COLDCARD logo
Shopping cart Shop

Get Started with Bitcoin Self-Custody

Bitcoin self-custody means controlling your own private keys. Whoever holds the keys, controls the bitcoin.

This guide covers the complete journey: choosing and verifying a signing device, initializing it, securing the seed phrase backup, and getting connected to your coordinator software.

Before you begin

Four foundational concepts underpin everything in this guide. If any are new to you, read the following articles before continuing.

  • What is Bitcoin private key? A private key is the cryptographic secret that proves ownership of bitcoin and is used to authorize transactions.
  • What is Bitcoin self-custody? Self-custody means holding your own private keys rather than trusting a third party to hold them on your behalf.
  • What is a hardware wallet? A hardware wallet is a dedicated signing device that generates, stores, and uses your private keys in isolated secure hardware.
  • What is a seed phrase? A seed phrase encodes the master secret from which all of your private keys are derived and serves as the backup for your entire wallet.

Choose your Coldcard

Why Coldcard?

Every system that can touch your private keys is a potential attack surface. The fewer systems involved, the smaller the risk. That principle drives how Coldcard devices are built.

Three design principles define the gold standard for private key security:

  • Bitcoin-only firmware. Supporting multiple assets means implementing multiple protocols. Each one adds code, maintenance burden, and attack surface. Bitcoin-only firmware eliminates that complexity entirely: one asset, one purpose, and one codebase to audit.
  • Air-gapped operation. Any connection between a signing device and a networked machine is a potential attack vector. USB, Bluetooth, and WiFi are all such channels. Coldcard signs via QR code or MicroSD, eliminating network-based attack vectors by design rather than by policy.
  • Open-source code. Closed-source firmware requires trusting the manufacturer's claims about what the code does. Coldcard's firmware is publicly available, can be compiled from source, and compared byte-for-byte against what runs on the device.

26.01-QandMk5-1.png

Q or Mk5

Coldcard comes in two versions. If you're unsure which one to choose, read the full side-by-side comparison of the Coldcard Q and Mk5.

  • Coldcard Q: Full QWERTY keyboard, built-in QR scanner for cable-free air-gapped signing, large color display, and battery operation (3 × AAA). Best for users who want the most capable workflow and prefer not to use cables.

  • Coldcard Mk5: Compact 12-key numeric keypad, monochrome display, and USB-C powered. Can display QR codes but has no camera. Best for users who prefer a smaller form factor and are comfortable with MicroSD-based workflows.

Where to buy

Buy directly from Coinkite at coinkite.com, or from an authorized reseller listed on the website. Do not buy from secondhand markets or any seller not listed as authorized. A device that has passed through an unknown chain of custody could have been modified. The tamper-evident packaging provides one layer of verification, but it is not a substitute for buying from a trusted source.

What you will need

  • MicroSD cards. Coldcard uses MicroSD to transfer files between the device and your computer without a network connection. If you have a Coldcard Q, you can sign using QR codes instead, but a MicroSD card is still useful for wallet exports and firmware updates. MicroSD cards are available at coinkite.com.

  • Seed backup material. Writing down your seed phrase is part of the initialization process. Paper is the standard starting point, but metal is more durable for long-term storage. Coinkite makes the Seedplate, a stainless steel plate designed for seed phrase storage.

  • Power source. The Coldcard Q runs on three AAA batteries or a USB-C connection. Batteries are not included and must be sourced separately. The Coldcard Mk5 is powered via USB-C cable. Power accessories are also available at the Coinkite store.

  • Coordinator software. Coldcard devices manage your private keys, including generating, storing, and signing. To watch your balance, set up transactions, and broadcast transactions, you need coordinator software on your computer or phone. A recommended coordinator software is Sparrow Wallet, a free open-source desktop application for macOS, Windows, and Linux. The full setup procedure is in Coldcard and Sparrow Wallet Setup.

  • Additional signing devices (for multisig). If you plan to set up a vault requiring more than one device to approve each transaction, each co-signer needs its own device and seed backup material. Device bundles are available at the Coinkite store for multisig setups.

Acquire your bitcoin

If you do not already own bitcoin, you will need to choose where to buy it. Not all platforms are equal.

Custodial vs. non-custodial

  • Custodial: Most bitcoin exchanges are custodial, meaning they hold the private keys and your bitcoin does not truly belong to you until you withdraw it. Your bitcoin balance is a liability on their books, not actual bitcoin in your possession.

  • Non-Custodial: Non-custodial service delivers bitcoin directly to a wallet you control at the point of purchase, with no holding period and no intermediary holding your keys. Whether a custodial platform is an acceptable arrangement depends on how much bitcoin you plan to hold there and for how long.

