Chia has brought many new users into the world of cryptocurrency, due in large part to the ease of ‘farming’ (the Chia equivalent of mining). Farming is a service where users contribute to the network security and coins are distributed to these users in exchange for their contributions.

As Chia is distributed and traded to members of the community, it needs to be stored securely. Luckily, best practices for storage of Chia can easily be adapted from the Bitcoin community.

At the time of writing this post, there are no hardware wallets that support Chia. Even if there were, many users may opt to keep their coins safe by using cold storage instead of a hardware wallet.

Mnemonic generation

Your 24-word mnemonic is used to generate your private key, and the private key allows you to spend UTXOs from an associated public address. A tried and true method of keeping your cryptocurrency secure is by generating a new mnemonic and private key on an offline computer, ideally one with no storage connected, no wifi card, and booting from a USB using Tails.

For Chia, a step-by-step guide is:

  1. On an internet connected device, download the official Chia software from chia.net
  2. Verify the integrity of the file by comparing the SHA256 checksum of the downloaded file to the checksum published by the Chia team
  3. Copy the installer onto a USB drive
  4. Boot into your computing device with no ethernet or wifi connected and bluetooth disabled
  5. Double check the SHA256 checksum to ensure that the file wasn’t altered when being copied to the USB drive
  6. Install the verified Chia software from the attached USB drive
  7. Open the Chia GUI or CLI and generate a new private key/seed words
  8. Write down the 24-word mnemonic using a pen and paper, never copying/pasting or typing it into any computer or phone
  9. Copy the receive address from the Chia software and paste it into a text file which is saved to the attached USB flash drive
  10. Delete the keys from your device (if using a computer which has a storage device)
  11. Shut down the computer

At this point, you can safely send funds to the receive address that you saved to your USB drive. Even if your computer is compromised with malware, your private key has never been stored locally and there is very little risk of losing your funds.

While watch-only wallets are not currently available for Chia, you can monitor the balance at this address on your node or a Chia blockchain explorer.

Later, when you are ready to spend or move your XCH, you can import from your mnemonic and transfer the funds to any recipients from an internet connected device (ideally from your own synced node).

Your 24-word mnemonic is the only way for you, or anyone else, to generate the private key needed to send the XCH from this address. Storing the hand-written seed somewhere secure is an option that works, but comes with some risks. Namely, there is risk of natural disaster (earthquake, flood, fire, etc.), theft, or loss.

Mitigation against natural disaster

In order to mitigate against the risk of natural disaster, we can record our seed on metal. Many companies sell products that are created specifically for this purpose, but I strongly prefer the DIY solution documented at safu.ninja and reviewed by Jameson Lopp.

The DIY solution is cheaper, easy to use, and requires only a few items that can be found at your local hardware store. I use the blockmit washer jig, with a bit of electrical tape at the bottom, to keep the washer from moving during stamping.

00 All of the required materials (featuring 1/8” hardened steel punches)

01 The final result

Mitigation against theft or loss

While this is a step above paper and pen, it does not protect you against theft or loss of your washers that contain the seed words. For additional protection, I recommend setting up an M of N recovery mechanism using sharding.

For a 2-of-3 solution, you can divide the words such that you or anyone else needs 2 out of the 3 sets of washers to build the 24-word mnemonic.

One easy way to divide your mnemonic for a 2-of-3 solution is:

  • Set 1: words 1-16
  • Set 2: words 9-24
  • Set 3: words 1-8, 17-24

If the three sets of washers are kept in distinct locations, your risk of losing the funds are greatly reduced. Someone would need to steal 2 of the 3 sets of washers, or you would need to lose 2 of the 3 sets of washers, to lose access to your funds.

Some people store one set of washers at home, another in a safety deposit box, and another in a separate location. The more geographically distributed the pieces of your mnemonic, the better. This means that even if the bank were to access your safety deposit box, they would not be able to spend your XCH unless they also have a second set of washers.

The trade-off that you are making for security is one of convenience and risk of error. The more sets of words that you need to create, the more likely that you are to make a mistake. Similarly, the more sets of words that you create and the more places that you store them, the more difficult it will be to recover your funds.

If you need to piece together multiple sets of words from different banks in different states or countries, for example, it will be costly and time intensive to recover your funds.

Closing note

You should balance your personal security needs against the amount of funds that you are securing and your own financial situation. As an additional note on security, it is good practice to never reveal your holdings or the amount to anyone else, especially online, as this makes you a target.