top of page

Wallets and Keys

Wallets and Self-Custody.png

A Bitcoin wallet is software or hardware that stores your private and derives public keys from it, constructs and signs transactions, and manages your unspent transaction outputs (UTXOs).

Wallets come in various forms, including mobile apps, desktop software, or dedicated hardware devices.

 

A common misconception is that Bitcoin is stored in a wallet; it isn’t. Bitcoin does not exist as a physical or digital object. As we learned previously, it exists as entries on a decentralised public ledger, where ownership of units (satoshis) is updated by recording transactions on the blockchain.

 

To claim ownership of your Bitcoin, you must prove control of the private keys associated with the specific UTXOs*. A wallet manages those UTXOs, displays a balance for convenience, and enables spending by signing transactions with the corresponding private keys.

*What's a UTXO? Unspent transaction output. It's an entry on the Bitcoin ledger that hasn't been spent yet. To learn more about UTXOs, read the next chapter Transactions and UTXOs.

Two keys for two different purposes.

The Private Key

Screenshot 2026-02-25 at 9.08.10 pm.png

The private key is 64 hexadecimal characters long, which would be very hard to write and keep safe. To fix this and make it more user-friendly, they can be translated into a 12, 18, or 24-word seed phrase. If you lose access to your wallet, you can typically restore it with that seed phrase.

The private key or seed phrase gives absolute control over the Bitcoins held by it. 

This is very important to understand, as many Bitcoins have been lost by Bitcoiners who have been complacent about the safety of their private key. (Estimated between 2.3 to 4 million Bitcoins lost - or $250 to $400 billion)

The Public Key

Screenshot 2026-02-25 at 9.08.26 pm.png

The public key is derived from the private key by multiplying it by a fixed generator point (G) on the elliptic curve SECP256K1. 

This equation makes it impossible to recover the private key from a public key, which allows you to share it to get paid without revealing your private key, which would give full access to your Bitcoins. Your public key, however, will reveal your whole transaction history.

For privacy, your public key can derive unlimited Bitcoin addresses.

Screenshot 2026-02-25 at 9.08.57 pm.png
Seed phrase

A Bitcoin seed phrase is a 12 or 24-word sequence that acts as a master key to recover a wallet’s private keys and access all associated Bitcoin. It’s critical to keep it safe and stored offline in a secure location like a safe or encrypted drive. Anyone with control of your seed phrase has full control over your funds. Loss or exposure risks permanent loss of your Bitcoin, as it’s the only way to restore a wallet if a device fails or is lost.There are many way to store your seed phrase, the cheapest and most common is simply written on a piece of paper, but it can be very risky as paper is fragile and easily lost. I highly recommend buying a seed phrase backup made out of steel to keep it safe from fire, flood, fading or any other damage.

There's a few metal seed backup I recommend in

Self-custody.

IMG_0406.heic

12 or 24 words?

When creating your Bitcoin wallet, you will have to choose what type of seed you want to use. The most common ones are 12 or 24 words.

 

I can't tell you which one to use, but I can give you the relevant information for you to make that decision.

 

The 12 or 24 words seed phrase results from the amount of entropy used to create that seed:

128-bit entropy BIP-39 will be translated into a 12-word seed phrase.

256-bit entropy BIP-39 will be translated into a 24-word seed phrase.

Logically, a 24-word seed phrase seems like the obvious choice, more entropy, more secure, right?

 

Well, it depends on what potential attacks you're trying to be protected from. 

The best way to understand it is through this small paragraph from Andreas Antonopoulos in Mastering Bitcoin:

"The security strength of a Bitcoin public key is 128 bits. An attacker with a classical computer (the only kind which can be used for a practical attack as of this writing) would need to perform about 2128 operations on Bitcoin’s elliptic curve in order to find a private key for another user’s public key. The implication of a security strength of 128 bits is that there’s no apparent benefit to using more than 128 bits of entropy (although you need to ensure your generated private keys are selected uniformly from within the entire 2256 range of private keys).

