Bitcoin Threat Models

Perfect security is a myth. Every decision you make about storing your Bitcoin involves a trade-off between security, convenience, and complexity. If you try to build a fortress that protects against a nation-state actor, you might end up locking yourself out in the process.

Before you generate a seed phrase or buy hardware, you need to define your adversary. Who—or what—are you actually protecting your stack against? Here are the five primary threat models every self-custodian must consider.

1. The Systemic Threat (Exchange Collapse)

The Adversary: Insolvent platforms, fraudulent founders, and regulatory seizures.

The Risk: "Not your keys, not your coins." If your Bitcoin sits on an exchange, you hold an IOU, not the asset.

The Defense:

Self-Custody: Moving funds off exchanges into wallets where you hold the private keys.
Zero-Trust: Treating exchanges only as on/off ramps, never as long-term storage.

2. The Physical Threat (The Burglar & The Wrench)

The Adversary: Opportunistic thieves, roommates, or targeted attackers ($5 wrench attacks).

The Risk: Someone gains physical access to your home and finds your seed phrase.

The Defense:

BIP39 Passphrases: Creating a "hidden" wallet behind a custom passphrase.
Decoys: Leaving a small amount of funds on the primary PIN/seed as a decoy.
Geographic Distribution: Storing backups in secure, secondary locations.

3. The Digital Adversary (Malware & Phishing)

The Adversary: Hackers, clipboard hijackers, keyloggers, and malicious firmware.

The Risk: Your computer is compromised, or you are tricked into entering your seed phrase.

The Defense:

Hardware Wallets: Using dedicated signing devices (like a Coldcard or Trezor).
Trusting the Screen: Always verifying the destination address on the device screen.
Verifiable Software: Using robust software like Sparrow Wallet connected to your own node.

4. Environmental Hazards (Fire, Flood, & Time)

The Adversary: Mother Nature, house fires, water damage, and natural degradation.

The Risk: Your paper backup burns, ink fades, or water destroys your records.

The Defense:

Steel Backups: Engraving your seed phrase into marine-grade stainless steel.
Redundancy: Avoiding a single geographic point of failure for physical backups.

5. The "You" Adversary (Memory Failure & Complexity)

The Adversary: Your own brain, time, and over-engineering.

The Risk: You create a setup so complex that you forget how to access it, or make a fatal error.

The Defense:

Simplicity: Choosing the simplest setup that addresses your threat models.
No Brain Wallets: Never relying on memory for passphrases or PINs.
Documentation: Leaving clear instructions for yourself or your heirs.