Private key management
Protecting a user’s private keys comes with no less responsibility than safeguarding their bank accounts. That puts private key management at the center of all bitcoin application design considerations. It also presents a problem: if your application is not secure enough, you risk losing the user’s funds. But if it’s not convenient enough, you risk losing the user.
This chapter is an overview of private key management schemes, including descriptions of available approaches, advice, and best practices. After this chapter, you should be able to choose a solution that is suited to your users.
Get to know the most common bitcoin private key management schemes, then follow our guidelines to pick the right one for your users.
A single key is stored locally on the device. No user action is required for backup.
A single key is stored locally on the device. User action is required for backup with a recovery phrase.
A single key that is not stored on the same device as the wallet application.
A single key is split up, with each part stored in separate locations.
A wallet that is managed by multiple independent keys of which at least one is stored on a separated device from the wallet application.
Same as the multi-key scheme, but with keys managed by different people, requiring additional coordination.
A straightforward guide to safe manual backups.
Start at the top with private key schemes.