Protocols Overview
Self-custody remains a cornerstone of Bitcoin’s ethos: Not your keys, not your coins. But the path to securely holding your own Bitcoin varies widely depending on your goals, level of technical expertise, and trust assumptions.
In this guide, we explore and compare three prominent Bitcoin cold storage and multisig protocols:
Each of these protocols presents a unique approach to balancing security, usability, and long-term resilience, reflecting the diverse needs of Bitcoin users—from institutions to everyday hodlers.
This breakdown isn’t just a checklist; it’s an experience-focused walkthrough of how each protocol works in real-life scenarios, emphasizing not just the what, but also the why and how.
| Feature | Glacier | Cerberus | BTC Guide |
|---|---|---|---|
| Primary Focus | Maximum security for high-value storage | Balanced security and usability | Modern hardware wallet integration |
| Creation Date | 2017 (Original version) | 2021 | 2020 |
| Multisig Configuration | 2-of-4 (original) | 2-of-3 | Flexible (typically 2-of-3) |
| Key Storage Method | Paper wallets with QR codes | Hardware wallets + offline backups | Hardware wallets + seed phrases |
| Air-gapped Approach | Quarantined computers + USB transfer | Hardware security modules | Hardware wallets as HSMs |
| Complexity Level | High | Medium | Low to Medium |
| Primary Audience | Institutional/high-net-worth users | Technical Bitcoin users | Mainstream Bitcoin users |
| Documentation Style | Detailed procedural document | Technical implementation guide | Tutorial-style guide |
| Transaction Creation | Offline signing with QR codes | Hardware wallet signing | Hardware wallet signing |
Detailed Protocols Steps
Let’s break down each protocol across all the phases involved in a complete Bitcoin custody lifecycle, from setup to maintenance. For each step, we identify similarities, differences, and key observations.
1. Preparation Phase
Goal: Set up a secure environment before generating keys.
| Step | Glacier | Cerberus | BTC Guide | Notes |
|---|---|---|---|---|
| Acquire Hardware | ✓ | ✓ | ✓ | Common to all |
| Verify Hardware Integrity | ✓ | ✓ | ✓ | Common to all |
| Create Bootable USB Drives | ✓ (Tails OS) | ✓ (Ubuntu) | ✓ (Tails OS) | Common to all but OS differs |
| Set Up Air-gapped Environment | ✓ (Two quarantined laptops) | ✓ (Air-gapped workstation) | ✓ (Hardware wallet approach) | Different implementations |
| Disable Networking | ✓ (Physical network removal) | ✓ (Boot without networking) | ✓ (Use of airplane mode) | Different severity levels |
| Verify Software Authenticity | ✓ (Extensive verification) | ✓ (PGP verification) | ✓ (Basic verification) | Different verification rigor |
2. Key Generation Phase
Goal: Securely create the keys that will control your Bitcoin.
| Step | Glacier | Cerberus | BTC Guide | Notes |
|---|---|---|---|---|
| Generate Entropy | ✓ (Dice + coinflips) | ✓ (Hardware RNG) | ✓ (Hardware wallet) | Different entropy sources |
| Create Private Keys | ✓ (Software-generated) | ✓ (Hardware wallet) | ✓ (Hardware wallet) | Glacier unique in software generation |
| Verify Key Generation | ✓ (Mathematical verification) | ✓ (Test signatures) | ✓ (Basic testing) | Different verification methods |
| Create Seed Phrases | ✗ (Uses raw private keys) | ✓ (BIP39 seeds) | ✓ (BIP39 seeds) | Glacier unique in not using BIP39 |
3. Backup Creation Phase
Goal: Protect the keys through redundancy without introducing risk.
| Step | Glacier | Cerberus | BTC Guide | Notes |
|---|---|---|---|---|
| Paper Backups | ✓ (Primary method) | ✓ (Secondary method) | ✓ (For seed phrases) | Different importance |
| Metal Backups | ✓ (Recommended) | ✓ (Primary method) | ✓ (Recommended) | Common to all |
| Digital Encrypted Backups | ✗ (Avoids digital storage) | ✓ (For public keys) | ✓ (For public keys) | Glacier unique in avoiding digital |
| QR Code Generation | ✓ (For private keys) | ✓ (For public keys) | ✓ (For addresses) | Different information encoded |
| Seed Phrase Recording | ✗ (Not used) | ✓ (Required) | ✓ (Required) | Glacier unique in not using seeds |
| Passphrase Management | ✓ (For keypair encryption) | ✓ (For BIP39) | ✓ (For BIP39) | Different implementation |
4. Multisig Wallet Creation Phase
Goal: Combine individual keys into a single multisig wallet for secure spending.
| Step | Glacier | Cerberus | BTC Guide | Notes |
|---|---|---|---|---|
| Create Multisig Script | ✓ (Manual script creation) | ✓ (Software assisted) | ✓ (Wallet software) | Different levels of abstraction |
| Verify Multisig Address | ✓ (Mathematical verification) | ✓ (Multiple device checks) | ✓ (Software verification) | Different verification methods |
| Test Small Transaction | ✓ | ✓ | ✓ | Common to all |
| Document Wallet Details | ✓ (Detailed documentation) | ✓ (Technical details) | ✓ (Configuration backup) | Different documentation focus |
5. Backup Security Phase
Goal: Physically and procedurally secure your key backups over time.
