Self-Custody — Cean On BTC

Why custody matters

If you don't hold the private keys, you don't own the Bitcoin. You own a promise from whoever does.

That promise can be broken. It has been broken many times. Mt. Gox in 2014. Celsius, BlockFi, Voyager, FTX in 2022. Every cycle produces a new wave of platforms that seemed safe right up until they weren't. The cardinal rule that survives every cycle:

Not your keys, not your coins.

Self-custody isn't paranoia. It's the actual completion of your purchase. The exchange step is a temporary holding pattern — you bought the IOU. Withdrawing to a wallet you control is when the IOU becomes Bitcoin.

The custody spectrum

Five tiers, from convenient-but-risky to maximally-sovereign. Most people graduate up the spectrum as their position grows.

Tier 1 · Hot

Exchange custody

Your BTC sits on Coinbase, Kraken, etc. Convenient. You don't actually own it. Acceptable for short-term holding only.

Tier 2 · Warm

Custodial app

Strike, Cash App, etc. Marginally better than exchange. Still custodial. Fine for small spending balances.

Tier 3 · Warm

Software wallet

Sparrow, Phoenix, BlueWallet on your phone or laptop. You hold keys. Vulnerable to malware on the device.

Tier 4 · Cold

Hardware wallet

Coldcard, Trezor, Ledger. Offline device that signs transactions. Immune to remote attacks. The standard for any meaningful holding.

Tier 5 · Cold

Multi-signature

Requires multiple keys to spend. Lose one, the others still work. Institutional-grade. Worth the setup at ~$50k+ positions.

Hardware wallets — the practical baseline

For 95% of people with meaningful BTC, a hardware wallet is the right setup. Three options I'd recommend, with honest tradeoffs:

Coldcard MK4

~$160. Bitcoin-only. The most paranoid option, built by people who think a lot about supply-chain attacks. Air-gapped (signs via SD card or QR — never plugs into your computer). My pick if you take this seriously.

Trezor Safe 5

~$170. Open-source firmware. Touchscreen interface that's easier for non-technical family members to use. Good middle-ground between security and friendliness.

Ledger Nano X

~$150. Most popular, slickest UX. The 2023 "Recover" controversy raised legitimate questions about closed-source firmware. Still secure if you decline the recovery service. Fine choice with caveats.

Never buy hardware wallets from

Amazon (high risk of supply-chain tampering — sellers have inserted compromised devices)
eBay or any reseller
Any third-party retailer that didn't get the device directly from the manufacturer

Buy direct from the manufacturer's official website. Verify the tamper-evident packaging on arrival. The $20 you'd save on Amazon is the worst trade in Bitcoin.

Storing your seed phrase

The hardware wallet generates a 12 or 24-word "seed phrase" the first time you set it up. Those words ARE your Bitcoin. The hardware wallet itself is just a convenient way to use them. If your wallet breaks or gets lost, you can restore everything from those words on any other compatible wallet.

So: how you store those words is more important than which hardware wallet you bought.

Acceptable storage methods

Paper — fine for small amounts (≤ ~$10k). Stored in a fireproof safe at home, ideally in a sealed envelope.
Stamped steel plate — the gold standard. Coldcard MK4 includes "SeedXOR" tools, or buy a Cryptosteel / Stamp Seed for $50-100. Survives house fires, floods, decades.
Multi-location — once you have a steel backup, make a second one. Store it in a different physical location (safety deposit box, or with a fully trusted relative). Never both copies in the same building.

Never store your seed phrase in

Cloud notes (iCloud Notes, Google Keep, Notion, Apple Notes — all sync, all breachable)
Password managers (defeats the air-gap of the hardware wallet)
Email (to yourself or anyone — email is insecure forever)
Photos on your phone (auto-syncs to cloud backups by default)
A USB drive (storage media degrades; also defeats air-gap)
An "encrypted" file on your computer (one keystroke logger and you're done)
Your own brain only (memory is the most lossy storage medium ever invented)

Multi-sig — when to upgrade

Multi-signature ("multi-sig") setups require multiple keys to spend, typically 2-of-3 or 3-of-5. Lose any single key, the others still work. No single device or location can be compromised to drain you.

When it's worth the complexity: generally at ~$50k+ positions, or any amount you absolutely cannot afford to lose. The setup is more involved (multiple devices, multiple seed phrases, more careful inheritance planning), but the security upgrade is meaningful.

Three approaches:

DIY multi-sig — Sparrow Wallet + 3 hardware devices. Maximum sovereignty. Requires you to manage all the keys and know what you're doing. Recovery testing is non-negotiable.
Unchained Capital (collaborative custody) — you hold 2 keys, Unchained holds 1. They can't move funds without you, but if you lose your 2 keys they can help recover. The institutional-grade option for serious holdings. Includes inheritance services.
Casa — similar collaborative model. More polished UX. Tiered pricing. Their inheritance product is one of the better ones available.

Inheritance — the most-skipped step

If only you know how to access your Bitcoin, your family doesn't inherit it — they inherit nothing. This is the biggest unforced error in Bitcoin and almost no one talks about it.

The core tension: you want your heirs to be able to access the BTC after you die, but you don't want anyone (including them) to be able to access it while you're alive. Solving this requires deliberate planning.

Realistic inheritance options

Document the location, not the secret. Write a letter to your executor explaining where the seed is stored and how to use it — but never include the seed itself in the letter. Store the letter with your will.
Multi-sig with delayed access. A 2-of-3 setup where one key is held by an inheritance service (Casa, Unchained) automatically becomes accessible to your heirs after a verified period of inactivity.
A Bitcoin-aware estate attorney. Most attorneys don't know how to handle this. Find one who does. Search for "Bitcoin estate planning attorney" + your state.
Have the conversation. Walk your spouse / kids / executor through how to actually access the BTC at least once. Have them practice with a small amount. Don't let the first attempt be the day they need it.

Quick custody checklist

If you're starting fresh today, this is the order:

Buy a hardware wallet directly from the manufacturer (Coldcard, Trezor, or Ledger)
Set it up offline and write the seed phrase on paper, double-check word-by-word
Wipe the device, restore from seed, confirm it works — before depositing meaningful funds
Stamp the seed onto a steel plate for permanent backup
Store the steel backup in a fireproof location (home safe + safety deposit box if amounts justify)
Withdraw your BTC from the exchange to the hardware wallet
Document inheritance instructions for your executor (location only, never the words)
At ~$50k+, evaluate multi-sig (Unchained or Casa)
Re-test recovery once a year — on a small amount — to confirm everything still works

Talk through your custody setup → First time buying?