Cold Storage & Multisig on Chia: Protect Your XCH from Single Points of Failure

Key Takeaways

• Multisig eliminates single-key risk by requiring multiple signatures (like 2-of-3 or 3-of-5) to move funds, protecting you even if one key is lost or stolen.
• Chia’s Custody Tool uses the same security that protects Chia Network’s 21 million XCH prefarm — with m-of-n multisig, timelocks, and clawback features.
• The Chia Signer app turns your smartphone into a hardware wallet with secure key storage in your device’s Secure Enclave, eliminating blind-signing risks.
• Cold storage means your private keys never touch the internet — generate them on offline devices and store recovery phrases in multiple physical locations.
• BLS signatures enable non-interactive aggregation, making Chia’s multisig simpler and more practical for cold storage than Bitcoin or Ethereum solutions.

Chia multisig cold storage combines offline key generation with multi-signature requirements (m-of-n) to eliminate single points of failure. You can implement this using the Custody Tool for institutional-grade security, the Chia Signer app for user-friendly phone-based signing, or simple cold single-key wallets for basic protection.²

Why Single-Key Cold Storage Isn’t Enough Anymore

If you’re farming XCH or holding significant amounts, you’ve probably set up basic cold storage.³ You generated a mnemonic on an offline computer, wrote down your 24 words, and sent your farming rewards to that cold address. That’s better than keeping everything in a hot wallet — but there’s a big problem: one compromised key means total loss.

Think about it this way. Your cold storage mnemonic is sitting on paper in your home safe. What happens if someone breaks in? What if there’s a fire or flood? What if you lose that paper or it becomes unreadable? With traditional cold storage, any of these scenarios means you lose access to your XCH forever. There’s no backup plan because the single key is both your security and your weakness.

This is where multisig changes everything. Instead of one key controlling your funds, you split control across multiple keys. A 2-of-3 setup means you need any 2 out of 3 keys to move funds.⁷ Lose one key? No problem — you still have two others. Someone steals one key? They can’t do anything without a second key. This is what crypto miners moving into serious XCH holdings need to understand.

The Real-World Threat: Physical Coercion

Here’s something most cold storage guides don’t talk about: the “$5 wrench attack.” If someone knows you hold valuable crypto and forces you to hand over your keys, traditional single-key security fails completely. Chia Network’s Justin England, the company’s head of physical and digital security, put it plainly in a 2025 blog post: “We built the Chia Signer App because you can’t eliminate physical coercion, but you can design tools so coercion doesn’t work.”⁴

With proper multisig, an attacker would need to coerce multiple people in different physical locations — often within a tight time window.⁴ That’s exponentially harder than targeting one person. Add time delays and clawback features, and forced immediate theft becomes nearly impossible.

How Chia’s BLS Signatures Make Multisig Better

Chia uses BLS (Boneh-Lynn-Shacham) signatures rather than the ECDSA signatures that older Bitcoin transactions rely on. Bitcoin has since adopted Schnorr signatures (BIP-340) for newer Taproot transactions, but even the best Schnorr multisig scheme (MuSig2) requires some back-and-forth coordination between signers per message.⁵ Chia’s BLS approach is fundamentally different.

BLS signatures are built on bilinear pairings and deliver short, deterministic signatures with non-interactive aggregation capabilities.⁵ In plain terms: Chia’s multisig signatures can be combined without complex interactive protocols. You can collect signatures from different air-gapped devices at different times and combine them later. For cold storage, where signing devices are offline and spread across locations, this is a massive practical advantage.

Your Chia Multisig Cold Storage Options: A Complete Comparison

Setting Up the Custody Tool: Enterprise-Grade Chia Multisig Cold Storage

The Custody Tool is the same system Chia Network uses to secure its 21 million XCH prefarm.^1,2 According to the official October 2022 announcement: “Three of the five private keys must sign for any withdrawals to occur. (This is known as an m-of-n multisig.)”¹ This isn’t theoretical security — it’s battle-tested protection for billions of dollars’ worth of XCH.

How the Custody Tool Works

The Custody Tool creates a special type of coin called a singleton that holds your XCH.^2,7 This singleton has a puzzle — Chia’s term for smart contract code — that enforces your security rules. Unlike a regular wallet where any key can spend, the singleton’s puzzle requires multiple signatures before releasing funds. These rules are baked into the blockchain itself, not controlled by any external service.