A small amount held briefly carries different risk than a larger balance held for months. The larger the balance and the longer the timeframe, the more exposure you carry to that platform's risk of failure, security breach, or regulatory action. The purpose of this guide is to move your bitcoin out of custodial custody and into your own control.

Before committing to a platform, compare these factors:

  • Fees and spread. The fee structure and the gap between buying and selling price both affect how much bitcoin you receive for what you pay.
  • Reputation and operating history. Use platforms with a verifiable track record and a history of handling withdrawals reliably.
  • Withdrawal limits. Some platforms impose daily or monthly limits. Confirm these before signing up, especially if you plan to move larger amounts to your Coldcard.
  • Identity requirements. Most regulated platforms require documentation before you can withdraw. Know what is required before committing.

Bitcoin-only platforms are generally preferred over multi-crypto exchanges. An exchange focused on a single asset can concentrate its operations and security on Bitcoin's specific requirements. Multi-asset platforms may have more of a structural incentive to encourage active trading of multiple crypto coins.

Whatever platform you use, the goal after purchase is to withdraw bitcoin to an address to which you have the exclusive control of the private keys.

Stage 1: Verify your device

Once you have placed your order, your Coldcard (along with any MicroSD cards, Seedplate, or other accessories you ordered) will be delivered. Your Coldcard will be sealed inside a clear tamper-evident bag.

coldcard-bagged-v3.png

Follow these steps upon receipt of the package.

  1. Examine the bag for signs of tampering. Look for damage, punctures, or any evidence the bag has been opened and re-sealed. The bag is designed to show visible distortion if it has been opened.

  2. Find the serial number on the bag exterior. The serial number is printed on a label on the outside of the bag. Note it down.

  3. Check the tear-off tab inside the bag. Inside the bag there is a serialized tear-off tab carrying the same number as the exterior. Confirm both numbers match before going further.

  4. Power on your device. Add the batteries and press the Power On button for one second (Coldcard Q) or connect to a power source via USB-C (Coldcard Mk5).

  5. Confirm the on-screen serial number. After accepting the Terms of Sale, the device displays the serial number stored in its secure memory. This is the definitive check. Confirm it matches the bag exterior and tear-off tab exactly.

If anything looks wrong at any step, do not proceed past the Terms of Sale screen. Contact Coinkite support at [email protected] before going further.

Stage 2: Initialize your device

Initialization sets your PIN and generates the seed phrase that is the cryptographic root of your wallet. PIN setup comes first, followed by a menu step where you select seed generation.

Setting the PIN

Your PIN has two parts: a prefix and a suffix. Each part must be between 2 and 6 digits, giving you a combined PIN of 4 to 12 digits. The format of your PIN could like any of the following:

  • 12-34
  • 1234-5678
  • 872323-39843

Before you can enter the prefix, the device shows two screens to acknowledge: first, an information screen about how the PIN system works, then a warning that there is no recovery path for a forgotten PIN. You must press the specific key indicated on screen to confirm you have read the warning. The PIN is stored in the secure element and cannot be recovered by any means, including by Coinkite.

After entering the prefix, the device displays two anti-phishing words derived from that specific prefix on that specific device. These words prove you are interacting with your real Coldcard and not a substitute device.

You can try a few different prefixes before committing. Each produces a different word pair, and some are easier to remember than others. Once you settle on a prefix you are happy with, write the anti-phishing words down alongside your prefix digits and verify them on every login. If the words ever look unfamiliar, stop and do not enter the suffix.

The confirmation phase re-runs the full sequence: re-enter the prefix, verify the anti-phishing words again, then enter the suffix. This ensures no entry mistake was made during setup.

Coldcard recommends a minimum of four digits in each part, rather than 2 digits. For example, 1234-5678 rather than 12-34. Two-digit parts are permitted but shorter PINs are weaker than longer PINs.

26.01-Mk5-pin-1.png

Generating the seed phrase

After PIN setup, it's time to set up your bitcoin wallet.

You will arrive at your Coldcard's main menu, where you can select New Seed Words. This will lead your device to generate your seed phrase using two independent hardware random number generators from two separate secure element vendors.

You can choose either a 12 or 24 word seed phrase. 24 words provides more entropy, while 12 words is easier to write down, verify, and/or memorize. If you are unsure which to choose, What is a Seed Phrase? breaks down the differences. This decision is made once and cannot be changed without generating a new wallet.

Once the words appear on screen, write each one down on the paper backup card included in the box. Work through them in order:

  1. Read word 1 on the screen.
  2. Write it on the card in position 1.
  3. Repeat for every word until all 12 or 24 are recorded.
  4. Read the full list back from your card against the screen before advancing.

