cold wallet
A cold wallet stores Bitcoin private keys on a device or medium kept entirely offline, away from internet-connected threats. Hardware wallets and paper wallets are the most common forms of cold storage.
A cold wallet is any wallet that stores private keys on a medium not connected to the internet. Because a private key never needs to interact with the internet to receive Bitcoin — only to sign and broadcast transactions — keeping it offline eliminates the largest category of attack vectors: remote hacking, malware, and phishing. The most common cold wallet form today is the hardware wallet, a dedicated physical device designed to generate and store keys without ever exposing them to a connected computer in plaintext.
The security model of cold storage rests on a simple principle: a key that cannot be reached over a network cannot be stolen over a network. An attacker would need physical access to the device or the seed phrase backup to compromise a cold wallet. This is why physical security becomes critical alongside digital security when using cold storage. The seed phrase, typically a list of 12 or 24 words generated at setup, is the master backup that can recover the wallet if the hardware is lost or damaged. It must be stored offline and protected from physical theft or destruction.
Cold wallets are contrasted with hot wallets, which maintain internet connectivity and offer greater convenience for frequent transactions. For large amounts of Bitcoin that are not regularly spent, cold storage is widely considered the most secure self-custody option. Exchange accounts do not qualify as cold storage, because the private keys are held by the exchange, not the user. This distinction is the basis of the principle: not your keys, not your coins.