Security
Refers both to Bitcoin's protocol robustness (PoW, node consensus) and end-user key protection (wallet safety).
"Security" in Bitcoin has two distinct meanings that often get conflated:
Protocol security. The Bitcoin network's resistance to attack. This rests on proof-of-work, a globally distributed mining industry, every full node independently enforcing consensus rules, and a sixteen-year track record. The network has never had a successful 51% attack on its mainnet, never had a double-spend that overturned confirmed transactions, never been censored or shut down. The cryptographic primitives (SHA-256, secp256k1) remain unbroken. The protocol is the most-attacked cryptographic system in the world; it has held.
Operational security ("opsec"). Your personal security as a Bitcoin user. This is where the failures actually happen:
- Seed phrase leaks. Photographed, written next to a computer that got hacked, stored in a cloud drive, shared with someone trusted who became untrusted.
- Weak entropy. A key generated with predictable randomness. Has happened many times; people have lost millions to it.
- Phishing and social engineering. Fake support staff, fake wallet apps, fake "wallet upgrade required" emails. The dominant way ordinary users lose Bitcoin.
- Custodial failure. Exchange insolvency, hacks, freezes. Real losses, real customers, real bankruptcies.
- Compromised hardware. Supply-chain attacks on hardware wallets, malicious firmware updates, side-channel attacks.
- Inheritance gaps. Dying without a usable inheritance plan is a permanent loss event.
Protocol security is what Bitcoin gives you. Operational security is what you have to give yourself. The defenses (hardware wallets, multisig, air-gapped setups, careful seed management, avoiding custodial honeypots, KYC-minimization) are well-known. The discipline of applying them isn't automatic.
A reasonable framing: Bitcoin's protocol layer is secure to a degree that's unusual in computing. Your wallet is secure to whatever degree you make it. Don't confuse the two.
Key takeaways
- Protocol security hinges on PoW, difficulty retarget, and full node validation
- User-level security focuses on private key custody and safe wallets
- Combining both fosters a resilient, trust-minimized currency system
Related terms (28)
- Address Reuse
- Air-gapped
- Bitcoin Inheritance Planning
- Bitcoin Vault
- Counterparty Risk
- CPU Mining
- Eavesdropping Attack
- Eclipse Attack
- Fungibility
- Green Address
- Hardware Seed Vault
- Hardware Security Module (HSM)
- Hardware Wallet
- Inheritance Seed Backup
- Key Rotation
- Key Split
- Key Wiping
- KYC (Know Your Customer)
- Merchant Adoption
- Oracle-based Betting
- Proof of Keys
- Seed Entropy Mixer
- Seed Phrase
- Seed Tool
- Stealth Address
- Submarine Swap
- Wallet
- Watch-Only Wallet