You configure how many keys you have (n), how many signatures are required (m), and add time delays for extra protection.⁷ For example, a 3-of-5 setup means 5 total keys exist, and any 3 must sign to move funds. You can also require a 30-day waiting period before any withdrawal, plus a 90-day clawback window after that — during which you can reverse a transaction if something looks wrong.¹

Your Step-by-Step Custody Tool Setup

Step 1: Design Your Security Policy

Before generating any keys, decide on your configuration.¹¹ Common setups for miners transitioning to serious holdings are 2-of-3 (a good balance of security and convenience) or 3-of-5 (maximum security for large amounts). Think about physical locations too. Can you secure keys in three different places? Do you have trusted family members or business partners who can hold keys?

Step 2: Generate Keys on Separate Air-Gapped Devices

This step is critical. Each key must be generated on a device that has never — and will never — connect to the internet.¹⁰ Use clean USB drives to boot Ubuntu or another Linux distribution. Generate your BLS keypairs using the Chia client or Custody Tool commands.¹¹ Write down the 24-word mnemonics on paper, not on the computer. Store each mnemonic in a different physical location.

Step 3: Create the Custody Singleton

On an online machine (not the air-gapped ones), use the Custody Tool to deploy the singleton.¹¹ You’ll provide your public keys — not the private keys — and specify your m-of-n threshold. The tool creates the puzzle and publishes it to the blockchain. You get back a singleton address where you can send XCH.

Step 4: Fund and Test

Send a small test amount of XCH to your singleton address first. Practice the spending procedure with your offline keys to make sure everything works. Only after a successful test should you move your main farming rewards into the custody singleton.

The Spending Process with Cold Multisig

When you need to move XCH from your custody singleton, you create an unsigned transaction on your online machine.¹³ That transaction moves to your offline signing devices via USB drive or QR code. Each device signs with its key, and you collect the required number of signatures. Once you have m signatures, BLS aggregation combines them into a single compact signature that gets broadcast to the network.¹² Your offline keys never touch the internet.

Chia Signer App: Multisig Security in Your Pocket

Not everyone needs the full complexity of the Custody Tool. If you want strong security but easier usability, the Chia Signer app offers a practical middle ground.⁶ It turns your iPhone or iPad into a hardware wallet using your device’s Secure Enclave — the same dedicated hardware security chip that protects Face ID and Apple Pay.⁶

Why the Chia Signer Beats Traditional Hardware Wallets

Regular hardware wallets like Ledger have a known problem: their tiny screens force you into “blind signing.” You can’t clearly see what you’re authorizing. The Chia Signer uses your phone’s full screen to display transaction details before you sign.⁶ No more hoping the tiny display is showing the right address.

Even better, if your phone is stolen, you don’t lose your funds. Chia Cloud Wallet vaults use two keys: one for signing (on your phone via the Signer app) and one BLS recovery key stored separately.⁸ If someone steals your phone, you use the recovery key to transfer your vault to a new device. And because there’s a time delay before recovery completes, you’ll be notified if someone attempts to misuse a stolen recovery key.⁸

Setting Up Chia Signer for Cold Storage Signing

The setup is straightforward. Install the Chia Signer app from the iOS App Store (an Android version is planned for the future).⁶ Create a key in the app — it generates and stores the private key inside your device’s Secure Enclave where it cannot be extracted. Link this signer to your Cloud Wallet vault by scanning a QR code. When you want to send XCH, you initiate the transaction in Cloud Wallet and approve it on your dedicated Signer device.⁶

The key principle for cold storage is device separation. Your Cloud Wallet runs on your primary computer or phone, but your Signer runs on a dedicated device kept offline except when signing.⁶ You get the benefits of multi-device security without managing hardware wallets or fully air-gapped computers. Full m-of-n multisig vault support is available through the Cloud Wallet Prosumer Tier.⁸

Basic Cold Storage: The Foundation You Need First

Before diving into complex multisig, get the basic cold storage setup right.³ This is appropriate for smaller amounts or as one component of a larger security strategy, and it’s the right starting point for new Chia farmers.

