A practical guide to holding Bitcoin and Monero outside the system that was built to hold you.

I am not a financial adviser. I am a sovereignty and privacy evangelist. What follows is not investment advice. It is a map to a door most people do not know exists.

before you start#

If you have read // what is money?, you already know why this matters. If you have not, read that first. This guide picks up where that one leaves off.

You do not need to understand the mathematics behind Bitcoin or Monero to use them. In the same way you do not need to understand SWIFT or correspondent banking to send a wire transfer, you do not need to understand elliptic curve cryptography to hold sovereign money. The mechanics are handled by software. What you need to understand is the why, and then the what.

There are two kinds of people reading this. The first has never touched crypto, found the whole space alien, noisy, or overwhelming, and is here because something finally made them curious. The second has a Coinbase or Binance account, has bought some Bitcoin, and thinks they own it. Both are welcome. Both are about to learn something important.

Think of Bitcoin the way you would think of buying a foreign currency before a trip. If you live in New Zealand and you are travelling to Japan, you buy yen. The mechanics are simple. You hand over NZD, you receive JPY, and you put it in your pocket. It is yours. You hold it. That instinct, take the currency and put it in your pocket, is exactly right. And it is the instinct most people abandon the moment they buy crypto for the first time.

The window framing. The fiat monetary system is under structural stress that is no longer theoretical. Governments and central banks know this. Their answer is the Central Bank Digital Currency, a digital form of fiat that is programmable, surveillable, and fully controllable at the transaction level. CBDCs are not hypothetical. They are in development or deployment across dozens of jurisdictions right now. The difference between holding Bitcoin today and being onboarded to a CBDC later is the difference between choosing your exit and having your exit chosen for you. You still have time to do this on your own terms.

On amounts. Start small. Not because the amounts do not matter eventually, but because the first transaction is not about wealth. It is about understanding the flow, the mechanics, the feeling of it. What small means depends entirely on your situation. A useful frame is a percentage of income rather than a fixed number. One percent, two percent, three percent of what you earn each pay cycle. Consistent, automatic, unremarkable. That is dollar cost averaging, DCA, and it is the behaviour this guide recommends above all others.

To make this concrete: $100 per month into Bitcoin on the 15th of every month from May 2020 to April 2025, sixty purchases, $6,000 total invested. The result: approximately 0.1987 BTC accumulated, worth around $16,630 at April 2025 prices. A return of 177%, your $6,000 growing to 2.77x, with an average cost basis of $30,200 per coin. Not because you timed anything. Not because you made a brave call. Because you were consistent and you did not stop when it felt uncomfortable.

The 2022 crypto winter, when Bitcoin crashed to $16,000 to $20,000, looked like disaster to anyone watching the price. For the DCA investor it was the best buying period of the entire five years. Each $100 bought significantly more Bitcoin than the same amount had during the 2021 peak. Those cheap coins did most of the heavy lifting when the market recovered. That is the strategy working exactly as intended: the volatility is your friend when you keep buying through both euphoria and despair.

Think of this alongside other sovereign assets. Precious metals. Land. Property. Crypto is one layer of a broader strategy for holding value outside systems that were not designed with your interests at the centre.

Are any of these risk free? No. Nothing is. But the question is never zero risk versus some risk. The question is which risks you are choosing and which are being chosen for you. Compare the last twenty years of fiat purchasing power against the last twenty years of Bitcoin price history, through every crash and cycle, and draw your own conclusion.

buying versus holding, the distinction that changes everything#

Most guides skip this. They go straight to how to buy, as if buying and owning are the same act. They are not. They are two separate decisions, and collapsing them is the mistake most first time buyers make.

Acquiring crypto can happen in several ways. You can buy it on a centralised exchange, the most common path. You can acquire it peer to peer, directly from another person. You can receive it as payment for goods or services. The method matters for privacy reasons we will get to. But acquiring is just step one.

Holding is the second decision. And it is the one that determines whether you actually own anything.

Here is the analogy that makes this clear. Imagine you walk into a currency exchange office in your city. You hand over NZD, you receive USD. The transaction is complete. Your NZD is gone. Now imagine that instead of putting the USD in your pocket, you hand it back to the exchange counter and say, keep that for me, I will come back for it later. They give you a receipt. You walk out.