 

There is one extra benefit of greater entropy: if a fixed percentage of your recovery code (but not the whole code) is seen by an attacker, the greater the entropy, the harder it will be for them to figure out part of the code they didn’t see. For example, if an attacker sees half of a 128-bit code (64 bits), it’s plausible that they’ll be able to brute force the remaining 64 bits. If they see half of a 256-bit code (128 bits), it’s not plausible that they can brute force the other half. We don’t recommend relying on this defense—​either keep your recovery codes very safe or use a method like SLIP39 that lets you distribute your recovery code across multiple locations without relying on the safety of any individual code."

The only thing I would add to that is the simplicity of a 12-word seed phrase.

12 words are much easier to memorise if needed, and you're less likely to mess up during the initial setup of your backup.

You can read Mastering Bitcoin from Andreas Antonopoulos for free on Github here: 

Mastering Bitcoin, Andreas Antonopoulos - Github

You can purchase Mastering Bitcoin from Andreas Antonopoulos on his official website here: 

Mastering Bitcoin, Andreas Antonopoulos - aantonop.com

Giving someone your private key/ seed phrase is giving them absolute control over your Bitcoin.

Losing it means losing complete access to your Bitcoin.

Common types of wallet

Hardware wallets

​​​​A hardware wallet (or cold wallet) is a physical device designed to securely store your Bitcoin private keys offline, protecting them from online threats like hacking or malware. It connects to a computer or smartphone to sign transactions without ever revealing your key, which are then broadcast to the blockchain, ensuring funds remain safe even on compromised computers.

Trezor is a great start in your cold wallet journey, Cold Card is a top tier hardware wallet once you build up some experience. I recommend hardware wallets if you're looking to save in Bitcoin.

Mobile Wallet

Bitcoin mobile wallets are apps for smartphones (iOS/Android) that store private keys, enabling users to send, receive, and manage Bitcoin on the go. They offer convenience with features like QR code scanning for transactions and integration with exchanges or hardware wallets. Wallet of Satoshi is a great mobile wallet that also allows you to use the lightning network. As hot wallets, they’re susceptible to device theft or malware but provide strong security with PINs, biometrics, and seed phrase backups. Ideal for daily use, they’re less secure than hardware wallets for large holdings. Using hot wallets for large amount of Bitcoin is not recommended.

Desktop Wallet

Wasabi-Wallet-Logo_edited.jpg

Bitcoin desktop wallets are software applications installed on computers that store private keys, allowing users to send, receive, and monitor transactions. They offer greater control and security than web wallets by keeping keys offline when not in use, though they remain "hot" wallets vulnerable to malware if your computer is compromised. Popular options like Sparrow and Nunchuk support features such as multi-signature setups, custom fees, and hardware integration for enhanced protection, making them ideal for frequent users while requiring backups and antivirus for safety. Desktop wallets are a great way to start your self-custody journey, as they are free, but remember that the safest way is in a cold wallet.

Conclusion

  • A Bitcoin wallet doesn’t actually hold any Bitcoins; it creates a private key and derives a public key from it. The private key is used to sign transactions of Bitcoins you hold. The public key is used to create Bitcoin addresses to get paid and keep your Bitcoin stash pseudonymous as long as you use a new address each time.

  • Your wallet will keep track of your UTXOs to show your Bitcoin balance, help you construct transactions, and sign them using your private key. UTXOs are like coins or notes in your wallet that haven’t been spent yet. Once you spend them, they stop being a UTXO and are replaced by new UTXOs created by the transaction. 

  • There are many types of Bitcoin wallets, from desktop, mobile, web, or hardware wallets. Each has different pros and cons; a desktop or mobile will be free and easy to use, but with a potential risk of hack if your computer is compromised. A hardware wallet has a cost and can be a bit more complex, but it’s the safest way to hold Bitcoin as your private keys are always stored offline. Choose what wallet works best for you.

bottom of page