a cold wallet - is essential for safeguarding Bitcoin.
Don’t wait until you have a hardware wallet to start self-custody. A mobile wallet is fine for beginners - practice backing up, sending, and receiving Bitcoin now. As your holdings grow, you can upgrade to a hardware wallet for added security
Leaving BTC on an exchange? A risky bet.
The real choice: hot wallet vs. cold wallet. Understanding the trade-offs between managing Bitcoin on internet-connected devices or a hardware wallet is key to safeguarding your BTC. 🧵
---
Hot wallets are always connected to the internet, making them convenient for quick transactions but vulnerable to online threats. They include web wallets, mobile wallets, and desktop wallets.
While each offers benefits, their constant internet connection exposes them to potential risks.
---
Web wallets are the least secure, with private keys stored in the browser or on a web server. This high exposure means your assets are only as safe as the browser’s defenses - high convenience, high risk.
Web wallets aren’t recommended for long- or mid-term Bitcoin holdings but are useful for quick payments or connecting to websites.
---
Mobile wallets, like Blockstream Green, BlueWallet, and Muun, offer slightly more security, with private keys stored on your phone. Phones generally have secure elements for key protection, but mobile wallets are still online, meaning your Bitcoin remains at risk if the device is compromised. Mobile wallets are great for day-to-day payments and mid-term holdings but aren’t suited for long-term storage of large holdings.
---
Blockstream Green allows users to add an extra layer of security for larger or long-term holdings on a mobile wallet by offering 2FA-protected accounts. This enhanced security means an attacker would need both your recovery phrase and 2FA to access your wallet. Setting up multiple 2FA methods is recommended, prioritizing the authenticator app on a separate device, with options like email, SMS, or call as backups.
https://youtu.be/CyCQjjSYIBY?si=HPlXYNZuC-tlBaQD
---
Desktop wallets, such as Blockstream Green, Sparrow, and Electrum, run on your computer and store private keys locally. While they’re generally safer than web wallets, desktop wallets are still exposed to online threats. Malware or viruses can compromise your keys, making desktop wallets more secure than web or mobile wallets but not invulnerable.
https://blockstream.com/green/
---
Blockstream Green on desktop also offers 2FA-protected accounts, adding a strong layer of defense: even if someone gains access to your device or knows your PIN, they can’t spend your funds without your 2FA method. Even if someone has your primary recovery phrase, 2FA is still required for fund access. However, if you lose your 2FA method, you won’t be able to access your funds for ~ 365 days until the CSV timelock expires.
https://help.blockstream.com/hc/en-us/articles/900001391763-How-does-Blockstream-Green-s-2FA-multisig-protection-work#h_a0e00982-eb22-42f9-af2f-997bf0f67a09
---
Using a Bitcoin node, like Bitcoin Core, connects you directly to the network, adding control by bypassing third-party servers. However, if private keys are stored on an internet-connected computer, they’re still at risk. Pairing a Bitcoin Core node with a hardware wallet through Hardware Wallet Integration (HWI)—a solution developed by Blockstream Research’s achow101 - significantly enhances security by keeping keys offline, though it requires careful setup.
https://github.com/bitcoin-core/HWI
---
Cold wallets, also known as hardware wallets, are designed for ultimate security. A hardware wallet like Blockstream Jade generates and stores your private keys offline, making them virtually immune to remote attacks.
When a hardware wallet is paired with a hot wallet for transaction signing, the hot wallet coordinates the transaction, sends it to the hardware wallet for signing, then the hardware wallet sends it back to the hot wallet to broadcast.
---
With a hardware wallet, your keys are generated offline and never touch an internet-connected device.
https://store.blockstream.com/jade
---
In the end, each wallet type has its role, but for the highest security, an open-source hardware wallet - a cold wallet - is essential for safeguarding Bitcoin.
Don’t wait until you have a hardware wallet to start self-custody. A mobile wallet is fine for beginners - practice backing up, sending, and receiving Bitcoin now. As your holdings grow, you can upgrade to a hardware wallet for added security