COLDCARD logo
Shopping cart Shop

What is a Bitcoin Wallet?

A Bitcoin wallet is a tool, app, or device that stores private and public keys needed for transacting bitcoin.

The term "Bitcoin wallet" can be a bit misleading. Unlike a physical wallet that holds paper cash, a Bitcoin wallet does not hold bitcoin at all. Bitcoin exists as records on a distributed public ledger that is maintained by countless independent computers worldwide. What a Bitcoin wallet does is let you authorize access to update those records.

There are numerous types of Bitcoin wallets, but the critical question for any wallet is who controls the private keys. A private key is the cryptographic secret that gives its holder the right to spend bitcoin from a given address. Your choice of Bitcoin wallet determines where and how your private keys are stored.

What is the Difference Between Custodial and Non-Custodial?

The most important thing to understand about Bitcoin wallets is whether you control the private keys or whether someone else does. Holding your own private key is how you assert ownership over bitcoin, because it's the only way to authorize a bitcoin transaction. A custodial wallet or app is a service, typically operated by a corporate exchange, where the custodian generates and holds the private keys on your behalf. A "non-custodial" or "self-custodial" wallet means you hold the keys yourself.

  1. Custodial Wallet: A company controls the private keys.

  2. Non-custodial Wallet: You control your private keys.

In a custodial arrangement, you do not have direct ownership of bitcoin. While you may have the wallet app on your phone or computer, the private keys themselves are held and managed by your custodian. You interact with a login, a balance display, and a withdrawal interface, but if the exchange goes down, gets hacked, becomes insolvent, or freezes withdrawals, you have no way to access your funds. Your access depends entirely on that institution's continued delivery of service and willingness to cooperate.

"Not your keys, not your coins" is a common saying among bitcoiners. If you do not hold the private keys, you do not control the bitcoin and your ownership is predicated on the custodian's participation. What you hold is a claim, and you must request permission from your custodian to transact bitcoin on your behalf.

In a self-custody arrangement, no institution holds your keys for you. You generate and store the private keys yourself, using software or hardware running on your own devices. No institution can freeze your funds, deny access, or lose your bitcoin through mismanagement. That independence is what self-custody means. What is Bitcoin self-custody? covers this in full.

What Does a Bitcoin Wallet Actually Do?

A self-custody Bitcoin wallet serves four core functions.

  1. Generates and stores private keys. When you set up your wallet for the first time, it generates a "seed phrase", a sequence of 12 or 24 words encoding the cryptographic root from which all your private keys are derived. The wallet stores those keys securely on your device. What is a private key? and What is a Bitcoin seed phrase? covers these topics in full.

  2. Derives your receiving addresses. From your private keys, the wallet derives the public keys and bitcoin addresses you share when receiving bitcoin. Every address you control traces back to the original seed phrase.

  3. Constructs and signs transactions. When you want to spend bitcoin, the wallet helps you build the transaction (inputs, outputs, fee rate), signs it with your private key to prove you control those funds, and broadcasts the signed transaction to the Bitcoin network. How does a Bitcoin transaction work? covers this process in greater detail.

  4. Calculates your balance. The balance shown in your wallet is not a number stored inside the app. It is calculated by scanning the transaction history of Bitcoin for funds associated with your addresses and summing them. This means you can restore the same wallet on a different device, or check a public block explorer, and the result will be identical, because both are reading from the same ledger.

All four functions depend on the same foundation: your private keys, and the seed phrase from which they are derived.

Does a Bitcoin Wallet Store Bitcoin?

No. A Bitcoin wallet itself does not store bitcoin. Instead it stores private keys used for authorizing transactions. The bitcoin associated with those keys is recorded on the blockchain, not inside any wallet.

A useful way to think about it is that a Bitcoin wallet is more like a keychain, rather than a wallet holding paper cash. Your bitcoin exists as digital records on a public ledger called the blockchain, but spendable only by the holder of the private keys. Your wallet is holding keys for authorizing transactions, not actual bitcoins.

