The greatest responsibility for any long term HODLR is how and where to store their bitcoin.
This is because their biggest risk is losing it for some dumb reason like forgetting their password. It happens more often than you think.
To prevent any such moments of dumbness occurring, a secure non-custodial hardware wallet is central to good long term holding strategy and protecting your online privacy.
Today bitcoin is still niche but it’s more popular than ever which is reflected in the price gains it’s made over the last 12 months.
As more people buy bitcoin, new services and products are introduced to meet demand.
Bitcoin wallets have been around since the beginning but each year they become more functional and user friendly. And, of course, self-custody of your own bitcoin is like having a Swiss bank in your pocket.
There are two types of bitcoin wallet: Software wallets and hardware wallets.
Software wallets are useful to hold small amounts of bitcoin but because they’re online 24/7 it makes them more likely to be hacked.
The best software wallet to use which also works along side the Coldcard is BlueWallet.
For long term holding and peace of mind you need a secure non-custodial hardware wallet to store your bitcoin offline.
Enter Coldcard wallet
There are numerous hardware wallets on the market but none take bitcoin security more seriously than the Coldcard wallet.
It’s not the easiest hardware wallet to use (which is a feature, not a bug) but it comes with a swathe of security features that other hardware wallets don’t have.
Coldcard is made by Coinkite, a leading bitcoin security hardware manufacturer based in Canada.
Coinkite have developed the Coldcard with every risk scenario imaginable and have attempted to mitigate each one in the wallet’s features.
The Coldcard is Coinkite’s flagship product and is one of several other products they’ve developed dedicated to bitcoin security.
It’s further peace of mind to know they are bitcoiners themselves who believe in the quality of their products and are happy engaging with their customers online.
Bitcoin security from delivery to storage
Coldcard is currently on its third iteration. The Coldcard Mk III was launched in late 2019 and each version brings new features to the wallet.
Learning how to use the Coldcard can be a little overwhelming to begin with but its security features give you more peace of mind as the price of bitcoin goes up.
I’ve listed each security feature below along with a description for each to help you understand them.
If you already have a Coldcard and want to explore the features further you can use the tutorials listed on the documentation section of the Coldcard website.
Bitcoin isn’t mainstream enough to buy a hardware wallet at your local store. You instead have to order online and have them delivered to you (from Canada in Coldcard’s case).
To prevent any tampering before the Coldcard reaches you, Coinkite use a security bag to keep it in. The bag is coded with a unique number which is also written into Coldcard’s secure element as the bag is packed.
This unique number cannot be changed, and you have to verify the bag’s number when the Coldcard is first powered-up.
A clear plastic case so no hardware tampering
The Coldcard has been designed using protective thick clear plastic so you can see inside to make sure it hasn’t been tampered with in some way.
Coinkite covers the secure element and other sensitive parts of the Coldcard with epoxy. This makes it harder to remove those chips or change the wiring around them.
Basically, attempting to tamper with the Coldcard’s inner workings will likely physically break it.
Coldcard is a bitcoin-only wallet
Coinkite is a bitcoin-only company and its team are bitcoiners through and through.
They only care about bitcoin security and don’t attempt to accommodate other cryptocurrencies into the wallet which could make them more susceptible to hacking.
All of the company’s time, resources and R&D are dedicated to bitcoin security allowing them to innovate and improve on the only cryptocurrency that truly matters: bitcoin.
Open source software
Coldcard makes its software open source so it can be interrogated by third parties to ensure it’s safe from backdoors and bugs.
Not all wallets – both hardware and software – are open source which means you’re blindly trusting the developers haven’t made any mistakes in the code or worse.
With Coldcard, anyone can (and do) take a look at the code to ensure it’s doing what it supposed to.
Next level secure PIN login
Coldcard has a special PIN login sequence that adds an extra layer of security.
When you set up your Coldcard you add two PIN logins (a prefix and a suffix) with a two-word checklist in between.
Your two-word checklist is specific to you and shows that your wallet PIN hasn’t been tampered with.
Real encrypted security chip
Unlike other bitcoin wallets, the Coldcard uses a specific encrypted microchip to manage the important security elements, namely the 24-word seed phrase.
This means your private key is stored in a dedicated security chip, not the main micro’s flash.
No other hardware wallet manufacturer goes to this length to keep your seed phrase safe and secure.
Duress PIN so you can open a fake wallet to your real one
Coldcard includes what it calls a ‘duress PIN’ so you can open a fake wallet instead of your real one in the (hopefully unlikely) event you’re being physically forced.
You can allocate a little bitcoin to the ‘fake’ wallet so when you open the Coldcard using the duress PIN it show it as your balance not your actual amount. This is useful to those who are in a high-risk physical attack scenario.
A ‘brick me’ PIN
Again, let’s say you’re being physically forced to open the wallet you can also use the ‘brick me’ PIN which will destroy the Coldcard and render it useless.
Assuming you have your seed phrase elsewhere you can retrieve your bitcoin after the event.
Again, not the type of event a casual bitcoin investor is likely to go through but useful to know you have the option if ever you need it.
Coldcard is air-gapped
One of Coldcard’s best features is it’s air-gapped which means you can create transactions offline without ever having to connect it to a computer or smartphone.
Coldcard is the first “PSBT Native” hardware wallet which means you can partially sign a transaction when the wallet is offline. Using a MicroSD card you finish signing the transaction through the software wallet.
This means that the Coldcard never has to be connected to the internet which helps protect it against malware attacks.
You can connect the Coldcard directly to a computer if you like but why increase risk when you don’t need to.
You can conveniently backup and encrypt your Coldcard to a MicroSD card so if it’s ever lost, broken or stolen you won’t lose your bitcoin.
Backups are passphrase protected for encryption (it tests you to ensure you’ve written the passphrase down) so you can decrypt and reinstall the wallet anytime you need to.
Backups don’t have to be encrypted if you think remembering another passphrase is too much. In my opinion, encryption is worth doing for an additional security layer.
Compatibility with numerous software wallets
Coldcard doesn’t have its own software wallet but it’s been designed to used with other third-party software wallets.
It’s compatible with the all the well-known (and most secure) software wallets including, Wasabi Wallet, BlueWallet, Electrum and Bitcoin Core.
Multisig (multi-signature) means the wallet requires multiple keys to authorise a transaction rather than a single signature from one key. This is an additional security layer which you can set up from the Coldcard.
The benefit of multisig are obvious but it can become cumbersome (especially with saving backups of keys) so only needs to be used with high transactions.
Why you need a Coldcard wallet
If the above list hasn’t convinced you of getting a Coldcard to store your bitcoin I’m not sure what will.
Joking aside, as bitcoin continues to increase in value, storing it securely will only become more important to you.
It takes a little while to get used to the Coldcard, more so than other hardware wallets but the security is unmatched.
In other words, the time invested learning it will be worth it in the long term.
This isn’t a paid for endorsement and nor am I making any money from referring it. I just really like the wallet and the company’s mission.