| Step | Glacier | Cerberus | BTC Guide | Notes |
|---|---|---|---|---|
| Geographic Distribution | ✓ (Multiple locations) | ✓ (Multiple locations) | ✓ (Multiple locations) | Common to all |
| Tamper-Evident Storage | ✓ (Tamper-evident bags) | ✓ (Tamper-evident seals) | ✓ (Basic recommendations) | Different implementation rigor |
| Inheritance Planning | ✓ (Detailed procedures) | ✓ (Basic guidance) | ✓ (Basic guidance) | Glacier unique in detailed inheritance |
| Access Controls | ✓ (Safe deposit boxes) | ✓ (Personal safes) | ✓ (Basic recommendations) | Different implementation suggestions |
6. Transaction Execution Phase
Goal: Safely sign and broadcast a transaction using multisig.
| Step | Glacier | Cerberus | BTC Guide | Notes |
|---|---|---|---|---|
| Prepare Transaction | ✓ (Watch-only wallet) | ✓ (Wallet software) | ✓ (Wallet software) | Different software approaches |
| Air-gapped Signing | ✓ (QR code transfer) | ✓ (Hardware wallet) | ✓ (Hardware wallet) | Glacier unique in QR approach |
| Multi-person Verification | ✓ (Required) | ✓ (Recommended) | ✓ (Optional) | Different emphasis |
| Transaction Broadcasting | ✓ (From quarantine PC) | ✓ (From online device) | ✓ (From online device) | Similar approach |
| Transaction Confirmation | ✓ (Multiple verification) | ✓ (Block explorer) | ✓ (Block explorer) | Different verification rigor |
7. Maintenance Phase
Goal: Regularly test, audit, and future-proof your setup.
| Step | Glacier | Cerberus | BTC Guide | Notes |
|---|---|---|---|---|
| Regular Security Audits | ✓ (Comprehensive) | ✓ (Recommended) | ✓ (Basic guidance) | Different levels of detail |
| Protocol Updates | ✓ (Version tracking) | ✓ (Ongoing development) | ✓ (Community updates) | Different update approaches |
| Key Rotation Policy | ✓ (Detailed procedures) | ✓ (Basic guidance) | ✓ (Optional) | Different emphasis |
| Test Recovery Procedures | ✓ (Regular testing) | ✓ (Recommended) | ✓ (Basic guidance) | Different testing frequency |
Key Philosophical Differences
- Security vs. Usability Balance:
[G]Maximum security, even at usability cost[C]High security with acceptable usability[B]Balances security with mainstream usability
- Trust Assumptions:
[G]Minimal trust in hardware and software[C]Trusts hardware security modules[B]Trusts hardware wallet vendors
- Technical Knowledge Required:
[G]Highest technical requirements[C]Moderate technical knowledge[B]Designed for mainstream users
- Approach to Future-proofing:
[G]Comprehensive documentation[C]Technical robustness[B]Community maintenance
Protocol-Specific Unique Features
Either the multisig process could seem the same, each protocol adopts some key differences that enable each one of them to differentiate. Listed below the list of unique features we have identified for each protocol.
Glacier Protocol Unique Features
- Mathematical Verification Steps: Extensive checks using cryptographic math
- Cold Storage Calculator: Tool to calculate appropriate security level based on funds
- Adversary Resistance: Specific countermeasures for various attack vectors
- Raw Private Keys: Uses raw keys rather than seed phrases
- Parallel Independent Verification: Two people perform critical steps independently
- Eternally Quarantined Hardware: Computers never reconnect to the internet
- Protocol Version Control: Strict versioning of documents and procedures
Cerberus Protocol Unique Features
- Tiered Security Approach: Different security levels based on holdings
- Hardware-first Philosophy: Built around hardware security modules
- Metal Key Storage: Emphasis on physical durability
- Technical Implementation Focus: More technical details, less prescriptive
- Integration with Modern Tools: Works with current Bitcoin ecosystem
- Supply Chain Security: Specific measures for hardware procurement
- Social Recovery Options: Provisions for assisted recovery
BTC Guide Unique Features
- Accessibility Focus: Written for mainstream Bitcoin users
- Step-by-step Tutorials: Visual guides for each step
- Software Recommendations: Specific software guidance
- Progressive Security Model: Start simple and add security incrementally
- Community Maintenance: Continuously updated by the community
- Compatibility Emphasis: Ensures tools work together correctly
- Mobile Verification Options: Includes options for mobile device verification
Common Elements Across All Protocols
Despite their unique features, all three protocols share some essential DNA:
- Multisignature Approach: All use multiple keys for security
- Air-gapped Operations: All employ some form of network isolation
- Test Transactions: All verify wallet operation with small amounts
- Redundant Backups: All require multiple backups of key material
- Geographic Distribution: All recommend storing backups in multiple locations
- Hardware Security: All emphasize physical security of components
- Verification Procedures: All include steps to verify correct operation
Choosing the right Bitcoin custody protocol is less about picking the best one and more about choosing what fits your reality. Glacier is a fortress for institutions; Cerberus is a flexible toolkit for serious Bitcoiners; BTC Guide is a ramp for everyday users stepping into self-custody with confidence.
Each path demands intentionality. And that’s what this comparison is about, not just information, but interaction with the systems, choices, and values behind Bitcoin custody.