That is what leaving crypto on an exchange means. You paid real money. The transaction is done. But you walked away with a receipt, a number on a screen inside the exchange’s system, while they hold the actual asset.

Are there benefits to leaving it on an exchange? Honestly, yes. You are delegating the security burden to a team whose job it is to protect those funds. For someone who genuinely does not want to think about custody, that is a real convenience. But what you hand over alongside that security burden is sovereignty, access, and control. All three. Simultaneously.

The risks are not immediately obvious, but they are real.

Hacking. Exchanges are high value targets for capable and nation state level threat actors. In early 2025, Bybit lost approximately $1.5 billion in a single attack, the largest crypto hack on record at the time.

Regulation and external control. Rules change without your input or consent. Binance has been the ongoing case study across multiple jurisdictions, with accounts frozen, KYC requirements escalated mid-relationship, and withdrawals restricted based on government pressure that had nothing to do with individual users.

Collapse. The exchange itself disappears. FTX is the name everyone knows. Billions in customer funds, gone overnight. Not hacked. Simply gone, because customers held receipts and the underlying structure was fraudulent. When it collapsed, the receipts were worth nothing.

The system was built this way with fiat because there was no alternative. Physical cash has obvious risks at scale. But Bitcoin was built specifically to solve the custody problem. Non-custodial ownership is not a feature someone added to crypto. It is the entire point.

the private key, what ownership actually means#

This is the conceptual core of the guide. Everything before it explains why custody matters. Everything after it is practical application. Read this section twice if you need to.

When you own Bitcoin, what you actually own is a private key.

At its most basic, a private key is a long alphanumeric string, a secret code, that only you know and hold. But it does not work alone. It comes as a pair. One key is called private. One is called public. Together they form the foundation of everything that follows.

Here is the clearest way to understand how they work together. Imagine a padlock, open, unlocked, that anyone can pick up, inspect, and use. That is your public key. Anyone can have it. Anyone can see it is yours. And if someone wants to send you something, they put it inside and snap the lock shut. Now only one thing in the world can open that lock: your private key. Only you have it. Only you can unlock it.

For a deeper, non-technical exploration of public key cryptography, see // cryptography: the weapon they couldn’t ban on this blog.

The private key works like a seal. In the past, when a king’s seal appeared on a document, you did not need the king present to verify its authenticity. The seal itself proved origin, authority, and legitimacy. Your private key does the same thing mathematically. When you sign a transaction with your private key, the network knows with certainty that it came from you. It proves ownership. It authorises movement. And it cannot be forged.

Here is the part most guides do not explain clearly. You never physically hold Bitcoin. It does not sit on your phone or your hardware device or anywhere. It exists as an entry on a public ledger, the blockchain, that anyone in the world can read. What the private key gives you is the ability to claim those coins as yours, and to authorise their movement. Without the key, the coins sit there permanently visible on the public ledger, linked to an address, but unreachable. With the key, they are fully and completely yours.

The public key closes the loop. It allows the network, the blockchain itself, and anyone else to verify your claim without ever seeing the private key. You prove ownership without revealing the secret.

The seed phrase. A private key is too long, too random, and too inhuman to write down or memorise in its raw form. So we encode it. The seed phrase is a series of 12 to 24 ordinary English words that serve as the original mold from which your private key can always be recreated. The seed is not the key itself. It is the blueprint. Give it to any compatible wallet software and it will reconstruct your key exactly, every time.

This has a consequence that is almost difficult to grasp at first. The seed phrase is indestructible in a way that no physical asset is. No fire, no flood, no government order, no catastrophe can destroy it as long as those words exist somewhere in the correct order. The Bitcoin on the ledger will still be there. The network will still recognise your claim. Knowledge cannot be seized the way a safe can be. Memorise those words, or store them somewhere physically secure that only you control, and your access is permanent and unconditional.

The flip side is absolute. If those words are gone, truly gone, the coins are not stolen. They are not frozen. They are simply unreachable. Forever. The ledger still shows them. But without the mold, the key cannot be recreated. No customer support. No recovery process. No exception.

Write your seed phrase on paper. Store it somewhere physically secure. Never photograph it. Never type it into any website or application. Never share it with anyone under any circumstances. Treat it the way you would treat the only key to a vault that no locksmith can open.

software wallets, your first step into self custody#

You now understand what a private key is and why it matters. A wallet is the software that generates and manages that key on your behalf.

