Spending Policy

COLDCARD Co-Signing (CCC) - Powerful feature that creates automated multisig wallets protected by user-defined spending policies for enhanced security and control.

What is COLDCARD Co-Signing?

COLDCARD Co-Signing (CCC) is an advanced security feature that adds a second seed to your COLDCARD, known as the Spending Policy Key. This key works alongside your main seed and additional backup keys to create 2-of-N multisig wallets with automated spending policies.

Key Benefits

Automated Security: Spending policies act like a hardware security module (HSM), enforcing rules automatically
Flexible Control: Set transaction limits, spending frequency, and whitelisted addresses
2FA Integration: Optional mobile 2FA authentication for additional security
Policy Enforcement: Automatic signing when conditions are met, manual override available

Spending Policy Features

Magnitude Limits: Cap the amount of Bitcoin that can be spent in a single transaction
Velocity Limits: Restrict how fast transactions can occur, requiring minimum blocks between spends
Whitelisted Addresses: Only allow sending to pre-approved Bitcoin addresses
2FA Authentication: Require confirmations from a mobile 2FA application

How It Works

When CCC is enabled, your COLDCARD holds two keys in a 2-of-3 multisig setup. The spending policy is enforced whenever the Spending Policy Key is used for signing. If all conditions are met, the device automatically signs with both the Main Seed and the Spending Policy Key, giving you control over the funds.

Security Note

Once the spending policy is configured, the COLDCARD cannot view or change it without knowledge of the Spending Policy Key. Policy violations are not explained to prevent adversaries from learning about your security setup.

Learn More

For detailed setup instructions and advanced usage, visit our comprehensive documentation.

View Documentation