Learn

How do the wealthiest bitcoin holders secure their bitcoin?

Tom Honzik
How do the wealthiest bitcoin holders secure their bitcoin?

If you want to hold a large amount of bitcoin securely, it makes sense to investigate how the wealthiest bitcoin holders handle this task. While wealth doesn’t cause infallibility, these entities have the most to lose from making a mistake. They should be highly motivated to put substantial thought and research into the security of their bitcoin.

Identifying the wealthiest bitcoin holders can be difficult, and asking them to reveal the full details of their security is unlikely to be successful. However, the bitcoin blockchain provides us with some valuable information. The transaction history and balances of all bitcoin addresses is publicly-available knowledge.

What information can we gather?

If an entity (person or group) owns a lot of bitcoin, it’s possible that they keep their bitcoin spread across many different addresses, each with a smaller-sized balance. Those addresses wouldn’t necessarily stand out from the crowd. In some cases, it’s impossible to associate different addresses with the same wallet or owner. In other cases, association between addresses requires blockchain analysis, often relying on advanced techniques and assumptions which are not guaranteed to provide accurate information.

Although it’s challenging to definitively identify the wealthiest entities in terms of bitcoin, and precisely how much bitcoin they own, it’s trivial to identify the wealthiest bitcoin addresses. There are a few websites that track these addresses in real time. The nature of these addresses can provide a lot of clues about how the bitcoin is secured.

For example, if you are familiar with address types, you’ll know that any address that begins with a “1” is a P2PKH address, and therefore must be a singlesig arrangement. Similarly, any address that begins with “bc1q” and has a length of 42 characters is a P2WPKH address, and must also be a singlesig address. Bitcoin held by one of these address types isn't utilizing multisig protection. Using SSS or MPC would be the only way to achieve institutional-grade security, as discussed in our article covering thresholds.

Meanwhile, any address that begins with a “3” is a P2SH address. Any address that begins with “bc1q” and has a length of 62 characters is a P2WSH address. These address types have the possibility of utilizing multisig. However, only after bitcoin has been spent out of these addresses will the custody structure be revealed. Some P2SH addresses are actually singlesig, a structure that was temporarily popular while the Segwit Soft Fork was being initially adopted. Therefore, if one of these address types has never been spent out of, the custody structure is unknown.

Looking at the data

Let’s take a look at the 81 addresses which each hold more than 10,000 bitcoin, as of January 30, 2024. Altogether, these addresses hold more than 2.5 million bitcoin.