When you create an account on Binance or Coinbase, a key is generated mathematically, the same process that happens in any wallet. The difference is that the exchange keeps that key. Your account is a claim against their system, in the same way a bank account is theoretically your money inside someone else’s safe. You have access as long as they grant it.

When you install a non-custodial wallet on your device, the key is generated locally, on your phone or computer, and the app becomes the vault for that key. No company holds it. No server stores it. It never leaves your device.

The process of setting one up is shockingly simple. It is no harder than creating an email account. Next, next, done. The complexity lives in the concepts you have just read, not in the mechanics of the setup itself. Most people who have been putting this off because it sounded technical are surprised by how fast it is.

For Bitcoin: Bluewallet. Available on iOS and Android. Open source, well established, community trusted. Generates your key locally and gives you full control from the first minute.

For Monero and Bitcoin: Cake Wallet. The right choice for anyone who wants to hold both. Different wallets support different coins, in the same way a foreign currency bank account is needed to hold that currency. You would not expect your NZD account to hold yen. Cake Wallet handles both Bitcoin and Monero in a single, clean, non-custodial interface.

Other wallets exist with different capabilities and coin support. These two are the ones this guide recommends as starting points because they are open source, heavily vetted by the Bitcoin and privacy communities, and have long track records.

On device choice. A phone is the recommended starting point for most beginners. Modern smartphones, particularly iPhones, come with a stronger default security model and more contained threat surface than a general purpose desktop or laptop. For those already using GrapheneOS or other privacy hardened Android builds, that is an equally strong or stronger option. But that is a separate conversation for a more advanced stage of the journey.

There is something almost funny about how hard it is to explain non-custodial ownership to people who have grown up in the digital age. Every digital service most of us use, streaming, social media, cloud storage, bank accounts, is never truly ours. It is licensed, rented, permissioned. Non-custodial ownership of a crypto currency, the idea that something digital can be genuinely, unconditionally yours, has been so thoroughly removed from collective experience that when you encounter it, it feels too good to be true.

It is not too good to be true. It is just what ownership actually looks like.

hardware wallets, the key vault#

A software wallet on your phone is a significant step forward from leaving coins on an exchange. But your phone is an internet connected device that runs dozens of applications, receives data from the outside world, and has a broad attack surface. The key lives in software, on a device that is online.

A hardware wallet solves this with a single principle: isolation.

A hardware wallet is the same thing as a software wallet, a private key vault, but running on a dedicated device that is designed never to connect to the internet. The key is generated on that device and stays there. It signs transactions internally and passes only the signed result to your computer or phone. The key itself never touches an internet connected environment.

It is worth being precise here because the name misleads people. A hardware wallet does not store your Bitcoin. Your Bitcoin does not move when you set up a hardware wallet. What exists on the blockchain stays on the blockchain. What the device holds is the key that proves those coins are yours and authorises their movement. The coins are linked to a wallet address that is always offline. The ownership is what relocates, from a key that lived in an online environment to a key that lives permanently offline.

This is the hardware this guide recommends, based on direct personal use.

Jade+ by Blockstream. The primary recommendation. Fully open source, both hardware and software. The Jade+ does not persistently store your seed on the device at all. Every time you use it, the key is derived fresh from your seed combined with your PIN. There is nothing persistent on the device to extract even if someone had physical access to it. For additional security, a BIP39 passphrase, sometimes called the 25th word, can be added. This word exists nowhere but your memory. Even if someone finds your written seed phrase, without the passphrase they reach a different wallet entirely. The Jade+ can also be used in air-gapped mode via QR code, meaning it never requires a physical connection to another device.

Coldcard Q by Coinkite. For Bitcoin purists who want the most hardened, Bitcoin only device available. Coldcard is the choice of security researchers and high conviction holders who want maximum paranoia in their setup.

Trezor Safe 3. A well established, open source option with broad coin support and a strong community reputation.

The moment you move your coins from an exchange or software wallet to a hardware wallet address, something changes that is difficult to describe technically but immediately felt. Your Bitcoin came from an exchange. You sent it to an address controlled by a key that never goes online. The transfer is complete. What you have now is something no government can confiscate without your cooperation, no exchange can freeze, no company can restrict. As long as the seed and passphrase exist in your knowledge, access is yours. Permanently. Unconditionally.

