Originally published on Unchained.com.
Unchained is the official US Collaborative Custody partner of Bitcoin Magazine and an integral sponsor of related content published through Bitcoin Magazine. For more information on services offered, custody products, and the relationship between Unchained and Bitcoin Magazine, please visit our website.
Properly taking control of your keys requires taking on some additional responsibility, but it’s an essential part of bitcoin security. But what happens when you need to travel? If you hold large amounts of bitcoin in cold storage, should you carry the keys to your bitcoin wallet with you? And if you do travel with one or more keys, what steps do you need to take to stay secure?
Consider these seven tips for traveling with your bitcoin in a way that keeps you in control while minimizing risk.
1. Carry only the wallets you need
Bitcoin allows you to segregate funds into multiple wallets so you only need to carry the keys you need for smaller amounts of bitcoin. You can secure your bitcoin savings in cold storage multisig, while still carrying some sats in a hot wallet on your phone like BlueWallet or Muun.
By only carrying keys to the wallets you need, you can spend and receive bitcoin while leaving the majority of your savings in a secure cold storage setup, such as multisig, that eliminates single points of failure.
2. Consider your destination
Consider your destination and travel plans when evaluating the risks of traveling with your bitcoin keys. What is the relative crime risk at your destination? Is your destination a high-crime nation or city? What will your surroundings be like?
If your destination has higher crime rates or pervasive petty theft, assume your phone will be stolen. Keep good smartphone security, and avoid holding keys to significant amounts of bitcoin on that device. Minimizing potential bitcoin losses by only keeping small amounts in mobile wallets is one consideration, but even storing keys to multisig wallets on your smartphone when traveling can increase the chances of compromise, necessitating an arduous key replacement.
If you’re traveling to an event where ownership of bitcoin is assumed, adjust your security model around the assumption that everyone knows you own bitcoin. That could mean ensuring that any singlesig wallets have a passphrase, or securing smaller amounts of bitcoin with multisig and distributing the keys in your belongings while traveling.
3. Avoid traveling with seed phrase backups
You should always secure your seed phrases, but remember that they are the unencrypted secret for a given key, making them much easier to compromise than a hardware wallet. While your hardware wallet’s private key data is generally secured within a secure element, behind a PIN, and requires a PC to access, seed phrase backups are easier to physically steal, copy, or photograph.
For most normal travel, you should leave your seed phrase backups in a secure storage location and travel with one or more hardware wallets.
If you must travel with a seed phrase backup
You might need to travel with a seed phrase backup in some situations. Moving permanent physical residences (we published a guide that you should read if this is your situation) and traveling to set up a safely-stored key item in a multisig setup are both reasonable reasons to be traveling with your 12- or 24-word seed phrase.
If you must travel with a seed phrase, there are things you can do to minimize the chance of exposure and retain peace of mind:
- Remain inconspicuous in airport security: Put a paper seed phrase backup inside a book, or split up a seed phrase by writing it in a physical notebook using some convention that you will remember. Avoid using suspicious metal locks or cases. If your bag gets pulled for suspicion, there’s a much greater chance your seed phrase will be seen.
- Use a passphrase for singlesig wallets: PINs can protect a hardware wallet, but a passphrase will protect your seed phrase! While passphrases are generally risky compared to other custody setups like multisig, it can make sense to use one with a singlesig wallet while traveling with a seed phrase as long as it’s properly backed up (don’t rely on your memory!).
- Take advantage of traveling companions: Consider a multisig wallet (see below), give a travel companion one seed phrase, keep one seed phrase on your person, and store one seed phrase on a hardware wallet in a checked bag, for example. If you absolutely must ensure that one seed phrase is already at your destination, you can compromise one by storing it temporarily in a password manager prior to leaving (see below).
4. Watch what you say and show
Before an attacker can attack, they need to know who they’re going after. This is where operational security comes in. Much of this advice applies to saving wealth with bitcoin in general, but it’s especially applicable while traveling.
On the go, you’re often at the whims of people and environments you can’t control. These are riskier situations to make it publicly known that you might hold substantial amounts of bitcoin.
- Don’t talk about bitcoin with people you don’t trust: One of the easiest things you can do is simply talk about bitcoin less! Be cautious when “spreading the word.”
- Don’t put bitcoin stickers on your laptop or devices: These are like big neon signs that say, “this device is storing private key data!”
- Don’t wear bitcoin-related merchandise: Especially in places where people know what to look for, wearing merchandise or clothing with bitcoin logos unnecessarily puts a target on your back.
- Don’t talk about how much bitcoin you own: It’s generally a good idea to only share the amount of bitcoin you hold on a need-to-know basis. Knowing you’re a higher-value target might make an attacker consider more extreme or risky actions.
Notably, these behaviors can create physical risk when traveling even if you don’t have any private key data on your person. If someone tries to attack you with a $5 wrench and you don’t have any bitcoin to give them, your bitcoin might survive, but your kneecaps might not!