Creating a Cold Single-Key Wallet

Boot a clean operating system on a computer with no network connection — a USB drive running Ubuntu Live works perfectly.¹⁰ Install the Chia blockchain client, generate a new key, and immediately write down your 24-word mnemonic phrase on paper.³ Get the first wallet address from this key. Shut down the computer (wipe it for extra security) and store the mnemonic in a safe physical location like a home safe or bank safety deposit box.

From your online farming or hot wallet, send XCH to this cold storage address. The cold wallet never comes online until you need to spend from it.³ Your private key stays safe on paper, never exposed to malware or network attacks. Just understand the limitation: if you lose that paper, or someone gets hold of it, all funds are gone. That’s why multisig is the next step for meaningful holdings.

Operational Security for Cold Wallets

Store your mnemonic in multiple locations but never all in the same place.¹⁰ One copy at home, one at your parents’ house, one in a bank safety deposit box. Use metal backup plates instead of paper if you’re concerned about fire or water damage. Never take photos of your mnemonic — cameras and phones can be compromised. Write it by hand only.

When you do need to import a cold key to make a transaction, do it on a clean machine, make the transaction, send remaining funds to a newly generated cold address, and then delete the imported key. This prevents the previously cold key from becoming a “warm” key with a history of internet exposure.

Real-World Implementation: How Chia Protects Its Prefarm

The best proof that Chia’s multisig cold storage works is looking at how the company itself uses it. Chia Network holds its 21 million XCH prefarm in custody wallets split across four locations — two in North America and two in Europe.¹ Each location has both cold wallets (holding 7/8 of the XCH) and warm wallets (holding 1/8 for operational needs).¹

The cold wallet setup uses 3-of-5 multisig, meaning 5 keys exist but any 3 must sign before funds move.¹ But there’s more layered on top: before any withdrawal can even begin, at least 30 days must have elapsed since the last action. Once three keys sign, the withdrawal amount locks in a “drop coin” for a further 90 days, during which it can be clawed back.¹ Only after this 90-day period can the withdrawal complete to the address specified in the original transaction — an address that cannot be modified after the fact.

This multi-layered security gives Chia Network time to respond to any attack. If an attacker somehow obtained 4 out of 5 cold wallet keys, the team could claw back any attempted withdrawal, increase the lock level to require all 5 keys, and then rekey the entire system.¹ The attacker’s stolen keys become worthless. No funds lost.

Applying Prefarm Security Principles to Your Holdings

You probably don’t need 90-day waiting periods — but the principles apply directly. A 2-of-3 setup with a 7-day timelock gives you a week to notice something wrong. Keys distributed across your home safe, your office, and a family member’s house mean an attacker needs to reach three separate locations. Even a 24-hour clawback window on large transactions gives you a meaningful window to cancel unauthorized activity.⁷

Geographic Distribution: Where to Store Your Keys

Multisig only works if your keys are genuinely separated. Storing three keys in the same house defeats the purpose — a burglar or a house fire takes all of them at once. Here’s how to think about key distribution for different security levels.

2-of-3 Key Distribution for Individuals

Key 1 lives at your home in a fireproof safe — your primary access key. Key 2 goes in a bank safety deposit box or with a trusted family member in another city — your backup access key. Key 3 goes to another trusted location such as a friend’s house, a work office safe, or a second bank — your recovery key if you lose one of the first two.

With this setup, you and one trusted person can move funds. Losing your home key still lets you combine the bank key with the third key. Someone stealing your home key can’t do anything without accessing one of the other two locations.

3-of-5 Key Distribution for Businesses

This is what serious mining operations and XCH treasury holders should consider. Five keys distributed across: two at your main office held by different executives, one at your accountant’s office, one in a bank safety deposit box, and one with a trusted board member or investor. Requiring 3 signatures means no single person can move funds, but the business isn’t paralyzed if one person is unavailable.

The Technical Edge: Why BLS Signatures Matter for Cold Multisig

Understanding the technical foundation helps explain why Chia’s multisig is uniquely practical for cold storage. BLS signatures have a special property: multiple signatures can be combined into a single signature the same size as one signature.^5,12 This is called non-interactive aggregation, and it sets Chia apart from other blockchains.

