Skip to main content

Cold Storage | Bitcoin Glossary | Mapping Bitcoin

Cold Storage

Security

Also known as: cold wallet, offline storage

A method of storing Bitcoin private keys on a device or medium that is not connected to the internet, providing protection against remote hacking and malware. Examples include hardware wallets, paper wallets, and air-gapped computers.

Overview

Cold storage refers to any method of securing Bitcoin private keys in an environment that is completely disconnected from the internet. By keeping keys offline, cold storage eliminates the risk of remote attacks, malware, and other network-based threats. It is the recommended approach for securing significant amounts of bitcoin intended for long-term holding.

Cold Storage Methods

Method              Security    Usability    Cost
─────────────────────────────────────────────────────
Hardware wallet     High        Medium       $50-250
Air-gapped computer Very High   Low          $200+
Paper wallet        Medium      Very Low     Free
Steel/metal backup  High        Very Low     $20-80

Cold vs Hot Storage

┌──────────────────────┐     ┌──────────────────────┐
│     HOT WALLET       │     │    COLD STORAGE      │
│                      │     │                      │
│ ✓ Connected to net   │     │ ✗ No internet access │
│ ✓ Convenient         │     │ ✓ Maximum security   │
│ ✗ Vulnerable to      │     │ ✗ Less convenient    │
│   remote attacks     │     │   for spending       │
│                      │     │                      │
│ Use for: daily       │     │ Use for: savings,    │
│ spending, small      │     │ large amounts,       │
│ amounts              │     │ long-term holding    │
└──────────────────────┘     └──────────────────────┘

Hardware Wallets

Hardware wallets are the most popular form of cold storage. These dedicated devices store private keys in secure elements and sign transactions internally without ever exposing the keys to a connected computer. Popular options include Trezor, Ledger, Coldcard, and BitBox.

Best Practices

  • Never store seed phrases digitally: No photos, no cloud storage, no text files
  • Use durable backup media: Stamp your seed phrase into stainless steel to protect against fire and water damage
  • Test recovery: Verify that you can restore from your backup before depositing significant funds
  • Consider multisig: A 2-of-3 multisig setup provides both security and redundancy

Common Misconceptions

A common mistake is believing that a hardware wallet is only "cold" while disconnected. In fact, the key distinction is that the private keys never leave the secure element of the device, even when it is plugged into a computer. The device signs transactions internally and only outputs the signed transaction, never the keys themselves.

Related Terms

Hardware WalletSecurity

A dedicated physical device that stores Bitcoin private keys in a secure element and signs transactions offline, protecting keys from exposure to internet-connected computers. Popular hardware wallets include Trezor, Ledger, and ColdCard.

Hot WalletSecurity

A Bitcoin wallet connected to the internet, offering convenience for frequent transactions but with greater exposure to potential hacks and malware. Hot wallets are suitable for smaller amounts used in day-to-day spending.

Paper WalletSecurity

A form of cold storage where Bitcoin private keys and addresses are printed on a physical piece of paper. While paper wallets were popular early in Bitcoin's history, they are now considered less secure than hardware wallets due to risks in generation and usage.

Key PairCryptography

A mathematically linked pair of cryptographic keys: a private key (kept secret) used to sign transactions and a public key (shared openly) used to verify signatures and derive addresses. The private key can generate the public key but not vice versa.