The keychain analogy also makes sense because if you lose your keychain, you don't lose the valuables that it secures. Similarly, if your phone is lost, your hardware wallet destroyed, or your computer wiped, your bitcoin is not gone. It persists as records on the blockchain and remains locked to your addresses. You can easily recover your wallet on a new device using your seed phrase and your access is fully restored. Seed phrases can regenerate your private keys, which regenerate your addresses, which lets the wallet find your funds on the ledger and authorize spending.

What "losing your bitcoin" actually means is losing both the private keys and the seed phrase used to regenerate them. Lose those, and the bitcoin becomes permanently inaccessible to anyone. The records remain on the blockchain indefinitely. No one can spend what can no longer be signed for. This is why seed phrase backup is the most important practical step in self-custody.

What Are the Types of Bitcoin Wallets?

The biggest difference between wallets is custodial vs. non-custodial wallets. Custodial wallets are more like digital interfaces to access bitcoin held by the custodian. Among non-custodial wallets, there is a distinction between software wallets and hardware wallets. These map to the terms "hot wallet" and "cold wallet", describing whether the private keys are stored on an internet-connected device or kept offline.

Software wallets

A "software wallet" is a wallet whose private keys are stored on a device connected to the internet, such as a phone or computer. Software wallets are the most common non-custodial option. They are free to set up, convenient, and well-suited to frequent transactions.

The tradeoff is that any device connected to the internet is exposed to malware, network intrusion, and device compromise. Malware on an internet-connected device can access private keys stored there and sign outgoing transactions without your knowledge. For small everyday spending amounts, this risk exposure is often manageable.

A useful frame is to think in terms of amounts you could afford to lose versus amounts you cannot. A software wallet can be appropriate for small everyday spending, in the same way you might keep a modest amount of cash in your pocket for daily use. For long term savings and meaningful amounts, the exposure of an internet-connected device is not acceptable, and a hardware wallet is the appropriate choice.

Hardware wallets

A "hardware wallet", or more accurately known as a "signing device", is a dedicated physical device that stores private keys in hardware specifically designed for that purpose, isolated from the internet. When you want to spend bitcoin, the transaction is constructed on a computer or phone and passed to the hardware wallet for signing. The hardware wallet signs the transaction internally and returns only the signature, ensuring the private key never reaches the internet-connected computer.

Some signing devices support fully air-gapped operation, passing signing data via QR code or physical memory card rather than a wired or wireless connection. This keeps the device physically isolated from any network to ensure utmost security.

Which Type of Wallet is Most Secure?

For any amount of bitcoin you would not want to lose, the most secure option is a hardware wallet that is Bitcoin-only, fully air-gapped, and built on open-source firmware. Each of these properties is a design decision focused on mitigating particular risk categories at the architecture level.

  • Bitcoin-only. A device designed exclusively for Bitcoin has a narrower codebase, fewer cryptographic standards to implement, and no cross-asset attack paths. Supporting multiple digital assets requires additional code for each, which expands potential attack surfaces and requires more effort to audit and maintain.

  • Air-gapped. An air-gapped signing device does not use wired or wireless connections for signing. Transaction data is sent via QR code or memory card, and only the completed signature leaves the device. With no network connection to probe, test, or exploit, remote attack is architecturally impossible rather than just defended against.

  • Open-source firmware. When the firmware source code is publicly auditable and reproducibly buildable, anyone can verify exactly what the device does. Closed-source firmware requires trusting the manufacturer's implementation on faith. Open-source removes that dependency.

Coldcard devices are built around all three principles.

Related articles

What is Bitcoin?

The definitive peer-to-peer electronic cash system: what it is and how it works

Read article

How does a Bitcoin transaction work?

How bitcoin moves from one address to another, and what happens between broadcast and confirmation

Read article

How Bitcoin wallets work

How Bitcoin wallets generate keys, derive addresses, and sign transactions, and why they store keys, not bitcoin.

Read article

What is Bitcoin self-custody?

Why holding your own keys is the only way to truly own your bitcoin

Read article