• 7 Self-Custody Mistakes That Cost Bitcoiners Their Stack
  • 1. The “I’ll Remember” Seed Phrase
  • 2. The Single Location Backup
  • 3. The Untested Recovery
  • 4. The Bus Factor of One
  • 5. The “Security Theater” Setup
  • 6. The Forgotten Passphrase
  • 7. The Outdated Firmware

§7 Self-Custody Mistakes That Cost Bitcoiners Their Stack

Self-custody is the whole point of Bitcoin. But doing it wrong is worse than using an exchange — at least Coinbase has a support team.

Here are real mistakes I’ve seen, and how to avoid each one.

§1. The “I’ll Remember” Seed Phrase

What happens: You memorize your 24 words. Six months later, you can’t remember if it was “abandon” or “about” for word 3.

Fix: Write it down. Yes, on paper. Store it properly. A $2 steel plate from Amazon survives house fires. Your memory doesn’t survive stress.

§2. The Single Location Backup

What happens: Seed phrase in a safe deposit box. Bank closes the branch. Or: seed phrase in your desk drawer. House floods.

Fix: Geographic distribution. At minimum, two copies in two locations. Multisig if your stack justifies the complexity.

§3. The Untested Recovery

What happens: You set up your hardware wallet perfectly. Three years later, you need to recover. The firmware is incompatible, or you wrote down the wrong derivation path, or you can’t remember your passphrase.

Fix: Test recovery immediately. Send a small amount, wipe the device, restore from backup, verify the balance is there. Do this annually.

§4. The Bus Factor of One

What happens: You get hit by a bus. Your family knows you “have Bitcoin.” They don’t know how to access it. Your stack becomes a donation to all other holders.

Fix: Create an inheritance plan. It doesn’t have to be complex — a sealed letter with instructions, stored with your will. Your heirs don’t need to understand Bitcoin, they need to understand steps.

§5. The “Security Theater” Setup

What happens: You buy a hardware wallet but still check your balance on a phone app connected to a third-party server. Your IP, your balance, and your transaction history are now logged by someone else.

Fix: Run your own node. Connect your wallet to your node. If that’s too much, at least use a privacy-focused block explorer over Tor.

§6. The Forgotten Passphrase

What happens: You add a BIP39 passphrase for extra security. You don’t write it down because “it’s just one word.” Two years later: was it Capital-P? Did it have a number?

Fix: Treat the passphrase with the same seriousness as the seed phrase. Back it up separately. A passphrase you can’t remember is just encryption against yourself.

§7. The Outdated Firmware

What happens: Your hardware wallet has a known vulnerability that was patched 18 months ago. You never updated.

Fix: Check for firmware updates quarterly. Subscribe to your wallet manufacturer’s security advisories. The 5 minutes it takes could save your entire stack.

Self-custody isn’t a one-time setup — it’s an ongoing practice. The best time to audit your setup is before you need it.

If you want a quick check of your digital exposure, I built a free privacy audit tool: http://5.78.129.127/privacy-audit

No signup, no tracking. Because a security tool that surveils you is just irony.

⚡ Tips appreciated: devtoolkit@coinos.io