bitcoin best practices - bitcoin core + specter + coldcard guide

requirements: computer, coldcard, battery pack, usb cable, microsd card, card reader, dice

The goal of this guide is to get you setup with using bitcoin in a reasonably easy, affordable, and secure way. After you get comfortable with this setup you can easily upgrade your security and privacy without changing the software you are using.

minimum setup cost: ~$150 + computer
recommended full setup bundle cost: ~$300 + computer

  1. receive coldcard
    a. best to buy in person at a conference or meetup
    b. second best to ship to an address that is not your home, using a burner email + phone number, and bitcoin for payment
  2. check bag for tamper
    Example of bagged unit
  3. open bag, check device for tamper
  4. download newest firmware
  5. verify it (video guide)
    a. import the coldcard signing key: curl | gpg --import
    b. the signing key downloaded should be: 4589779ADFC14F3327534EA8A3A31BAD5A2A5B10
    c. download signatures.txt from github
    d. verify the signature: gpg --verify signatures.txt
    e. calculate the hash of the firmware file: 2021-04-29T1725-v4.1.0-coldcard.dfu
    f. confirm it is the same hash as the one shown inside signatures.txt
  6. load it on to microsd card
  7. connect CC to battery, power on
    a. some battery packs do not stay on for low power devices, I really like the bare board coldpower offered directly from coinkite
  8. check bag number on device
  9. use microsd to install latest firmware
  10. check bag number again
  11. create pin
  12. create new wallet
  13. press 4 to add dice
  14. roll at least 100 times
    a. if you wish to verify the dice rolls you can here
  15. backup your wallet by storing the secret backup word phrase somewhere safe and offline
    a. this is called your seed
    b. anyone with access to this phrase can spend your coins, never enter it into your computer, only enter it directly into your coldcard when restoring from backup
  16. download specter desktop
    a. it is best practice to use a dedicated computer - if a malicious actor gets access they can compromise your privacy and potentially steal funds
  17. verify it
    a. download signing key
    b. fingerprint of the key is 5DF6 A760 1DB8 B78E BDEC 18DB 5D27 DE56 4153 F2BD
    c. import key: gpg --import ben-kaufman.asc
    d. download signed hashes from github
    e. verify signed hashes: gpg --verify sha256.signed.txt
    f. confirm hashes are the same: sha256sum -c sha256.signed.txt specter_desktop-v1.3.1-x86_64-linux-gnu.tar.gz | grep OK
    g. if ben is not available the release may be signed by stepan with this key, fingerprint: 6F16 E354 F833 93D6 E52E C25F 36ED 357A B24B 915F
    h. more comprehensive verification guide if you are confused
  18. install specter desktop
  19. wait for sync
  20. proceed with specter wallet setup wizard
    a. full specter guide can be found here if you have issues


This is not sponsored content. This is my personal opinion on best practices. No affiliate links. No ads. If you appreciate this guide consider buying me a drink.

The content above provides education as to general privacy and security practices when using bitcoin. Should you choose to apply the practices described in linked content with bitcoin you own now or may purchase in the future, you do so at your own risk and I shall in no event be liable for any financial loss suffered. Nothing shall be construed as providing consulting, financial advice or general advice as to securing bitcoin.