The device then runs a quiz asking you to enter specific word positions from your written backup. The wallet is not activated until the quiz passes. Do not advance past the word list screen until every word is written and verified.

For the full step-by-step procedure with exact menu paths and screenshots, follow Set Up Your Coldcard Q, or Set Up Your Coldcard Mk5.

Stage 3: Secure your seed phrase

Your seed phrase is your recovery mechanism. Anyone who obtains it can access your bitcoin without the device. Anyone who permanently loses it has permanently lost access to any bitcoin that wallet holds.

Two things need to happen now, before you do anything else.

  1. Transfer to metal now, if you have backup material ready. You have just written every word carefully. Do the same on metal while you are still set up, with your paper backup in front of you.

    A metal backup survives fire, flooding, and physical damage that paper cannot. Stamp or engrave each word in order onto the Seedplate or comparable plate, then compare the completed plate against your written list word by word before putting either away.

  2. Keep both backups on physical media only. Do not photograph the seed phrase, type it into any device, paste it into a notes app, save it to a cloud service, or enter it into any website or app that requests it. Any backup that touches an internet-connected device is no longer a secure backup.

You will still need a plan for where to store your seed phrase long-term: a location physically separate from the device, protected against fire and flooding, and accessible only to yourself or someone you trust in an emergency. These considerations need to happen as part of your self-custody plan and should not be put off indefinitely.

For a detailed guide to backup strategies, storage materials, and location decisions, read How to store your Bitcoin seed phrase after completing initialization.

seedplate.png

Stage 4: Connect coordinator software

Your Coldcard stores and protects your private keys, but it cannot connect to the internet or check your balance. This is the role of your coordinator software, which watches your wallet on the Bitcoin network, generates receiving addresses, and builds transactions for your Coldcard to sign.

The private keys never leave your Coldcard device. When you want to spend bitcoin, the coordinator assembles the transaction, the Coldcard signs it, and the coordinator broadcasts the result.

Sparrow Wallet is the recommended choice for a first setup. It is open-source, actively maintained, and works fully air-gapped with Coldcard via MicroSD. The full connection procedure is in Coldcard and Sparrow Wallet Setup.

Export your wallet from Coldcard

Before opening Sparrow, you need to export your wallet descriptor from the Coldcard. With a MicroSD card inserted:

  1. From the main menu, go to Advanced/Tools.
  2. Select Export Wallet.
  3. Select your coordinator software. Sparrow Wallet is listed by name.
  4. The Coldcard writes the wallet file to the MicroSD card.
  5. Return to the main menu and remove the MicroSD card.

Take that card to your computer and open Sparrow Wallet. The full import procedure is in Coldcard and Sparrow Wallet Setup.

What Sparrow can and cannot do

Once the wallet is imported, Sparrow watches your addresses on the Bitcoin network and displays your balance. It can generate receiving addresses and build transactions. It cannot sign or broadcast a transaction on its own because the private keys exist only on your Coldcard. Spending bitcoin always requires the device.

This is possible because of how Bitcoin works. When you exported your wallet from Coldcard, you exported your XPUB, an extended public key from which all of your receiving addresses can be derived. Sparrow uses the XPUB to generate addresses and monitor incoming funds. Generating an address and controlling the funds at that address are two different things. Anyone can send bitcoin to an address. Only the holder of the corresponding private key can spend it.

Receiving your first bitcoin

With your wallet connected, you are ready to receive bitcoin. Get a receiving address from Sparrow's Receive tab, then verify it on the Coldcard screen via Address Explorer before using it, which can be accessed from your Coldcard's main menu. This confirms the address belongs to your device and protects against attacks where compromised software substitutes a different address.

Once verified, paste your Bitcoin address into your exchange withdrawal screen, enter the amount, and submit. The bitcoin will arrive in your Sparrow wallet once the transaction is confirmed on the network.

When the transaction settles, the bitcoin is held at an address where you control the private keys. No exchange, no custodian, and no third party can move it without your Coldcard.

As you begin transacting, it is worth understanding how to properly manage your bitcoin. Below are resources to ensure you are equipped.

  • UTXO management: Bitcoin arrives in discrete amounts known as UTXOs, and how you manage and spend them has consequences for fees and privacy.
  • Transaction security: Sending bitcoin correctly requires more than having the right address, and small mistakes at signing time are not recoverable.
  • Bitcoin privacy: Every transaction you make is permanently visible on a public blockchain, and without some awareness of that, your financial activity is an open record.

Common mistakes

Below are errors that can occur in a first Coldcard setup. Each one is preventable.

