Backup Seeds » Advanced Considerations

Think Hard About Your Risks

It is a natural human bias to believe theft is a greater risk than loss, despite data indicating the opposite. (An analogy that gives some insight into the relevant psychology: we are all terrified of homicide despite suicide being more common.) Non-expert users should question themselves when taking extreme steps to protect against theft over loss.

There are many tradeoffs between security/redundancy below and only you can decide what the appropriate balance is for your needs.

Multiple Locations

Physical Security

Not only does storing all of your bitcoin information in one place make it less secure, it also makes you a target! You don’t want a home-invader to be able to hold you at gunpoint for your life-savings. The downside is that funds secured by a “geographically split” scheme will be harder to spend because you must visit multiple secure locations to gather signatures. For day-to-day funds, you might choose a simpler single-key signature wallet setup that is easy to spend (but not as secure).

Natural Disasters

If you keep all m seeds in one location and there is a fire (or flood) you could lose everything, perhaps when you need it most. In the unlikely event you need to evacuate, you don’t also want to be carrying your life-savings on you (see previous section on physical security).

Imagine you have a 2-of-3 scheme with 1 seed in each of 3 cities (A, B, and C). Should you need to evacuate city A, you can take seed A with you to city B or to city C. As you are only carrying 1 (of a needed 2) seeds, if you are robbed during this time your attacker will be unable to spend your bitcoin. Important note: in the event a seed is compromised you need to retrieve m seeds ASAP to “rotate” out the seed that was stolen (this is accomplished by moving your funds to a new multisig scheme where you control all 3 seeds again).

Estate Planning

The hardest bitcoin security question for most bitcoiners to answer is “what happens to your bitcoin if you get hit by a bus?” Unfortunately, ensuring your bitcoin is recoverable by your loved ones and nobody else is a very challenging task. Multisig is the best tool we have to aid in this process.

Give One (or More) Seeds to Someone You Trust

Anyone who has a quorum of seeds can spend your bitcoins! (even if they don’t, it’s important to know that they can) Depending on your personal situation, this may be a good thing (perhaps a spouse who you want to have complete access) or a bad thing (perhaps a financial manager who might be tempted to steal).

Imagine you have a 2-of-3 scheme with seeds A, B, and C, all of which you initially control. You and your spouse want to always have access to your bitcoins, and you want your children to only get access in the event both you and your spouse are dead.

You might do the following:

As a result of this scheme:

Of course, there are many tradeoffs/choices to be made:

Read more here.

While not perfect, this is far superior to single-key signature schemes.

Each of these situations can be addressed with a different quorum, giving different people different access, making more backups, etc. However, each of those choices will introduce new risks.

You can quickly see that this scheme lends itself better to something like 3-of-5, so you can have more entities/redundancy, and clearer organizational lines (less copies of keys floating around, so you can know for sure who signed each transaction).

Protect Your Backups


Use durable metal for bitcoin seed storage instead of paper, which can fade, burn, or smudge.

Archival Paper & Ink

Archival paper is obviously not as durable as metal, but better than regular paper. Place your paper into a plastic bag with a good seal (vacuum sealed even better) so that it doesn’t get destroyed in the event of water damage.

Fireproof Document Bag

You can use these to protect seed backups, and also to protect your physical hardware wallets.

» Next Section: Backup Public Keys