In Bitcoin’s multisig, each signature must be included separately in the transaction — a 3-of-5 multisig includes three full signatures, making the transaction larger. In Chia, those three signatures aggregate into one.¹² The blockchain validates one compact signature that proves three different keys authorized the spend. Transactions are smaller, verification is faster, and fees are lower.

Non-Interactive vs Interactive Multisig

Interactive multisig — like Bitcoin’s MuSig2 Schnorr scheme — requires all signers to communicate back and forth in at least one round per message.⁵ You can’t just collect signatures at different times and combine them later. For cold storage with offline, air-gapped devices, this coordination requirement is a real operational headache.

Chia’s BLS is non-interactive. Each offline device can sign independently whenever convenient.^12,13 You collect signatures via USB drive or QR code, combine them on your online machine, and broadcast. The offline devices never need to communicate with each other or coordinate in real time. This makes Chia multisig cold storage genuinely practical rather than just theoretically possible.

Common Mistakes and How to Avoid Them

Mistake 1: Not Testing the Recovery Process

Sending all your XCH to a cold address without ever practicing the spending process is a recipe for disaster. What if you misconfigured the multisig? What if you wrote the mnemonic down incorrectly? Test with a small amount first. Practice the full signing and spending workflow. Only commit serious holdings once you’ve confirmed everything works end to end.

Mistake 2: Keeping Digital Copies of Mnemonics

Many people write their mnemonic on paper and then take a photo “just in case.” That photo is now in cloud backup, potentially on multiple devices, and may be processed by AI photo systems.¹⁰ Never digitize your cold storage mnemonics. Paper or metal only. The physical world is the security layer, not a backup to a digital one.

Mistake 3: Not Securing Your Public Keys

Public keys are not as sensitive as private keys, but they’re not public information either. An attacker who knows your wallet addresses can monitor your balance and target you specifically.⁸ Use unique addresses for cold storage, don’t reuse them across contexts, and don’t broadcast your holdings publicly.

Mistake 4: Underinvesting in Physical Security

A mnemonic written on paper in a desk drawer is barely warm storage. Invest in a real fireproof safe. Consider metal backup plates that survive fire and water damage. Think about natural disasters, not just theft. Cold storage needs to survive floods, fires, and earthquakes — not just burglars.

Choosing Your Security Model: A Decision Framework

For Holdings Under 1,000 XCH

Basic cold single-key storage is probably sufficient.³ Generate a key offline, store the mnemonic in two physical locations, and send your XCH there. Practice importing and spending once with a test amount. The risk of losing both copies is low, and the value likely doesn’t justify complex multisig overhead at this level.

For Holdings 1,000–10,000 XCH

This is where multisig becomes clearly worthwhile. Either a 2-of-3 Custody Tool setup or the Chia Signer with Cloud Wallet vaults.^2,6 The added complexity is justified because you’re protecting significant value and eliminating single points of failure. Three key locations with a 2-of-3 threshold gives you both security and redundancy.

For Holdings Over 10,000 XCH

Full Custody Tool implementation with 3-of-5 multisig, time delays, and clawback features.^2,7 This is institutional-grade security. Consider hardware security modules (HSMs) for key storage.¹¹ Involve legal counsel to document your key distribution and ensure your estate can access funds if something happens to you. This level of holdings justifies the full enterprise custody approach.

Future of Chia Multisig: What’s Coming

The Chia multisig landscape is evolving quickly. The Cloud Wallet Prosumer Tier is bringing full multisig vault support, making m-of-n signatures accessible through a user-friendly interface.⁸ The Chia Signer app is expanding to Android, bringing hardware wallet-grade security to more users.⁶ And the underlying Chialisp layer continues to enable new custody patterns that weren’t previously possible on any blockchain.

The trend is toward easier multisig without sacrificing security. Soon you’ll be able to configure 2-of-3 protection through a point-and-click interface while maintaining full self-custody. The Custody Tool remains the choice for those who need maximum flexibility and institutional-grade configurability, but everyday holders will increasingly access strong multisig through the Cloud Wallet. You can learn more about how Chialisp smart contracts make these patterns possible in our Chialisp smart contracts overview.

Conclusion: Your Next Steps to Secure XCH Storage

You now understand why multisig cold storage is the gold standard for protecting significant XCH holdings. Single-key solutions create unacceptable risk for anyone holding serious value. The combination of offline keys, multiple signature requirements, and geographic distribution eliminates single points of failure while remaining practical to use in the real world.

