Self-Sovereignty

The maxim "Don't trust, verify" is the technical foundation of self-sovereignty. Every trust assumption in your setup is a potential point of failure. Understanding and minimizing these assumptions is the goal.

Trust Assumptions in a Typical Setup

Even a self-custodial wallet involves some trust:

• Wallet software — you trust it to generate entropy correctly, derive keys per BIP standards, and not exfiltrate your seed
• Hardware wallet firmware — you trust the secure element and firmware to protect keys and sign correctly
• Operating system — you trust the OS is not compromised by malware
• Network nodes — if using a remote node, you trust it to relay accurate blockchain data
• BIP39 wordlist and specification — you trust the standard is correctly implemented

Reducing Trust

• Open-source software — auditable code reduces (but doesn't eliminate) trust in developers
• Reproducible builds — verify that the binary you download matches the published source code
• Hardware wallet with open firmware — community-auditable hardware reduces trust in the manufacturer
• Running your own node — eliminates trust in third-party network infrastructure
• Multi-vendor setups — using devices from different manufacturers reduces correlated risk

Perfect trustlessness is unachievable — at some point, you trust the laws of mathematics and the silicon in your hardware. The goal is to minimize trust to well-understood, verifiable foundations rather than opaque institutional promises.

Running a full Bitcoin node is the ultimate expression of verification sovereignty. Your node independently validates every transaction and block against the consensus rules — trusting no one else's interpretation of the blockchain state.

What a Full Node Does

• Downloads and validates the entire blockchain from the genesis block (~600 GB as of 2026)
• Independently verifies every transaction — checks signatures, amounts, script conditions, and consensus rules
• Rejects invalid blocks — even if the majority of miners accept them, your node enforces your rules
• Serves as your wallet's backend — your wallet queries your own node instead of a third-party server

Why It Matters for Self-Sovereignty

Without your own node, your wallet relies on someone else's node to tell you your balance, transaction history, and whether a payment has been confirmed. This creates privacy and security risks:

• Privacy leak — a third-party node can log your addresses and correlate them with your IP
• Deception risk — a malicious node could lie about confirmations (though SPV proofs mitigate this partially)
• Censorship — a node operator could refuse to relay your transactions

Practical Setup

A full node can run on modest hardware:

• Hardware — Raspberry Pi 4/5, old laptop, or any computer with 1TB+ storage and 4GB+ RAM
• Software — Bitcoin Core, or node distributions like Umbrel, RaspiBlitz, Start9, or myNode
• Network — initial blockchain sync takes 1-7 days depending on hardware and bandwidth. After sync, bandwidth usage is ~10-20 GB/month.
• Connection to wallet — configure Sparrow, Electrum, or your mobile wallet to connect to your node (often via Tor for privacy)

Privacy is not secrecy — it is the ability to selectively reveal yourself to the world. Without privacy, self-sovereignty is incomplete: if every transaction is traceable to your identity, your financial autonomy can be undermined through surveillance, discrimination, or targeted attacks.

Blockchain Transparency vs. Privacy

Bitcoin's blockchain is a public ledger — every transaction is visible to anyone. Privacy comes not from the protocol itself but from the difficulty of linking addresses to real-world identities:

• Pseudonymity — addresses are pseudonymous, not anonymous. Once an address is linked to an identity (e.g., via KYC at an exchange), the entire transaction history becomes attributable.
• Chain analysis — companies like Chainalysis and Elliptic specialize in tracing Bitcoin flows and de-anonymizing users through heuristics (common input ownership, change detection, timing analysis).
• UTXO management — how you manage your UTXOs significantly impacts your privacy. Merging UTXOs from different sources can link otherwise unrelated activities.

Privacy-Enhancing Practices

• CoinJoin — a collaborative transaction mixing protocol that combines multiple users' inputs and outputs, making it difficult to trace which input paid which output
• PayJoin (P2EP) — a two-party protocol where both sender and receiver contribute inputs, breaking common-input-ownership heuristics
• Coin control — manually selecting which UTXOs to spend in a transaction, avoiding unwanted linkage
• Tor/VPN — routing wallet connections through Tor to prevent IP-based correlation
• Silent Payments (BIP352) — allows receivers to publish a static address while each sender generates a unique on-chain address, eliminating address reuse without interactive communication

True sovereignty requires not only controlling your keys but also understanding where your data flows when you check balances, and ensuring your assets are not concentrated in a single point of failure.

The "All Eggs in One Basket" Mistake

Storing all your crypto assets in a single wallet, protected by a single seed phrase, in a single physical location creates a catastrophic single point of failure. If that one seed is compromised, lost, or destroyed, everything is gone.

