Casa Blog - Bitcoin Security Made Easy

Casa App, the best way to secure your bitcoin, now works with Coldcard!

For the Coldcard faithfulwelcome aboard! We’ve worked with the Coinkite team over the past several months to make Casa the easiest way to use your Coldcard with multisig, bar none.

For an extremely limited window, all existing Coldcard users get a flash 10% discount on ALL Casa memberships! Just use this super secret code:  'COLDCARD'

For Casa membersyou can now use a Coldcard as one of the hardware wallets in your Casa multisig account. For our premium tier 3-of-5 users, this means that each of your 3 hardware devices can be a completely different brand, further securing you against supply chain attacks and manufacturer-specific vulnerabilities.

Additionally, Casa + Coldcard users can now benefit from the ability to perform airgapped signing operations. This makes it more feasible to sign transactions from inside of highly secure physical locations, such as vaults that may block all cell signals and Internet access, or from highly remote areas with no connectivity.

Interested in getting a Coldcard to use with your multisig? For a limited time, all Casa members get a 15% discount on the Coldcard Mk3! (Check your inbox for the code.)

What Makes Coldcard Different?

A core feature of Casa’s security model is leveraging different hardware models from different manufacturers. Casa multisig protects users from supply chain attacks and device-specific vulnerabilities.

In our view, Coldcard brings a distinctly new security model to the hardware wallet space:

  • The private key is stored in a secure element (Microchip ATECC608A), but it still uses completely open source hardware and software.
  • It has airgapped signing, so it never has to be connected to an online computer.
  • Coldcard is also the world’s first hardware device that supports PSBT "Partially Signed Bitcoin Transaction Format" (BIP 174). This standard improves multisig wallets in several ways!

Before PSBT, there was no standard for how to save partially signed transactions; as such, transactions created with one set of software would often be unrecognizable by other software. Additionally, the PSBT format includes a lot of metadata that enables cosigners to verify the integrity of output addresses by deriving the addresses themselves.

Note: Coldcard is built for advanced Bitcoin users. Airgapped signing has benefits, but is not as simple as plugging in a Trezor or Ledger and signing a transaction via a USB connection. Also note that performing a Sovereign Recovery (recovering your coins outside of Casa's systems) with Coldcard requires Electrum version 4.0.0. This version has not yet been released as an executable, meaning that were anything to happen to Casa, you will need to run Electrum from its source code to safely recover funds.

Signing a transaction with Coldcard requires:

  1. Downloading the partially signed bitcoin transaction data onto a microSD card
  2. Carrying the SD card to your Coldcard
  3. Plugging the Coldcard into an appropriate power source
  4. Signing the transaction data on the device
  5. Uploading the signed data back to your Keymaster app

For the best experience, we also recommend additional configuration on the device itself. It’s especially important to be running the most recent version of your Coldcard firmware (3.1.x or later), and we only recommend using the Mk3 or later models because older models have less memory and may not be able to sign transactions with many inputs.

What are you waiting for?

Ready to add a Coldcard to your multisig setup? Our full Getting Started guide is available here. We'll have you up and running in no time!

Not yet using Casa, but ready to upgrade your physical security? You can choose your  membership level here.

Stay up to date

Join the Casa Intelligence Briefing to stay up to date on news from Team Casa! Plus actionable reports on developments that impact your personal security and privacy.