Start by assessing your current holdings and choosing the right security model. Under 1,000 XCH, implement basic cold storage correctly. Over that threshold, plan your multisig upgrade. The Custody Tool gives you maximum security and flexibility. The Chia Signer offers user-friendly phone-based signing with Secure Enclave protection. Both are dramatically more secure than single-key wallets. And if you’re interested in how Chia’s enterprise custody architecture compares to other blockchains, our guide on Chia’s block reward and network evolution provides helpful broader context.

Take action today: If you’re not using cold storage at all, generate an offline key this week and move your farming rewards there. If you’re using basic cold storage but hold over 1,000 XCH, plan your multisig upgrade. Read the official Custody Tool documentation, test the Chia Signer app, and design your key distribution strategy. The tools exist — you just need to use them.

Chia Multisig Cold Storage FAQs

What is chia multisig cold storage and why do I need it?

Chia multisig cold storage combines offline key generation with multi-signature requirements where m out of n keys must authorize transactions — for example, 2-of-3 or 3-of-5.^2,7 You need it because single-key storage creates one point of failure: if one key is lost or stolen, your entire XCH balance is gone. Multisig eliminates that by requiring multiple keys to move funds, so losing or compromising one key alone doesn’t result in loss.

How does chia multisig cold storage differ from Bitcoin multisig?

Chia uses BLS signatures that enable non-interactive signature aggregation — meaning signatures from multiple offline devices can be collected independently and combined later without real-time coordination.^5,12 Bitcoin’s MuSig2 Schnorr multisig requires at least one round of back-and-forth communication between signers per message. This makes Chia’s approach far more practical for genuinely cold, air-gapped setups where devices are never connected to the internet.

Can I use chia multisig cold storage with the Chia Signer app?

Yes — the Chia Signer app works with Chia Cloud Wallet vaults, which provide two-key security with a separate BLS recovery key.^6,8 The app stores your signing key inside your iPhone’s Secure Enclave. Full m-of-n multisig vault support — allowing you to combine multiple Signer devices or signing methods — is available through the Cloud Wallet Prosumer Tier.

What happens if I lose one key in my multisig cold storage setup?

In a properly configured multisig setup such as 2-of-3, losing one key is not a catastrophe.⁷ You still have two remaining keys that can sign transactions together. You should immediately perform a rekey operation to replace the lost key with a newly generated one, restoring full redundancy.¹ This built-in resilience is the core advantage multisig holds over single-key storage.

How secure is the Chia Custody Tool compared to hardware wallets?

The Chia Custody Tool provides protection that goes beyond traditional hardware wallets because it implements protocol-level multisig, time delays, and clawback features directly on the blockchain.^1,2 Chia Network uses this exact system to protect its 21 million XCH prefarm with 3-of-5 multisig and 90-day clawback periods. Hardware wallets typically secure only a single key, while the Custody Tool eliminates single points of failure entirely through configurable m-of-n signing requirements.

Chia Multisig Cold Storage Citations

1. Chia Network. (2022, October 29). A New Home for the Prefarm. Chia Network Blog.
2. Chia Network Documentation. Custody Tool | Chia Documentation.
3. Chia Network Documentation. Key Management | Chia Documentation.
4. England, J. Chia Network. (2025, November 4). Chia Signer, Multi‑Signature Custody, and Real‑World Safety: Part 3. Chia Network Blog.
5. England, J. Chia Network. (2025, November 25). Crypto Signatures and Why Chia Chose BLS. Chia Network Blog.
6. Chia Network Documentation. Getting Started | Chia Signer Documentation.
7. Chia Network Documentation. Custody Tool Description | Chia Documentation.
8. Chia Network Documentation. FAQ | Chia Cloud Wallet Documentation.
9. England, J. Chia Network. (2025, October 7). Chia Signer, Multi‑Signature Custody, and Real‑World Safety: Part 1. Chia Network Blog.
10. Chia Network. (2021, May 28). Securing Your Chia — How to Be a Hard Target. Chia Network Blog.
11. GitHub — Chia Network. Custody Tool User Guide.
12. GitHub — Chia Network. BLS Signatures in C++.
13. GitHub — Chia Network. Offline Signing Demo.