Self-Custody & Recovery

Security Guide

Self-Custody & Recovery: Wallet Hygiene, Backups, and Safer Setups

Last updated: Aug 2025 • Education only, not financial advice.

Self-custody means you control your keys. Done right, it removes exchange risk and reduces attack surface. Done poorly, it concentrates risk in a single point of failure (you). This guide shows a practical setup that’s safer for everyday users.

Hot vs. cold (separate roles)

  • Hot wallet: Small, daily-use funds. Connected to apps. Treat like cash in your pocket.
  • Cold wallet (hardware): Long-term funds. Keys stay offline. Treat like a vault.

Separation is the #1 habit that prevents big losses.

Hardware wallet setup (safe flow)

  1. Buy from the official store, not a marketplace.
  2. Initialize the device offline; generate the seed phrase on the device.
  3. Write seed by hand on paper or metal—no photos, cloud, or printers.
  4. Verify firmware; set a strong PIN; consider an optional passphrase.
  5. Install the companion app; receive a small test transaction.

Backup strategies (so recovery actually works)

  • Redundancy: Keep at least two copies of the seed in separate physical locations.
  • Metal backup: Fire/water resistant; avoid single-point storage.
  • Label smartly: Do not label with coin names or “seed”. Use a code only you understand.
  • Recovery test: On a spare device or test wallet, restore using the seed to confirm legibility.

Passphrases & plausible deniability

A passphrase is an extra word added to the seed that creates a different wallet. It protects against someone finding your seed alone. Use only if you can store it separately and remember it—lost passphrases mean lost funds.

Multi-sig basics (when stakes are higher)

Multi-signature wallets require, say, 2-of-3 keys to move funds (e.g., your device + your spouse’s + a backup key in a safe). This reduces single-device failure and theft risk, but adds complexity. Start small and document recovery steps clearly.

Common mistakes to avoid

  • Typing seed phrases into any website or app
  • Taking photos/screenshots of seeds
  • Storing seeds in email, notes, cloud, or password managers
  • Blind-signing transactions without reading prompts

Ongoing hygiene

  • Keep firmware/software up to date—on your schedule, not immediately at prompts
  • Revoke old token allowances every few months
  • Maintain a small “decoy” hot wallet for risky apps
  • Document recovery: who to contact, where backups are, and how to restore
Next

Compare devices

Pros/cons, setup, and alternatives.

Ledger vs Trezor →

We never sell or rent your info. Unsubscribe anytime.

Last updated: Aug 2025 • Education only, not financial advice.

Scroll to Top