That feeling is not excitement about price. It is the specific relief of having moved from a system where every transaction requires permission and generates a record, to a position where you hold the keys and you authorise the movements.

monero, the invisible layer#

Bitcoin solves custody. Monero solves visibility.

Bitcoin is transparent by design. Every transaction is recorded on a public ledger that anyone in the world can read. Every address, every amount, every timestamp, permanently visible and permanently linkable. Most people who buy Bitcoin do not realise this. They assume that because addresses are strings of letters and numbers rather than names, they have some degree of privacy. They do not.

The problem is not just that your future transactions are visible. It is that the moment your identity is connected to any one address, the entire history of that address, and every address it has ever interacted with, can be traced backwards recursively. One KYC purchase sent to the wrong address. One public transaction. One slip in operational security. And the chain of your financial history unravels completely.

You can introduce privacy measures around Bitcoin. Coin mixing, careful address management, running your own node, using Tor. These measures improve your privacy. But they sit around you, not the coins. The coins themselves are always transparent. The ledger always reveals what is there. The best you can do is obscure who is looking.

Monero solves this at the protocol level. Not through optional steps you have to remember. Not through services that can be traced or shut down by regulators. At the base layer, by design, every Monero transaction automatically hides the sender, the receiver, and the amount. The public ledger exists, but it reveals nothing useful to an outside observer. Privacy is not a feature you enable. It is the default state of every transaction, baked into the code itself.

Cake Wallet is the recommended starting point for Monero. The same app you may already be using for Bitcoin. Non-custodial, open source, clean interface, and it handles atomic swaps natively.

Acquiring Monero without a trail: atomic swaps. An atomic swap is what happens when two non-custodial wallets, one Bitcoin, one Monero, link together briefly and exchange value directly. One party needs Monero and has Bitcoin. The other needs Bitcoin and has Monero. No exchange in the middle. No account. No KYC form. No intermediary holding funds at any point. It is peer to peer value exchange, as direct as two people bartering at a market who have never met before.

The swap is atomic, meaning both sides complete simultaneously or neither does. There is no moment where one party has both assets and the other has nothing. The mathematics enforces the fairness without requiring trust between strangers.

What this means in practice: you send traceable Bitcoin in. It passes through the Monero layer, which reveals nothing. Clean Bitcoin can come out the other side into a completely new wallet address that has no previous history and no linkage to your identity. The chain of custody is broken at the Monero layer. What emerges on the Bitcoin side is effectively new.

Monero is not a speculative asset. It is not a trading vehicle. It is private digital cash that protects your financial activity from surveillance, chain analysis, and financial censorship. Every transaction is automatically anonymised, including the amount. It is the sovereign coin in the most complete sense of the word.

the minimum viable sovereign stack#

If you have followed this guide to this point and taken the practical steps, here is what you now have.

A non-custodial software wallet on your phone. A hardware wallet with your private key held offline. Some Bitcoin acquired and withdrawn from any exchange into your own custody. Some Monero acquired via atomic swap, privately, with no KYC trail and no linkage to your previous Bitcoin history.

You have crossed from being a user of the financial system, where every transaction is permissioned, logged, and surveilled, to being a sovereign holder who operates outside most of that apparatus. That is not nothing. That is a meaningful and real change in your relationship with money.

This is easier than it has been portrayed. Buying crypto and holding it in self custody has never been more accessible. The knowledge requirement is real, which is why this guide exists, but the technical barrier is low. If you can create an email account, you can set up a non-custodial wallet.

Start where you are. Buy a small amount to understand the flow. Set up a software wallet. Graduate to a hardware wallet when you have something worth protecting. Add Monero when you are ready to complete the picture. Read more as you go. The knowledge compounds in the same direction as the stack.

Treat this as one layer alongside other sovereign assets. Precious metals. Land. Property. A diversified strategy for holding value outside systems that were not designed with your long term interests at their centre.

Is any of this risk free? No. Nothing is. But compare the trajectory of fiat purchasing power against Bitcoin over the last twenty years, through every crash and cycle and bear market, and make your own assessment of where the risk actually sits.

The window is not closed. But it is not permanently open either. CBDCs are coming. The programmable, surveillable, permission-based replacement for physical cash is already in development across dozens of jurisdictions. The difference between acting now and waiting is the difference between choosing this on your own terms and having a different choice made for you.

You now know enough to begin. Begin.