Bitcoin Balance Address Custody Structure
248,597 34xp4vRoCGJym3xR7yCVPFHoCNxv4Twseo Singlesig
204,010 bc1qgdjqv0av3q56jvd82tkdjpy7gdp9ut8tlqmgrpmv24sq90ecnvqqjwvw97 3-of-5 Multisig
127,136 bc1ql49ydapnjafl5t2cp9zqpjwe6pdgmxy98859v2 Singlesig
115,177 39884E3j6KZj82FK4vcCrkUvWYL5MQaS3v Unknown
94,643 bc1qazcm763858nkj2dj986etajv6wquslv8uxwczt Singlesig
94,505 37XuVSEpWW4trkfmvWzegTHQt7BdktSKUs Singlesig
79,957* 1FeexV6bAHb8ybZjqQMjJrcCrHGW9sb6uF Singlesig**
73,393 3M219KR5vEneNb47ewrPfWyb5jQ2DjxRP6 Singlesig
69,370 bc1qa5wkgaew2dkv56kfvj49j0av5nml45x9ek9hz6 Singlesig
68,200 3LYJfcfHPXYJreMsASk2jkn69LWEYKzexb Singlesig
66,465 bc1qjasf9z3h7w3jspkhtgatgpyvvzgpa2wwd2lr0eh5tx44reyn2k7sfc27a4 3-of-5 Multisig
59,300 bc1qd4ysezhmypwty5dnw7c8nqy5h5nxg0xqsvaefd0qn5kq32vwnwqqgv4rzr 3-of-5 Multisig
53,880 1LdRcdxfbSnmCYYNdeYpUnztiYzVfBEQeC Singlesig**
51,830 1AC4fMwgY8j9onSbXEWeH6Zan8QGMSdmtA Singlesig
44,000 1LruNZjwamWJXThX2Y8C2d47QqhAkkc5os Singlesig
43,602 1Ay8vMC7R1UbyCCZRVULMV7iQpHSAbguJP Singlesig
41,334 3LCGsSmfr24demGvriN4e3ft8wEcDuHFqh 2-of-2 Multisig
37,932 bc1qs5vdqkusz4v7qac8ynx0vt9jrekwuupx2fl5udp9jql3sr03z3gsr2mf0f 3-of-6 Multisig
37,927 3LQUu4v9z6KNch71j7kbj8GPeAGUo1FW6a Unknown
36,000 bc1q7ydrtdn8z62xhslqyqtyt38mm4e2c4h3mxjkug Singlesig
32,321 12XqeqZRVkBDgmPLVY4ZC6Y4ruUUEug8Fx Singlesig
32,019 3MgEAFWu1HKSnZ5ZsC8qf61ZW18xrP5pgd 2-of-3 Multisig
31,643 bc1qx9t2l3pyny2spqpqlye8svce70nppwtaxwdrp4 Singlesig
31,379 bc1qjh0akslml59uuczddqu0y4p3vj64hg5mc94c40 Singlesig
31,275 3FHNBLobJnbCTFTVakh5TXmEneyf5PT61B Unknown
31,000* 12ib7dApVFvg82TXKycWBNpN8kFyiAN1dr Singlesig**
30,175 bc1qf2yvj48mzkj7uf8lc2a9sa7w983qe256l5c8fs Singlesig
28,151* 12tkqA9xSoowkzoERHMWNKsTey55YEBqkv Singlesig**
26,140 1aXzEKiDJKzkPxTZy9zGc3y1nCDwDPub2 Singlesig**
24,606 19N9sDbJ7MDQcPFSjPNqjNDzyRNbNsQ6Zv Singlesig
24,495 17MWdxfjPYP2PYhdy885QtihfbW181r1rn Singlesig
24,067 38UmuUqPCrFmQo4khkomQwZ4VbY2nZMJ67 2-of-6 Multisig
23,969 19D5J8c59P2bAkWKvxSYw8scD3KUNWoZ1C Singlesig
23,922 3G98jSULfhrES1J9HKfZdDjXx1sTNvHkhN 3-of-8 Multisig
23,789 1m5SViB9XNwsusvnnUqpfL9Q1E5EZxPHs Singlesig
22,514 15cHRgVrGKz7qp2JL2N5mkB2MCFGLcnHxv Singlesig
22,221 bc1qr4dl5wa7kl8yu792dceg9z5knl2gkn220lk7a9 Singlesig
20,544 bc1qm34lsc65zpw79lxes69zkqmk6ee3ewf0j77s3h Singlesig
20,008 17rm2dvb439dZqyMe2d4D6AQJSgg6yeNRn Singlesig
19,852 39gUvGynQ7Re3i15G3J2gp9DEB9LnLFPMN Singlesig
19,679 3EMVdMehEq5SFipQ5UfbsfMsH223sSz9A9 4-of-8 Multisig
19,414* 1PeizMg76Cf96nUQrYg8xuoZWLQozU5zGW Singlesig**
18,500 bc1qkz55x35wlnrkrn5n0nq4wwsme9vszrwavu5qf4 Singlesig
18,320 bc1qlhpkdeaaa345c4dw90hmvm3nn2r32f9jdj2v2p Singlesig
17,969 bc1qtrxc0use4hlm7fl0j6t37z7qlwl5eppj8lywz6 Singlesig
17,945 bc1qhk0ghcywv0mlmcmz408sdaxudxuk9tvng9xx8g Singlesig
17,928 bc1qcdqj2smprre85c78d942wx5tauw5n7uw92r7wr Singlesig
16,858 bc1q5vwscmf85w2vlq0qvr33dgpvu5rlrd42cqw6qn Singlesig
16,610 3FupZp77ySr7jwoLYEJ9mwzJpvoNBXsBnE 2-of-3 Multisig
16,453 bc1qx2x5cqhymfcnjtg902ky6u5t5htmt7fvqztdsm028hkrvxcl4t2sjtpd9l 2-of-2 Multisig
16,348 34HpHYiyQwg69gFmCq2BGHjF1DZnZnBeBP Unknown
16,307 1BAuq7Vho2CEkVkUxbfU26LhwQjbCmWQkD Singlesig
16,227 1N4WQbt63gnThPwHFZ1w9adEnE1xB8ctXk Singlesig
16,231 bc1qchctnvmdva5z9vrpxkkxck64v7nmzdtyxsrq64 Singlesig
16,224 1932eKraQ3Ad9MeNBHb14WFQbNrLaKeEpT Singlesig
15,900 32TiohXoCmHr87xVm3E9A3sLiWBJjYn1gf 4-of-6 Multisig
15,746 3JZq4atUahhuA9rLhXLMhhTo133J9rF97j Singlesig
15,392 1GR9qNz7zgtaW5HwwVpEJWMnGWhsbsieCG Singlesig
15,251 1KDWnWQNSGZZ8QHcKPgzz3DGRkmgVv9HhJ Singlesig
14,676 bc1qvhxafz8dqk8c25jsx669yd6qrxhl5dx72dyryp Singlesig
14,599 35pgGeez3ou6ofrpjt8T7bvC9t6RrUK4p6 2-of-3 Multisig
14,000 1BZaYtmXka1y3Byi2yvXCDG92Tjz7ecwYj Singlesig
13,805 3NpXph8WN1U9hwXjg1bRtzTff1tPR2Gpw4 Unknown
13,003 bc1q4vxn43l44h30nkluqfxd9eckf45vr2awz38lwa Singlesig
12,891 1KVpuCfhftkzJ67ZUegaMuaYey7qni7pPj Singlesig
12,858 1CiAnTJn6eHTU89PeihdMhT7KcQZxVZ4fy Singlesig
12,840 3BMEXqGpG4FxBA1KWhRFufXfSTRgzfDBhJ 3-of-4 Multisig
12,803 3HfD4pvF43jdu9dzVMEr1b8AnDHooRGc5t 3-of-9 Multisig
12,795 1DNUjpHPNKMoKYBHxJz2Sh1uQQdJkGsXj5 Singlesig
12,267 1PJiGp2yDLvUgqeBsuZVCBADArNsk6XEiw Singlesig
11,985 1CKVszDdUp4ymGceAZpGzYEFr4RPNHYqaM Singlesig
11,673 3A9qNS69dngSU2ak8BwZKEExeVnL2RqpYJ Unknown
11,400 1Cr7EjvS8C7gfarREHCvFhd9gT3r46pfLb Singlesig
11,115 bc1qgrvchamnmmaancn3vwea6elnvexpylzh30rhjz Singlesig
10,840 bc1qk7fy6qumtdkjy765ujxqxe0my55ake0zefa2dmt6sjx2sr098d8qf26ufn 3-of-5 Multisig
10,771* 1F34duy2eeMz5mSrvFepVzy7Y1rBsnAyWC Singlesig**
10,500 bc1qhd0r5kh3u9mhac7de58qd2rdfx4kkv84kpx302 Singlesig
10,486 bc1q93njc4we4s088a2nz6c9e6vthc5h4ake53rxmd Singlesig
10,217 1Q8QR5k32hexiMQnRgkJ6fmmjn5fMWhdv9 Singlesig
10,009* 1f1miYFQWTzdLiCBxtHHnNiW7WAWPUccr Singlesig**
10,002 bc1qsxdxm0exqdsmnl9ejrz250xqxrxpxkgf5nhhtq Singlesig