5. Create a decoy wallet
Whether you’re traveling with a hardware wallet or software wallet, many wallets allow you to make a decoy wallet. Decoy wallets allow you to create a second wallet, entirely separate from your primary one, that you can activate in duress scenarios. With these, you typically add funds you’re willing to lose but significant enough to make the attacker think they got what they wanted.
There are a few different ways to set up a decoy bitcoin wallet:
- Singlesig + passphrase
- Use one key in a multisig quorum
- Duress PIN
Singlesig + passphrase
With a passphrase, you can set up a secondary wallet that would give an attacker access to a small subset of your funds. You could also make the primary wallet a decoy while using a passphrase for your main wallet. Always consider the tradeoffs of using a passphrase, however, and always ensure you have your passphrase properly backed up (it’s case-sensitive).
Multisig
If you use multisig, as long as you can keep it a secret that any given hardware wallet or seed phrase is part of a multisig setup, you can protect yourself by using one of the keys in the quorum as a decoy. To do this, simply use one hardware or software wallet normally part of your multisig setup as a standalone wallet. An attacker could access the funds sent to the singlesig wallet associated with that seed while not accessing—or even knowing about—the wallet constructed with multisig.
Duress PIN
Some wallet makers allow you to set up a duress PIN. With this functionality, you can set up a second PIN that gives an attacker access to a second decoy wallet. If you’re attacked, give the attacker the wrong PIN and let them have the smaller subset of funds in that wallet.
As an example, the Coldcard hardware wallet offers three types of duress PINs: one that unlocks a decoy wallet, one that destroys the seed upon entry, and one that creates a countdown to customizable “brick modes”. These tools offer you confidence that attackers won’t be able to access your primary bitcoin keys—if any at all.
6. Consider multisig to eliminate single points of failure
Bitcoin’s native multisig feature can help create decoy wallets, but it’s also a powerful tool for mitigating travel risk generally. Perhaps you need to travel with private keys, but want to avoid the single point of failure of singlesig wallets. Traveling with three hardware wallets, each key held as one in a multisig quorum, can help reduce your risk.
There are many unique capabilities that multisig opens for you if you’re traveling. Each of the following have security implications and trade-offs to consider beyond the scope of this article, but you could:
- Distribute held keys while traveling: You can travel on a plane with a 2-of-3 multisig where one key is on your person, another key is in a secret compartment in your carry-on luggage, with a third key and seed phrase backups geographically distributed in other secure locations. This keeps three keys separated, requiring two of the three to come together to spend funds.
- Digitally store a seed phrase: Temporarily compromising a seed phrase by storing it in a password manager ensures that at least one seed phrase backup to your multisig quorum is already at your destination. When you arrive at the destination, you can conduct a key replacement for any seed phrase temporarily stored on an internet-connected device.
- Mail yourself a hardware wallet or seed phrase: If you’re traveling with substantial bitcoin funds and you don’t want to expose yourself to theft from physical attacks in a 2-of-3 multisig while traveling, for example, you can mail one hardware wallet or seed phrase your destination, carry one key on your person, and then still be able to spend funds when you arrive.
- Partner countersigns: A custody partner, whether that be a financial institution like Unchained or trusted third-party, can coordinate with you to sign transactions while traveling if you want to travel with a minority of keys in multisig.
You can use a tool like Sparrow, Electrum, or our very own Caravan to construct multisig wallets yourself, and if you need help setting up multisig or understanding travel best practices in the context of collaborative custody, we have a team that can help you with that.
7. Have an inheritance plan
It’s a good idea for anyone with substantive bitcoin wealth to have an inheritance plan, but that’s especially the case when traveling. If something were to happen to you while traveling, you want peace of mind knowing that your bitcoin will be rightfully passed to your next of kin without a hitch.
This would be very difficult if traveling with your self-custody bitcoin in a singlesig wallet, but multisig—and even better for inheritance purposes, including a collaborative custody partner in your multisig setup—can give you the best of all worlds: convenient access to your self-custody bitcoin and peace of mind knowing it will be taken care of in your absence.
We previously wrote an article explaining the intricacies of how to set up an inheritance plan for your bitcoin if that’s something you want to consider before traveling.
More bitcoin security considerations
Traveling procedures are important, but there’s so much more to bitcoin key security. Be sure to check out our guides for seed phrase storage best practices, the trade-offs involved with paper vs. metal seed phrase backups, and if you use multisig, proper security of your wallet config information and principles for storing seed phrases in safe deposit boxes.
Originally published on Unchained.com.
Unchained is the official US Collaborative Custody partner of Bitcoin Magazine and an integral sponsor of related content published through Bitcoin Magazine. For more information on services offered, custody products, and the relationship between Unchained and Bitcoin Magazine, please visit our website.