What is the Bitcoin Self-Custody Score?

A 2-minute, 8-question quiz that rates how you actually store your Bitcoin today and returns a score from 0 to 100, a letter grade A+ to F, and the single change that would improve your score the fastest. Runs entirely client-side — your answers are never sent anywhere.

How is the score calculated?

Each of the 8 questions has 3-5 options worth between 0 and 100 points based on the expected security of that choice. The final score is the average across all 8 questions, mapped to a letter grade. The breakdown by area (storage, backup, verify-before-sign, passphrase, inheritance, install integrity) shows where you scored weakest so you know where to start.

Is my data shared with anyone?

No. The quiz runs entirely in your browser. The only network call is a single anonymous GA4 event so we can tell whether anyone is completing it — the event contains only your final score, your grade, and the locale, never the individual answers.

What's a 'good' score?

Above 80 is solid. A+ (92+) requires a multisig setup with tested backups in geographically separated locations and a working inheritance plan. Most retail Bitcoin holders score in the C-D range — the quiz is designed to expose the gap honestly rather than make you feel good.

Bitcoin Self-Custody Score — 2-minute quiz

Self-Custody Score · 8 questions · ~2 min client-side · honest answers only

Rate how you actually store your Bitcoin right now — not how you wish you did. Score is yours; nothing is sent anywhere.

Why this quiz exists

Most “Bitcoin security” content either glosses the topic (“just buy a hardware wallet”) or buries you in jargon (“multisig threshold, SeedQR, BIP-39 passphrase, plausible deniability path”). Neither tells you what you most want to know: given the way I currently store my Bitcoin, am I doing it right?

This quiz answers that question in 2 minutes. Eight honest questions. A score from 0 to 100. A clear verdict on which area is weakest. And one concrete recommendation for what would move you up the fastest.

The questions are weighted by expected loss. Storing the majority of your Bitcoin on a centralised exchange scores 0 on the storage question because the historical loss probability is high — Mt. Gox, QuadrigaCX, Celsius, FTX. A single hardware wallet scores 85 because the loss surface drops to under 1% annually when used correctly. Multisig scores 100 because it defends against single-device compromise too.

What the score is — and isn’t

It is a snapshot of your current setup against the consensus best practices in 2026. The point is to expose the weakest link in your specific setup so you know which fix moves the needle most. Most people score in the C range because there’s one or two specific things they’ve been meaning to fix.

It isn’t a guarantee. A “A+” multisig setup can still be lost to social engineering or coordinated coercion. An “F” hot wallet can survive for years if you’re lucky. The score is a starting point for a conversation with yourself about which trade-offs you’re actually making — not a certificate that says “you’re safe”.

How the breakdown works

The eight questions cover six areas:

Where it lives — exchange vs. hot vs. hardware vs. multisig
Seed backup — what you wrote down, where, and on what material
Verify before sign — whether you check addresses on the device screen and ignore unsolicited “support”
Passphrase — whether you use the optional BIP-39 25th word
Inheritance — whether anyone could recover your Bitcoin if you died
Install integrity — whether you check SHA-256 / PGP before running a new wallet binary

Each area is averaged independently so the result page shows where you’re strong and where you’re weak. Most people’s weakest area falls under either “backup” or “verify before sign” — those are the two habits that take real discipline.

The single highest-leverage move

If you only fix one thing this month, fix this: read the destination address on your hardware-wallet screen, every single time, before you confirm a transaction.

This one habit defeats most of the wallet-drainer attacks documented in 2025-2026, including the counterfeit Ledger Live app on the Apple App Store that drained roughly $9.5M from users who had hardware wallets but didn’t verify on-device. Drainer malware works by silently substituting the destination address on the computer screen — your hardware wallet shows you the real destination on its own screen, and you can refuse to sign if it doesn’t match.

The same principle applies to wallet downloads: verify the SHA-256 hash of the installer against the vendor’s published hash before you run it. Our wallet installer verifier takes about 30 seconds.

How much Bitcoin do I need before getting a hardware wallet? — the math that decides whether the cost-benefit flips for your specific holdings
Cold storage 2026: hardware vs multisig vs SeedQR — full decision framework for choosing a setup matched to your holdings
Wallet drainer red flags 2026 — the attack landscape this quiz is calibrated against
BIP-39 recovery phrase — the security bible — the seed-backup section in depth
Wallet installer SHA-256 verifier — the install-integrity check in 30 seconds
BIP-39 validator — verify your written seed phrase is checksum-correct