Casa Blog - Bitcoin Security Made Easy

Self-custody just got even easier.

Today, Casa is introducing a breakthrough for the future of bitcoin security: for the first time ever, you can secure your bitcoin keys with a YubiKey.

The quick summary

Casa builds digital vaults for your bitcoin with multiple keys secured across multiple devices. These vaults consist of three keys with our Standard plan and five keys with our Premium and Private Client plans.

Until recently, our vaults have consisted of a mobile key on your phone, the Casa Recovery Key for backup purposes, and at least one hardware wallet. Now, you can use a YubiKey instead of a hardware wallet.

What’s a YubiKey?

YubiKeys are small hardware devices known as security keys, most commonly used for multi-factor authentication (MFA), handling TOTP codes and signing, encrypting, and decrypting messages.

Many long-time bitcoiners and crypto owners are familiar with YubiKeys. Major exchanges like Coinbase and Kraken have the option to log in with security keys, and you can use them to lock down your accounts with Google, Apple, Amazon and many more services. More than 28 million YubiKeys have been sold to date around the world.

How it works

YubiKeys have been around for years, and a few months ago, they received an important upgrade that expanded their secure data storage capabilities, allowing us to securely store a bitcoin seed phrase on the YubiKey itself. Yubico, the manufacturer of YubiKeys, also increased the passkey storage capacity to 100 which allows frequent users of passkeys and OATH one-time passwords to move to go fully passwordless with passkeys.

Passkeys use public-key cryptography similar to blockchains and are device-bound on a YubiKey, so the passkey private key never leaves the device. In addition to the private key never leaving the device, passkeys are cryptographically bound to the domain where they are used, eliminating one of the largest threats in cybersecurity and bitcoin: phishing.

When you use a YubiKey to secure your Casa vault, a seed phrase is generated on your laptop or computer and then stored securely on the YubiKey protected by the passkey you just created. That seed phrase is then only accessible when you successfully authenticate with the Casa domain using the YubiKey itself. This means you can’t be tricked into signing a transaction through a fake Casa website — the passkey will refuse to decrypt the seed phrase.

Similar to your mobile key secured on your phone, Casa never stores your keys, even in encrypted form. It remains in your self-custody.

When setting up your YubiKey for one of your vaults, you also have the option to back up a seed phrase to ensure Sovereign Recovery — this means you can always access your bitcoin vault even in the event that Casa is unreachable.

finger-tapping-yubikey-in-laptop
YubiKeys are easy to use. When prompted, just tap the icon to sign a transaction.

Tap to sign: Why YubiKeys change the game

We build secure multi-key vaults using a number of vetted, battle-tested devices from companies like Ledger, Trezor and Coinkite and are always on the lookout for new devices Casa members can use to improve the experience of using private keys. That led us to YubiKeys. 

YubiKeys are incredibly easy to use and remove the friction most people have with traditional hardware wallets. When you’re not using your YubiKey to secure your Casa vault, you are free to use it to secure your Coinbase, Apple, Google, Proton and other accounts. You can also simply keep it secured in your safe. It’s up to you.

The introduction of YubiKeys welcomes a new level of flexibility for our members. Every Casa member can choose the best hardware for their particular situation — there’s no such thing as a one-size-fits-all threat model. Options for securing your vaults include: a YubiKey + a hardware wallet, multiple YubiKeys, or even replace the mobile key with a YubiKey. This variety allows your self-custody to be malleable and effective.

hardware-device-choices-in-casa-app
Select YubiKey during setup to add to your vault.

What’s next?

We see this as a big moment for self-custody, and we believe all bitcoiners can benefit from this new technology. Security research firm Halborn recently conducted a security audit of our YubiKey feature, and we plan to make the core code open source in the near future.

YubiKeys are simple, elegant, and most importantly, highly secure devices, and we’re excited to help you tap into their potential.


Never worry about your bitcoin again

Casa helps you protect your bitcoin from hacks, burglars, and accidents. With a 3-key vault, your bitcoin is still safe even if one of your keys is compromised, and you can access best-in-class support from our team of security experts. 

Here's the kicker: it’s free to try for 30 days. Get started here.