Hardware Wallets Get "Bank-Grade" Spending Controls
Spending Policies allow users to set custom rules for outgoing Bitcoin transactions. Options include per-transaction limits (how much Bitcoin), velocity limits (how often), address whitelist (limits where it goes), and can enforce two-factor authentication. COLDCARD enforces these rules directly on-device, acting like a personal hardware security module (HSM). If a payment fits the policy, COLDCARD will allow the user to sign as normal. If not, the device refuses – blocking unwanted spends.
This creates a seamless balance: routine payments remain easy, while larger or suspicious transactions demand stronger verification. Learn more about Spending Policies.
2FA with Authenticator – First for Hardware Wallets
In a world-first, COLDCARD now supports time-based one-time passwords (TOTP) for 2FA. Even without a hardware clock or internet connection, COLDCARD verifies codes from apps like Google Authenticator. Users can require a 6-digit code for high-security transactions, adding a "something you have" factor to the device's "something you know" security.
"Spending Policies on Bitcoin hardware wallets are a revolutionary upgrade to self-custody. Even without a hardware clock, we figured out how COLDCARD can 2FA with Authenticator. It's the biggest leap in transaction-level defense we've ever shipped," said NVK , Co-Founder of Coinkite.
WATCH THE VIDEO https://www.youtube.com/watch?v=Qd8ymRwrokg
More Highlights from the New Firmware
The upcoming firmware release introduces additional features for COLDCARD Mk4 and COLDCARD Q models:
- NFC PushTX – Instantly broadcast signed Bitcoin transactions by tapping COLDCARD to an NFC-enabled phone. The phone's browser relays the transaction to the Bitcoin network – no apps or cables required.
- Smart PIN AutoBrick – Define automatic "self-destruct" rules for PIN entry attempts, further protecting devices against brute force.
- USB Multisig Address Registration – Streamlined multisig setup with authenticity-protected wallet exports.
- SeedXOR – Split existing seed words into three or more parts that can be geographically distributed safely.
- Enhanced PSBT Workflows – Export signed results to any medium (QR, NFC, SD) regardless of input method, giving users unmatched flexibility.
Why It Matters
Bitcoin adoption is built on openness, security, and sovereignty. With Spending Policies, COLDCARD offers retail users, institutions, and influencers programmable self-custody – ensuring funds cannot be moved outside preset rules, even if a device is stolen or misused. For organizations, it brings HSM-like controls without intermediaries. For individuals, it means peace of mind with the convenience of everyday use.
**About Coinkite** Coinkite is the maker of COLDCARD, the Bitcoin-only hardware wallet trusted worldwide for its air-gapped security model and uncompromising focus on self-custody. Learn more at coinkite.com.
SOURCE Coinkite
Share this article