A Bitcoin key ceremony is the formal process of generating, verifying, and distributing multisig keys securely. Here's how to conduct one for a 2-of-3 self-custody setup.
A key ceremony is the formal process of generating, verifying, and distributing multisig Bitcoin keys. Done properly, it ensures that your multisig wallet is secure from the moment of creation — no single person or system ever had access to all keys simultaneously, and the ceremony is documented for future reference.
Key ceremonies are standard practice for institutional Bitcoin custody. Individual holders with large amounts can apply the same principles at home.
With a single-signature wallet, setup is simple: one device generates a seed phrase, you write it down, done.
Multisig is more complex:
Multiple devices, multiple seed phrases: A 2-of-3 multisig has three separate hardware wallets, each with its own seed phrase. All three must be set up and the extended public keys (xpubs) combined into the multisig wallet configuration.
Configuration export: The combined wallet configuration (which public keys are in the multisig) must be exported and backed up. If you lose this configuration, you may not be able to reconstruct the multisig wallet even if you have all three seed phrases.
Trust model: If the same person generates all three keys on the same computer at the same time, the security benefit of multisig is partially undermined — a compromised computer could see all keys during setup. A proper ceremony separates key generation.
1. Air-gapped or offline devices for key generation
Generate each seed phrase on an offline hardware wallet that has never connected to the internet. The seed phrase should never appear on or travel through an internet-connected computer.
2. Separate generation for each key
Each key should be generated in a separate step — ideally at different times and in different physical locations (or at minimum with different devices that cannot communicate).
3. Documentation of the wallet configuration
After creating all keys, export the multisig wallet configuration (the combined xpubs from all hardware wallets) and back it up. This configuration is needed to reconstruct your wallet if you ever restore from seed phrases — it tells Bitcoin how to combine the keys into the multisig.
4. Verification
Verify that the multisig wallet actually works by receiving a small test amount and confirming you can spend it with the required number of keys.
5. Witness (optional but recommended)
For high-value ceremonies, having a trusted witness observe and attest to the process creates accountability and documentation.
Using Coldcard Mk4 x3 + Sparrow Wallet:
Device 1 (your primary key):
Device 2 (secondary key — different day and/or location if possible):
Device 3 (your backup key — different physical location):
Sparrow will generate receive addresses that require any 2 of 3 keys to spend.
Only after successful verification should real funds be moved to this wallet.
After the ceremony:
Key 1: Keep at home in a secure location (safe, hidden, or safety deposit box) Key 2: Keep in a different secure location (different room, different safe, or a bank) Key 3: Keep in a third location (another family member's home, attorney's office, or bank in another city)
Wallet configuration: Back up in two or more locations, separate from any individual key
Seed phrases: Never store any two seed phrases in the same location
If a home multisig key ceremony feels too complex, collaborative custody services do the hard parts for you:
These services still require you to generate and hold your own keys — but they guide you through the process and hold one key in institutional custody, simplifying the ceremony significantly.
Create a document that records:
Store this documentation in a sealed envelope with your estate documents — it's what your heirs will need to access your Bitcoin.
A Bitcoin key ceremony is the formal process of generating and distributing multisig wallet keys securely — ensuring no single point of compromise, properly backing up the wallet configuration, and verifying the setup works before loading real funds.
A full ceremony is less critical for single-signature setups. But the core principles — air-gapped generation, proper seed phrase backup, and verification testing — apply to all hardware wallet setups.
Yes, but this reduces security — if the computer is compromised, the attacker could see keys from multiple devices during the export/import process. Generating keys on truly air-gapped devices (Coldcard with microSD-only workflow) is more secure.
A wallet descriptor is the file containing all public keys and the multisig parameters. It's needed to reconstruct your multisig wallet if you ever restore from seed phrases. Without it, you'd have to manually reconstruct the wallet configuration — harder, but possible if you know the setup parameters.
See our Bitcoin Custody Directory for collaborative custody options. See also: Bitcoin Multisig Cold Storage Setup and Unchained Capital Review.
Get our free Beginners Guide to Buying Bitcoin plus weekly insights for long-term holders.
Holding Bitcoin in a trust requires specific custody arrangements and trust document provisions that standard estate planning ignores. This guide covers revocable and irrevocable trust structures, custody options, and Wyoming's Bitcoin-friendly laws.
Proof of reserves lets Bitcoin custodians cryptographically prove they hold the assets attributed to customers. This guide explains how Merkle tree PoR works, its limitations, which custodians provide it, and how to verify your own balance.
Multi-signature Bitcoin custody for DAOs, companies, and organizations — governance structures, key holder assignments, spending policies, and custody solutions for org treasuries.