FIRST RUN

From sealed bag to first test spend.

Use a small amount. You are checking the device, backup, receive address, signing flow, and recovery before adding the stack.

The checklist

  1. Set up away from cameras.

    Open the package somewhere private. No livestream, no screen share, no phone camera. Seed words and backup passwords never go into another device.

  2. Inspect the bag and run the genuine check.

    Check the tamper-evident bag, then follow the device prompts. COLDCARD shows anti-phishing words after the PIN prefix; learn them before you enter the suffix on future logins.

  3. Create a new seed on COLDCARD.

    Generate a new 24-word seed on the device. Add dice rolls if you want extra randomness, but keep the normal flow unless you know why you're changing it.

  4. Write the seed offline.

    Paper is fine while setting up. Long term, use metal. No photos, cloud notes, printers, or typing the words into a computer.

  5. Export a watch-only wallet.

    Export the wallet file, xpub, or descriptor. Sparrow, Cove, Nunchuk, and Specter can build transactions while COLDCARD keeps the keys.

  6. Verify a receive address on-device.

    Your computer or phone can lie. Before sending even the test amount, compare the address shown in the wallet app with the address shown on COLDCARD.

  7. Sign one small transaction.

    Create an unsigned PSBT in the wallet app. Move it by MicroSD, Virtual Disk, NFC, or QR on Q. On COLDCARD, check destination, amount, fee, and change before signing.

  8. Restore before the stack.

    Restore from your backup. Confirm the same wallet fingerprint and first receive addresses before adding more bitcoin.

Leave for later

Passphrases, duress wallets, Brick Me PIN, countdown PIN, SeedXOR, BIP-85, and multisig are not first-hour tasks. Add them after you have recovered a plain wallet.

You're ready when

You can log in, recognize the anti-phishing words, match a receive address, sign a small PSBT, and recover from backup.