If someone steals the private keys to a regular Bitcoin wallet, the situation is brutally simple: they can usually spend the coins right away. This is not a flaw in Bitcoin. The finality of transactions is one of its core properties. But it does create a difficult tradeoff for advanced self-custody: the more secure you make your setup, the more cumbersome it can become to use for legitimate spending.
Bitcoin vaults are an attempt to improve that tradeoff. Rather than forcing the user to go through an inconvenient signing process every time they want to spend, e.g. by visiting multiple backup locations of a multi-sig wallet, a vault can make legitimate transactions comparatively easy while still keeping a more secure fallback path in reserve. For long-term savings, that is the appeal of a vault: not "perfect security", but an improved balance between usability and recovery.
Let’s explore how this concept works in more detail!
Not all vaults are equal
To start off, the term vault is used loosely in Bitcoin. Some companies use it for more advanced cold storage products, often multi-sig setups with added redundancy, time conditions, or collaborative custody. Others may simply refer to a hardware wallet like the BitBox as “the Swiss vault for your bitcoin”, like we do on our own website. This is perfectly fine, but you should simply keep in mind that the label vault is used for many different things in Bitcoin, while in this article, we are talking about a very specific wallet design.
In a stricter technical sense, a Bitcoin vault is a wallet setup that enforces delayed withdrawals and a separate recovery path. The design aims to make theft harder by removing the attacker's ability to empty a wallet instantly. Let’s dive in!
The basic idea
A typical vault design has three conceptual parts:
- Savings are held in the vault, which of course is not an actual vault, but a wallet with specific spending conditions.
- The withdrawal path can “open the vault”, but there is a countdown until the payment can be finalized.
- The recovery path can abort any attempt to open the vault during the countdown, redirecting the funds to a more secure wallet.
Speaking of “paths” here essentially just means that there are conditions locked in place that only allow funds to flow in a certain direction, in a certain way.
What makes this approach interesting is that the withdrawal and recovery path can and should represent very different wallet setups. For example, the withdrawal path could be a single hardware wallet you always have with you, whereas the recovery path could be an even more secure multi-sig wallet with five different backups in different geographical locations.
By using both of these wallet setups in the same vault, we can combine their benefits: The convenience and accessibility of the withdrawal path with the recovery path’s high security and redundancy.
An example
Let’s say Alice holds 1 BTC in her vault and wants to send a transaction of 0.1 BTC to Bob. To do so, she first opens the vault by using the regular withdrawal path. As mentioned, this path can be very simple and does not even need to be optimized for security. Alice uses a single hardware wallet for her withdrawal path. But in theory, she could even use a hot wallet on her smartphone, without compromising the vault’s security.
“Opening the vault” essentially just means creating a special transaction. This transaction announces that someone is trying to spend funds from the vault and starts a countdown. Let’s say it’s 24 hours. Within those 24 hours, Alice can cancel the payment to Bob by moving the funds to the more secure wallet setup. Only after the 24 hours have expired, the payment can be finalized and Bob can claim his funds with a second transaction.
Alice sends a payment to Bob from her vault using only the easier withdrawal path. In this example, that means she only needs one signature from her regular wallet. But if something goes wrong, she still has the safer recovery path as a backup. For example, if an attacker got access to her everyday wallet and tried to steal the 1 BTC, Alice could use the recovery path to move the funds to her more secure wallet before the theft goes through. More generally, she can always use the recovery path to move the funds into the safer setup instead.
This works because the transaction opening the vault is strictly conditioned to only spend funds to the recovery path, or the designated recipient after the countdown has expired.
The tradeoff(s)
As is the case with almost all measures for more wallet security, Bitcoin vaults essentially try to fix an existing tradeoff by adding another one.
You gain the combined benefits of an easy to use, day-to-day wallet setup, while still having the advanced security and redundancy of a distributed multi-sig setup at your disposal.
However, this comes with mainly three downsides:
- Guarding the vault: The waiting period during a malicious opening of the vault only helps as long as the wallet owner notices and acts in time. This problem is similar to the need for watchtowers in the Lightning network.
- Delayed payments: Naturally, legitimate payments simply take more time due to the necessary waiting period when using the withdrawal path.
- More transactions: Withdrawals from the vault require at least two transactions, which of course comes with increased transaction fees (and network congestion).
Choosing the duration of the waiting period is also a tradeoff in itself: adding more time makes it easier to detect and react to malicious withdrawals, but it also further delays regular transactions – and the other way around.
