Storing crypto on an exchange or a hardware wallet is risky. Instead, you should use a multi-sig setup.
I used to store mycrypto in hardware wallets like Ledger, but for large amounts, it is still risky. If somebody steals your ledger or its seed phrase, you are doomed. If a fire or earthquake destroys them, you are doomed. I used to keep two copies of seed phrases in different locations for this latter risk. But that poses another risk - what if somebody steals from my second location when I am not present, and I do not know until it’s too late?
The solution is to use a multi-signature wallet, which is a setup in which a threshold of devices must be confirmed to execute a transaction. I put this off for way too long but finally got around to it.
For Bitcoin, there are two main providers I’d suggest -
Casa costs $250 a year (they also offer more expensive services, which I won’t go into here), while Unchained Capital offers a free tier of service. However, the latter requires KYC while the former does not.
For Casa, there is an app. You control two of the keys; Casa controls the third. You need 2 of 3 keys to send funds out. Your mobile serves as one key, and a hardware device like a ledger as the other. For the key that Casa controls, you answer security questions that you’d re-enter if you want Casa to sign for you in the future. You would use this if one of your two keys was compromised. Casa would sign after a seven-day buffer. It is highly recommended you write down your answer to the security questions and put it somewhere safe.
You also have the option to use two hardware devices instead of the mobile.
Unchained Capital is mostly similar, but they only offer the two hardware wallet solutions, no mobile. Also, while they are free, they charge a $20 co-signature fee if you need to rely on their third key. Since they KYC, they don’t require security questions; hence you don’t need to worry about writing it down and storing it safely somewhere; instead, they can verify via a method like video call when you need them to sign. They have a 72-hour buffer period before signing.
While KYC has this convenience, a downside is that if Unchained’s data gets compromised, your identity and crypto holdings will be revealed. To be clear, your crypto would still be safe in such a scenario because you control two of the keys. Alternatively, the downside of Casa with no KYC is that you are responsible for storing the answers to your security questions safely.
Finally, for a higher fee, you can do more complex options like 5 keys and white glove service with either Casa or Unchained.
One Mobile & One Hardware Wallet:
With mobile, it’s almost always on you, so if somebody steals your hardware wallet, you’ll still have your phone with you, which some may argue adds a degree of safety.
If you choose to keep one of the hardware wallets in your residence, you can conveniently transact anytime using it and your mobile device.
Finally, if a natural disaster destroys your hardware wallet and phone, you can get back your mobile key from a cloud backup (more later), and use this with Casa’s key to recover your balance.
Two Hardware Wallets:
Yes. The mobile private key is literally on your device in a secure enclave that can’t be accessed by anyone, not even your mobile device manufacturer. This means that even if somebody stole your Casa login credentials and logged in on their phone, they still can’t sign because they need your exact mobile device.
It is backed up to iCloud for iPhone and Google Drive for Android and can be re-established on a new phone.
For Ethereum, Casa offers an ETH vault that basically uses
Alternatively, you can use Safe directly, as it’s free to use, and you can hold any altcoin. It is the dominant DIY open-source multisig solution on Ethereum used by all decentralized orgs. They recently raised $100M on a $1B valuation. I got to be familiar with using it, as my most recent startup
The main difference to note between using Casa and Safe directly is that with Safe, you are responsible for safeguarding all your signer devices and their seed phrases, whereas with Casa, you can rely on them to hold one key (Casa key), while the mobile key will be held on your phone and accessed through their app without requiring you to write down a seed phrase (this mobile private key and seed phrase can be exported out, but you’d only do so for Sovereign Recovery).
For Safe, you can set it up however you want, like 2/3 signers, 3/5, 2/2, etc. Safe also has a mobile app that can serve as a key, but as I mentioned above, you’ll have to write down the seed phrase for it in a secure location if you choose to use it. The other signers can be hardware wallets, hot wallets (like Metamask), or a combination. The most important thing is to keep the seed phrases in separate geographic locations.
Hopefully, this was helpful as you think about safeguarding your own crypto. It’s a question I’ve thought a lot about, and it is important to have a solution that is immune to all the major risks - theft of a single device, natural disaster, or an exchange going down (a la FTX or the multitude of others).
Use this as a starting point, but I recommend doing your own research and choosing the setup that best fits your needs. Feel free to reach out to me directly if you have questions, and I’ll do my best to answer them.
Also published here.