*Likely lost

**Not using MPC

Out of these 81 addresses, at least six of them are holding bitcoin that is likely to be lost (179,302 BTC). These six addresses were created by their owners in 2010 or 2011, when bitcoin had a much smaller value and was not taken as seriously as it is today. Five of the six have never been spent from, and the other one made its last withdrawal in July of 2010.

The remaining 75 addresses use a variety of custody structures. Let’s break it down:

Addresses (%) Total Bitcoin Balance (%)
Singlesig 53 (70.7%) 1,745,905 (67.6%)
Multisig 16 (21.3%) 608,773 (23.6%)
Unknown 6 (8.0%) 226,205 (8.8%)

As explained in our article discussing institutional-grade threshold security, it’s likely that the 53 singlesig addresses are using either SSS or MPC. Two of the addresses, however, are unlikely to be using MPC, because they were created before 2018, when the first-ever MPC threshold protocols for ECDSA were invented. It’s possible that these addresses are using SSS instead.

The 16 addresses that we know are using multisig have all been spent out of, and in doing so they have revealed their specific quorum structure. There is a wide assortment of quorums:

  • 4 instances of 3-of-5
  • 3 instances of 2-of-3
  • 2 instances of 2-of-2
  • 1 instance of 3-of-9
  • 1 instance of 4-of-8
  • 1 instance of 3-of-8
  • 1 instance of 4-of-6
  • 1 instance of 3-of-6
  • 1 instance of 2-of-6
  • 1 instance of 3-of-4

The 2-of-2 quorums stand out as the only quorums in the list which don’t offer inherent protection from single points of failure. While a distributed 2-of-2 multisig can protect against theft, it requires other methods to protect against loss (such as each key using distributed SSS or MPC shares). You can read more about how different quorums protect from theft and loss to varying degrees, in our broader multisig article.

Conclusions

After looking at the data, at least one thing is clear. Among the owners of the wealthiest bitcoin addresses—some of whom include the biggest cryptocurrency exchanges and even the U.S. Department of Justice—there is no consensus on the best method to secure bitcoin. 

Some of these entities use multisig addresses, with typical quorums like 2-of-3 and 3-of-5, but there are several unusual quorums as well. Many entities use singlesig addresses, which could be utilizing SSS or MPC. The details surrounding SSS or MPC threshold quorums are never publicly recorded on the blockchain, limiting the extent of this investigation. It’s possible that some of these singlesig addresses are not employing any threshold security at all, which would mean that certain stashes of bitcoin currently worth more than $400M are notably under-secured.

As we covered in a recent article, multisig always has a higher security ceiling than singlesig. When a singlesig address is used (as is the case with at least 70% of the addresses holding more than 10,000 BTC) there is a missed opportunity for additional security. While singlesig does provide some benefits for spending convenience and transaction fees, one might expect these benefits to be less important than security, for an entity holding bitcoin worth millions or billions of dollars. 

The truth behind why singlesig addresses are so commonly found at the top levels is unclear. It may amount to a lack of education, or a historical lack of products and services leveraging the combination of SSS and MPC alongside multisig. Luckily, Unchained has pioneered a simple path to access these combinations, unlocking the highest levels of security obtainable. For private wealth and enterprise clients, we offer a vault product built with a foundation of multisig, and keys that can be spread amongst institutional key agents. Each of these key agents can deploy their own threshold security using SSS or MPC. Book a free consultation!

Tags:
No tags.

Related Articles