Diversification applies to multiple dimensions:

• Multiple wallets — distribute holdings across separate seeds so that compromising one does not expose all assets
• Multiple access schemes — use a combination of single-sig (for smaller, accessible amounts) and multi-sig or passphrase-protected wallets (for larger holdings)
• Multiple backup locations — store seed backups in geographically separated secure locations so that a localized disaster (fire, flood, theft) does not destroy all copies
• Multiple hardware vendors — using devices from different manufacturers avoids correlated firmware vulnerabilities

Blockbook and Third-Party Balance Tracking

Blockbook is an open-source blockchain indexer developed by SatoshiLabs (the company behind Trezor). It serves as the backend infrastructure that allows wallet software to query balances, transaction history, and UTXO data without running a full node locally.

When you use Trezor Suite or other wallets that rely on Blockbook, your requests are routed through Trezor's server infrastructure. This means:

• IP address exposure — Trezor's servers see your IP address and can correlate it with the addresses you query
• Address clustering — the server sees which addresses belong to the same session, allowing it to infer your full wallet balance and transaction patterns
• Timing metadata — the server knows when you check your balance, how often, and from what geographic region
• Third-party trust — you are trusting SatoshiLabs to not log, share, or be compelled to hand over this data

Why "Local" Tracking May Not Be Local

Many wallet applications present themselves as "local" or "desktop" software, giving the impression that your data stays on your machine. In reality, these applications typically need to query an external server to retrieve blockchain data:

• Trezor Suite — connects to Trezor's Blockbook instances to fetch balance and transaction data
• Ledger Live — connects to Ledger's explorer nodes for the same purpose
• Electrum (default config) — connects to random public Electrum servers, each of which sees your queried addresses

The only way to eliminate this trust is to run your own node and configure your wallet to use it exclusively. Solutions like Umbrel, RaspiBlitz, Start9, or myNode make this significantly easier than it was even a few years ago.

Controlling Where and How You Track Your Funds

To maintain sovereignty over your financial data:

• Run your own Bitcoin full node — eliminates reliance on any third-party server for balance and transaction queries
• Use Tor for wallet connections — even with your own node, Tor prevents ISP-level surveillance of your Bitcoin traffic
• Avoid web-based block explorers for checking your own addresses — each lookup links your IP to the addresses you searched
• Use watch-only wallets carefully — if your watch-only wallet connects to a third-party server, that server can see all your addresses
• Separate checking from spending — use a dedicated, privacy-configured setup for monitoring balances, and a separate air-gapped setup for signing transactions

True self-sovereignty extends beyond key management. Each layer of the technology stack where you depend on a third party is a potential point of control, surveillance, or failure.

The Full Sovereignty Stack

• Layer 1 — Keys: Self-custodial keys on hardware you control (hardware wallet, air-gapped device)
• Layer 2 — Verification: Your own full node validates all transactions and blocks independently
• Layer 3 — Network: Tor/VPN for network-level privacy; your node connects to the peer-to-peer network directly
• Layer 4 — Software: Open-source wallet software with reproducible builds, verified against published hashes
• Layer 5 — Hardware: Open-source hardware designs where possible; multi-vendor diversity for signing devices
• Layer 6 — Backup: Metal seed backups in geographically distributed locations, with inheritance documentation
• Layer 7 — Knowledge: Deep understanding of the tools and protocols you use, enabling independent troubleshooting and recovery

Progressive Sovereignty

Not everyone needs or can maintain the full stack. The key insight is that each layer you own reduces your dependence:

• Holding your own keys (Layer 1) is the most impactful single step
• Running your own node (Layer 2) eliminates verification trust
• Using Tor (Layer 3) eliminates network-level surveillance
• Each additional layer provides diminishing but still meaningful sovereignty gains

The tools and protocols for self-sovereignty are evolving rapidly. Several developments are expanding what is possible for sovereign individuals:

Emerging Technologies

• MuSig2 and FROST — threshold signature schemes that make multisig indistinguishable from single-sig on-chain, improving both privacy and cost
• Silent Payments (BIP352) — reusable payment codes that generate unique addresses per sender without requiring interaction
• Fedimint — federated e-cash mints that provide Lightning Network access and privacy within community-operated trust circles
• Nostr + Bitcoin — censorship-resistant communication combined with censorship-resistant money, enabling sovereign identity and payments
• Miniscript — a structured language for Bitcoin scripts that makes complex spending policies (timelocks, multi-sig, inheritance fallbacks) more accessible and verifiable

The Sovereign Individual Thesis

Bitcoin and self-custody tools are creating a paradigm shift: for the first time in history, an individual can hold and transfer significant wealth that is immune to physical seizure (a memorized seed phrase crosses any border), resistant to censorship (no institution can block a properly broadcast transaction), and verifiable without trust (anyone can run a node).

Self-sovereignty is not a destination — it is a continuous practice of maintaining control over your financial life through education, discipline, and the deliberate use of open tools. The technology exists. The choice to use it is yours.