Casa Blog - Bitcoin Security Made Easy

One of the most important things about using Casa is that you, and you alone, possess the private keys required to access your funds. Casa is here to do everything possible to help you keep your own keys safe and sound without the risk of loss or theft. We believe in building resilient systems that do not have a single point of failure and, as such, provide adequate tooling and information for you to access your funds without Casa. This is the primary purpose of what we call Sovereign Recovery: to provide a fail-safe for even the most unthinkable event, Casa’s failure or disappearance.

In this post, we’ll go over the information you need to access bitcoin held with a Casa vault without ever touching Casa software.

Your recovery instructions

Our Sovereign Recovery instructions are emailed to you every time you create a new keyset. This means you’ll get the instructions when you first set up your Casa account, or whenever you change one of your private keys. The instructions contain the information you need to recreate your wallet on a computer, using your existing hardware wallets and third-party open source tools like Electrum or Specter (see: https://blog.keys.casa/announcing-specter-desktop-compatibility).

To execute these instructions, you’ll download Electrum on your computer and start creating a new M-of-N Setup just like your Casa account. For each of your hardware wallets that you use in your Casa account, you’ll enter the BIP 32 path for your account from the Sovereign Recovery Instructions and then export the extended public key from that hardware wallet at the specified derivation path. For the key that lives on your mobile device and for your Casa recovery key, you will simply enter the extended public key found in your Sovereign Recovery Instructions. You can get these instructions sent to your email at any time in the Casa App through the settings tab.


🔑 BTC Public Keys

Hardware wallet derivation path: m/49/0/9

Mobile Device Key: Ypub6hppT57gtDQPBimDxckeDj8y4VpwvatArrN3iJkhHX9Bzo17gkbMVu4ZMCLnU4F3CTMbVAw66kXDpyUmViS3vAwJaDMzxKd4ubsLC2C3bY1


All of the important information contained in your Sovereign Recovery Instructions can also be accessed from within the Casa App itself. Even if your device has no internet connection, or Casa’s servers are offline, this data is cached on your device and available to you. Simply launch the app, select the device from the security tab and select “View Public Keys''. The Sovereign Recovery instructions can also be accessed any time at a third party site: walletsrecovery.org.

Accessing keys stored on your phone

There are times when you may need to access the private key stored on your phone to access the funds in your wallet. This is especially applicable for the single-key wallet, but also for the default 3-key vault, or for a 5-key vault where you have lost one of your hardware wallets. To handle these scenarios, Casa provides you the ability to access the seed phrase for that key. You can select the device from the security tab and then select ‘Import or Export Backup’ and ‘Export Private Key’. This will give you a 12-word seed phrase, which you can import directly into Electrum instead of the extended public key. This private key export function is available when your device is not connected to the internet, and even if the Casa servers are offline, because the key is only stored on your device.

Summary

At Casa, we believe in empowering users to take control of their keys and their funds. “Not your keys, not your bitcoin” is our mantra. But, as Uncle Ben once said, “With great power comes great responsibility.”

We strive to provide our users with the tools they need to protect their keys and their bitcoin from all potential dangers by eliminating any single points of failure—even ourselves.

Want security tips sent straight to your inbox every week?

Sign up for the Security Briefing for news and tips hand-picked by Casa's experts.