Even aside from these downsides, Vaults are powerful, but they are not magic. A vault does not make bitcoin "unstealable", and it does not remove the need for good security practices. You still need to create and manage backups, you still need to use secure hardware wallets and you still have to deal with the added technical complexity of multi-sig and the vault itself, of course.
This is why vaults are usually discussed as an advanced tool, not a default recommendation for everyone.
Where vaults shine
Vaults are especially interesting for bitcoin that is not meant to move often, but still needs to remain usable. Think of long-term savings, company treasury funds, or family holdings where the owner wants stronger protection than a simple wallet, without turning every legitimate payment into a complex signing operation.
A well-designed vault can make a compromise less catastrophic since suspicious withdrawals are no longer instantly final. But just as importantly, it reduces the operational burden. Instead of reaching for multiple signers or backups for every ordinary transaction, the user can spend through the withdrawal path and only rely on the stronger setup when something looks wrong. This also allows to shift the focus of the recovery path’s backups fully towards security, as they don’t need to be as accessible.
Combining these benefits can also be great for easier inheritance planning, as your heirs only need to access your withdrawal path to effectively “steal” from your vault after you passed away. There would be no need to introduce them to the complexity of the recovery path’s setup.
The need for covenants
Bitcoin already supports useful building blocks such as multi-sig and timelocks. With tools like Miniscript, advanced users can already create wallets with delayed recovery paths or inheritance-style policies.
But a full vault design needs more than that. It wants to restrict not only when coins can move, but also where they are allowed to move next. This is where covenants enter the discussion.
A covenant is a spending condition that restricts parts of a future transaction. In the context of vaults, this is necessary because the vault needs to be able to commit to a very specific next step, such as only moving coins into a predefined delayed withdrawal transaction or only allowing a cancellation back to a known recovery wallet.
Without covenant-style restrictions, vault designs often rely on pre-signed transactions and careful state management. This can work, but it is harder to make robust and easy to use. At the time of writing, covenant proposals are still just that: proposals. So for now, native Bitcoin vaults are still more of an exciting idea for the future.
Conclusion
Bitcoin vaults are an attempt to make self-custody less fragile and less cumbersome at the same time. Instead of forcing the user to rely on the strongest and most awkward security path for every normal spend, a vault introduces a delay and a recovery path behind the scenes. This can turn theft from a one-step event into a process the owner has time to detect and interrupt, while keeping legitimate spending comparatively easy.
The idea is compelling, especially for larger or rarely moved holdings. But vaults also make an important point about Bitcoin security more broadly: better self-custody is not only about stronger keys. It is also about structuring the wallet such that convenience and recovery do not have to be in direct conflict.
For now, most users do not need a vault. But as Bitcoin wallets become more expressive, vaults may eventually become one of the clearest examples of how better Bitcoin scripting tools can improve self-custody in practice.
FAQs
What is a Bitcoin vault?
A Bitcoin vault is a wallet design that adds delayed withdrawals and a separate recovery path. Instead of allowing coins to be spent immediately, a vault introduces a waiting period during which the owner can cancel a suspicious withdrawal and move the funds to a safer wallet.
How is a Bitcoin vault different from a regular Bitcoin wallet?
In a regular wallet, someone who gets access to the private keys can usually spend the coins right away. A vault changes this by requiring the wallet to be “opened” first, which starts a delay before the funds can actually be moved. During that delay, the owner can use a recovery path to stop the withdrawal.
Are Bitcoin vaults useful for everyone?
Usually not. Vaults are mainly interesting for advanced self-custody setups, especially for larger or rarely moved bitcoin holdings. They can improve the balance between convenience and security, but they also add complexity, extra transactions, and delayed payments.
Don’t own a BitBox yet?
Keeping your crypto secure doesn't have to be hard. The BitBox hardware wallets store the private keys for your cryptocurrencies offline. So you can manage your coins safely.
Both the BitBox02 Nova and the BitBox02 also come in a Bitcoin-only edition, featuring a radically focused firmware: less code means less attack surface, which further improves your security when only storing bitcoin.
Buy the BitBox02 Nova or grab a BitBox02 in our shop!
Shift Crypto is a privately-held company based in Zurich, Switzerland. Our team of Bitcoin contributors, crypto experts, and security engineers builds products that enable customers to enjoy a stress-free journey from novice to mastery level of cryptocurrency management. The BitBox02, our second generation hardware wallet, lets users store, protect, and transact Bitcoin and other cryptocurrencies with ease — along with its software companion, the BitBoxApp!