Skip to main content

Vault | Bitcoin Glossary | Mapping Bitcoin

Vault

Security

Also known as: Bitcoin vault, covenant vault

An advanced Bitcoin custody scheme that uses timelocks and multi-step spending conditions to add a recovery window during which unauthorized transactions can be clawed back. Vaults provide enhanced security for long-term bitcoin storage.

Overview

A vault is a Bitcoin custody mechanism that adds a time-delayed withdrawal process, allowing the owner to detect and reverse unauthorized spending attempts during a predefined recovery window. Unlike standard cold storage, where a stolen key means immediate loss of funds, vaults provide a second line of defense through multi-step spending conditions.

How Vaults Work

Standard Spend:
  Key compromised → Attacker spends immediately → Funds lost

Vault Spend:
  Step 1: Initiate withdrawal (broadcast "unvault" tx)
           |
           |  ┌──────────────────────────┐
           |  │  RECOVERY WINDOW         │
           |  │  (e.g., 24-48 hours)     │
           |  │                          │
           |  │  Owner can cancel and    │
           |  │  move funds to recovery  │
           |  │  address using emergency │
           |  │  key                     │
           |  └──────────────────────────┘
           |
  Step 2: After timelock expires → Withdrawal completes

  If attacker triggers Step 1:
    Owner detects → Cancels → Funds safe

The recovery window gives the legitimate owner time to react. If they see an unauthorized unvaulting attempt, they can use an emergency recovery key to sweep funds to a secure backup address before the timelock expires.

Implementation Approaches

Pre-signed Transaction Vaults

Using current Bitcoin script capabilities, vaults can be constructed by pre-signing a chain of transactions:

  1. Deposit into a vault address requiring a specific spending path
  2. An "unvault" transaction moves funds to a time-locked intermediate address
  3. After the timelock, a "completion" transaction sends funds to the final destination
  4. At any time during the timelock, a "recovery" transaction can redirect funds

Covenant-based Vaults

Proposed covenant opcodes (like OP_VAULT in BIP345) would make vault construction more practical by allowing outputs to directly enforce spending restrictions without pre-signed transaction chains. This would simplify vault management and reduce the risk of losing pre-signed transactions.

Use Cases

  • Institutional custody: Exchanges and custodians holding large amounts of bitcoin can use vaults to add a withdrawal delay.
  • Personal savings: Long-term holders can protect against key compromise with a recovery window.
  • Inheritance: Vaults combined with timelocks can facilitate estate planning for bitcoin holdings.

Limitations

  • Pre-signed vaults require careful key management and secure storage of the pre-signed transactions themselves.
  • The recovery window introduces delays for legitimate withdrawals.
  • Full covenant-based vaults require protocol changes that are still under discussion in the Bitcoin development community.

Related Terms

TimelockProtocol

A restriction that prevents bitcoin from being spent until a specified time or block height is reached. Bitcoin supports absolute timelocks (nLockTime, OP_CHECKLOCKTIMEVERIFY) and relative timelocks (nSequence, OP_CHECKSEQUENCEVERIFY), which are essential for Lightning Network and other protocols.

Cold StorageSecurity

A method of storing Bitcoin private keys on a device or medium that is not connected to the internet, providing protection against remote hacking and malware. Examples include hardware wallets, paper wallets, and air-gapped computers.

MultisigSecurity

A Bitcoin transaction authorization scheme that requires multiple private keys to sign a transaction, expressed as M-of-N (e.g., 2-of-3 means 2 signatures from 3 possible keys). Multisig enhances security by eliminating single points of failure.

Spending ConditionProtocol

The set of requirements encoded in a transaction output's locking script that must be satisfied to spend the associated bitcoin. Spending conditions can include signatures, hash preimages, timelocks, or combinations thereof.