Is my Bitcoin safe with Bottle Pay?
To make the on-boarding process easier for people new to Bitcoin, Bottle Pay is a 'custodial' wallet, which means we look after your Bitcoin for you while it is in our wallets. Please note, your Bitcoin belongs to you, and can be withdrawn to a cold storage wallet (we like Ledger or Cold Card) or any other wallet of your choice at any time.
As with any custodian, we advise you to keep the majority of your Bitcoin offline, and to only keep the necessary amount for your day to day transactions in your Bottle Pay wallet.
Here's a general overview of our security measures:
- The Bottle Pay wallet service is a custodial Lightning wallet, primarily implementing the LNRPC API specification.
- Wallets are identified by an ECC public key. It is impossible to interact with a wallet without the private key.
- The Bottle Pay social payments service acts as a secure key store, associating a private key (and therefore a wallet) with a social identity.
- Bottle Pay services are unable to initiate communications with Lightning nodes, and do not store any connection details for them. In the extremely unlikely event of a critical exploit in the wallet service, "real" bitcoin keys remain un-compromised.
- Lightning (lnd) nodes are isolated from the Bottle Pay wallet service, and initiate connections out to Bottle Pay.
- Lightning nodes are frequently backed up based on a number of triggers. Backup interval can be as little as a few seconds.
Please check our Terms and Conditions for more information on our security procedures and responsibilities.