A few weeks ago, we announced investment from Mantis VC, the venture arm of The Chainsmokers, to make self-custody the norm for consumers everywhere.

This week, we’re excited to announce the Casa Wallet.

It’s a secure, private, and easy self-custody wallet that’s great for first-time bitcoiners (and longtime bitcoiners!). The Casa Wallet is a key part of our mission in 2020 to offer the perfect personal security system for every level of bitcoiner.

Overview

  • Secure, private wallet from Casa - built inside the same Casa App powering Casa memberships
  • Free to download on iOS and Android
  • Great for beginners looking for a simple wallet where they fully control their bitcoin

How it’s different from other wallets

  • Seedless Setup - The Casa Wallet is seedless by default. If we want self-sovereignty to be user-friendly, we shouldn't require users to manage securing and manually backing up critical data like seed phrases. How does this work while still keeping user funds safe? More info in the Seedless Setup section below.
  • Key Health - We’ve built the Casa Wallet so new bitcoiners learn key management best practices from day one as they begin saving with bitcoin.
  • Casa Security - Casa Wallet is a new free experience built on the battle-tested technology that’s powered Casa’s multi-signature memberships for over 2 years.
  • Built for Privacy - As always with Casa, no personal info is needed to sign up apart from an email and first name (or alias). There’s no location tracking, no data trafficking, and no invasive third-party analytics.

Motivation

The genesis of the Casa Wallet goes all the way back to 2018, when our premium clients began asking us for a wallet they’d feel comfortable recommending to their family and friends.

We realized there wasn’t an option on the market as easy as a custodial wallet, but which stayed true to the bitcoin values of giving you full control and sovereignty over your money. So we decided to build one right inside our Casa App.

While Casa memberships are custom-built for long time HODLing - with bespoke service and multi-location security engineered to keep your coins safe no matter what - Casa Wallet is perfect for securing smaller amounts of BTC, and it’s a great way to introduce anyone to being their own bank with bitcoin.

Seedless Setup

Most self-custody wallets kick off their setup process with the onerous request that users write down a mnemonic seed phrase and ‘keep it safe.’ But then what?

In our research, we’ve learned that most users simply lack the knowledge and time to properly secure seed phrases - leaving their coins exposed to loss or theft - and many users don’t even fully understand seed backups to begin with. This makes seed phrases a highly-vulnerable single point of failure, not to mention a terrible user experience. We’ve written a full post about why Casa uses a seedless security model.

The Casa Wallet is designed so users don’t need to worry about managing an unencrypted seed, but can still retrieve their seed phrase in a worst case scenario.

Here’s how it works -

  1. Users set up their wallet without needing to write down a seed phrase.
  2. The key is created and stored on their phone, and an encrypted backup is then split across Casa and the OS-specific cloud provider (Apple/Google). Neither Casa nor Apple/Google can access the decrypted key. (Full details here)
  3. This means only the user can retrieve the backup using two factors: their iCloud/Google credentials and their Casa credentials. In an emergency, users can export their seed phrase from the Casa app - even if they’re offline - and safely recover their coins with open source software using our recovery guide.

NOTE: to open the Casa Wallet or send bitcoin, a second factor is always required (typically fingerprint, Face ID, or PIN). And to export the recovery seed, you’ll also need to re-enter your password.

Key Health

Casa Wallet provides users with active updates on the health of the private key inside their wallets, plus timely prompts to keep their security intact.

Key Health is important to maintain for anyone managing their own keys, and Casa is the first wallet to give users deliberate and intuitive ways to check on their private keys.

A few of the states your private key can cycle through: 'Health Check Needed' (it's been over 6 months since you checked the status of your key); 'Secure' (your key is in good health); 'Not Backed up' (you still need to complete the encrypted backup process).

Private keys can become corrupted or lost over time, so regular checkups are needed.

By design, Casa never has access to our customers’ keys, which is why we make it possible for users to perform a local check that their keys are safe. We call these Health Checks, and the Casa Wallet sends users reminders to perform them on a regular basis (no transaction required).

A Health Check in action.

Onward

Ready to give Casa Wallet a try? Or have a family member or friend who’s just beginning their bitcoin journey?

Casa Wallet is live on iOS and Android.

Over the months ahead, we’ll be adding more features + more security tips. Stay tuned!


Stay safe out there

Want a weekly briefing on bitcoin security + privacy news delivered straight to your inbox? Join the Casa Security Briefing below.


FAQs

What’s the difference between the Casa Wallet and Casa membership?

Think of Casa Wallet like your favorite payment app, built inside the same Casa App powering Casa memberships. It’s great for securing smaller amounts of BTC, but not designed for your long-term HODL stash.

Casa memberships are built for lifetime bitcoiners, engineered to keep your coins safe no matter what. Gold, Platinum, and Diamond memberships are all built on Casa’s multi-signature, multi-device, and multi-location security model, and there’s no upper limit to how many coins you can secure. Each tier includes greater sovereignty and resilience for your wealth, plus bespoke and customized service to help you maintain your edge. You can learn more Casa memberships here.

How much bitcoin can users store on Casa Wallet?

This is 100% the user’s call. That said, here at Team Casa we are multi-signature maximalists, and we don’t like storing more than $1,000 - $5,000 on ANY single key wallet. If you're looking to protect more than this, we’d recommend getting started with a Casa membership right off the bat (Casa Gold is now free to try for 30 days, all you need is a hardware wallet).

How can I better understand how the private key is secured?

The Casa Wallet is built on top of the Casa Mobile Key and leverages the same technical design for generating and encrypting the private key via your phone’s secure enclave. You can read more here.

Why did we decide against letting users encrypt their seed phrase with their own password?

We’ve seen some wallets allow users to encrypt their seed phrase backups with their own password and store it on popular cloud storage services. We avoid this because weak user-generated passwords will always be an issue.

What happens after I export my recovery seed?

If you export your recovery seed, you can load it into an open source wallet using our recovery guide to safely access your coins 100% independent of Casa’s software. You should only need to do this in a catastrophic scenario (e.g. Casa’s infrastructure is under attack or unavailable).

Note that once your unencrypted recovery seed has been exposed, we consider it insecure - since that seed phrase is now ‘in the wild’ and someone else could get a hold of it. So as a safety precaution, you’ll be blocked from using it for new transactions through the Casa app going forward. If you’ve exported a recovery seed and still want to use the Casa Wallet, we’ve created a simple guided flow where you can create a new wallet inside your same account and we guide your through a (optional) sweep transaction for you to migrate your coins from your old, compromised wallet to your new secure one.

You’ve successfully subscribed to Casa Blog
Welcome back! You’ve successfully signed in.
Great! You’ve successfully signed up.
Your link has expired
Success! Check your email for magic link to sign-in.