  1. Buying from an unauthorized seller. Only buy from Coinkite at coinkite.com or a listed authorized reseller. A device from an unknown seller may have been modified before it reached you. No price difference justifies that risk.

  2. Powering on a device with a compromised bag. If the tamper-evident bag shows damage, punctures, or signs of re-sealing, stop. Contact Coinkite support before doing anything else with the device.

  3. Writing seed words out of order or with errors. The word sequence is the key. Copy each word carefully, one at a time, in the exact position shown. Do not rely on memory and do not rush.

  4. Storing the seed phrase digitally. A photo on your phone, a note in a cloud app, or a file on your computer stores the seed phrase on an internet-connected device. This defeats the purpose of self-custody entirely.

  5. Keeping the seed phrase and the Coldcard in the same location. If one location is compromised, the combination of device and seed phrase gives an attacker full access. Store them separately.

  6. Skipping the seed verification quiz. The quiz is the only moment in initialization where you confirm your written backup is accurate. A backup that has never been verified is one you cannot rely on.

  7. Skipping address verification after connecting Sparrow. If Sparrow is watching a different wallet than your Coldcard, funds sent to its addresses cannot be recovered by your device. Verify the first address before receiving anything.

  8. Entering your seed phrase anywhere that asks for it. No legitimate software, service, or support agent will ever ask you to enter your seed phrase outside of your Coldcard's own recovery procedure. Any request for seed phrase entry is an attempt to steal your bitcoin.

Troubleshooting

Symptom Potential cause Resolution
Tamper-evident bag arrives damaged or shows signs of re-sealing Packaging may have been compromised during shipment or prior to it Do not power on the device. Contact Coinkite support at [email protected].
Serial number on bag does not match the number displayed on screen during setup Incorrect device packaged or labeling error Do not continue setup. Contact Coinkite support before proceeding.
Seed phrase quiz fails repeatedly Written words contain a transcription error Coldcard permits re-attempts. During the quiz, press ✔/ENTER to request the full word list on screen, then compare each word carefully against your written backup before trying again.
PIN forgotten before any bitcoin has been received No recovery path exists for a forgotten PIN Restore your existing seed phrase to a new device using your written backup. No funds are at risk as no bitcoin was deposited.
Sparrow's first receiving address does not match Coldcard's Address Explorer Wrong wallet exported, export did not complete, or passphrase wallet mismatch Re-export from Coldcard. If using a BIP-39 passphrase, confirm it is applied on Coldcard before exporting.

What to do next

This guide has covered the self-custody journey at an overview level. The device setup guides provide the full step-by-step procedure for your specific device, including screenshots and exact menu paths for PIN setup, seed generation, and the verification quiz.

Next guide (Q owners): Set Up Your Coldcard Q covers a device-specific overview, first power-on through PIN setup, seed generation, and the verification quiz.

Next guide (Mk5 owners): Set Up Your Coldcard Mk5 covers a device-specific overview and the same milestones adapted for the Mk5's 12-key keypad.

Next guide: Coldcard and Sparrow Wallet Setup covers setting up your coordinator software with Sparrow Wallet and receiving your first bitcoin into self-custody.

Set Up Your Coldcard Q

The step-by-step initialization guide for Coldcard Q owners: PIN setup, seed generation, and first power-on.

Read guide

Set Up Your Coldcard Mk5

The same initialization milestones adapted for the Mk5's 12-key keypad.

Read guide

How to Store Your Bitcoin Seed Phrase

A complete guide to seed phrase backup: storage materials, security principles, and location strategy.

Read article

Why Use a Hardware Wallet?

The reasoning behind a dedicated signing device and what it protects against that software custody cannot.

Read article

Technical Claims Log

Claim Source
Coldcard does not connect to the internet during setup or use coldcard.com/docs/specs/ — open-source firmware architecture
Two hardware random number generators from two independent secure element vendors coldcard.com/docs/master-seed/
PIN is two-part: prefix and suffix; anti-phishing words derived from prefix coldcard.com/docs/pins/
Secure element enforces a limit on incorrect PIN attempts; PIN cannot be recovered coldcard.com/docs/pins/
Serial number verifiable at coldcard.com/verify coldcard.com/docs/q-quick/, coldcard.com/docs/quick/
Export path: Advanced/Tools > Export Wallet > Sparrow coldcard.com/docs/descriptor_export/
Address Explorer is on the Coldcard main menu coldcard.com/docs/address-explorer/
MicroSD must be FAT32 or FAT12 coldcard.com/docs/microsd/
Coldcard Q requires three AAA batteries (not included in box) or USB-C power coldcard.com/docs/coldcard-q/ — "Batteries not included" stated explicitly
Seed phrase quiz is required before wallet becomes active coldcard.com/docs/master-seed/