1. Help Center
  2. Using the Casa app
  3. (Advanced) Open-source integrations

Sovereign Recovery for bitcoin vaults

Sovereign Recovery is what we call the ability to create a transaction outside of the Casa app using open-source, third-party tools. 

This article details how to perform Sovereign Recovery for bitcoin assets held with Casa. Please see Sovereign Recovery instructions for ethereum if you need to recover ethereum.

Finding your public keys

In Sovereign Recovery, you should operate on the assumption that the Casa Recovery Key is unavailable, meaning you have two of your three signing keys left. To complete a transaction, you need all three of your public keys, but only two of your private keys for a 3KV or all five of your public keys, and three of your private keys for a 5kv. 

Depending on your setup, you can use a combination of hardware wallets, and your Mobile Key and/or YubiKey/Passkey seeds to sign a transaction as long as you have 2 private keys. If one of your hardware devices is damaged or inaccessible, you can use the Mobile Key or YubiKey/Passkey seeds (if your vault contains any YubiKeys).

If you are using the same YubiKey for both your BTC and ETH vaults please ensure to safely save and store the (Offline Backup) seed phrase for each vault. 

To sign, you will need both of your hardware devices. If you have a mobile key, you'll need to export the seed phrase from your Casa app .

To find your public keys: You can pull your hardware wallet public keys directly from the devices themselves when you connect them to Electrum (see full instructions below). Know that all your public keys can also be accessed directly from Casa. To access them, just tap the key icon from your vault screen, then tap View Public Keys. We also provide the Casa Recovery Key public key in our Sovereign Recovery email, for added redundancy.

Don't forget to copy the derivation paths. When you view the public key for a specific account on a device, the current derivation path will be displayed beneath it. Derivation paths change every time you rotate a key and generate a new keyset in Casa; it’s important that you use the current path, otherwise the wrong addresses will be generated by your recovery wallet software.

IMPORTANT: Your public keys are stored locally on your iOS or Android device. This means they can be accessed even if Casa’s infrastructure is unavailable, and even if your device does not have an active internet connection. To ensure you're able to log into your Casa app to access your public keys even if you’re offline, just be sure the "Clear Cache on Logout" option is DISABLED on your Settings tab. If Casa's system is down for maintenance, you may need to place your device into airplane mode to access Casa in this "offline" mode.

Recovering funds without using Casa software or servers

Install Electrum

Additional instructions within this box for Linux users ONLY:

Install the appropriate libraries for your hardware wallets via the CLI:

If you use a Trezor:

Set hardware wallet udev rules:

After setting the udev rules for the first time, reboot your computer.

Set up your 3-key vault:

  • Run Electrum. For testnet, run
    Electrum --testnet
  • Create a new wallet and give it a name
  • Choose "multi-signature wallet"
  • Select "From 3 cosigners"
  • Select "Require 2 signatures"
  • Click next

For cosigner 1 of 3:

  • Choose "hardware wallet" 
  • Plug in your first hardware device if it isn’t already
  • Click next
  • Select your hardware device and click next.
  • Select "p2sh-segwit multisig"
  • The derivation path should change to something like m/48'/0'/0'/1' - replace it with the derivation path from your recovery data, which will look something like: m/49/0/0
  • Click next, then next again on the master public key screen

For cosigner 2 of 3

If using the mobile key as one of your Casa keys (default setup, most people use this):

  • Choose "Enter cosigner seed"
  • Enter the seed phrase the you exported from your Casa app
  • Click OPTIONS > BIP 39 SEED
  • Click "Next"
  • Enter your unique derivation path found in your Sovereign Recovery email
  • Click "Next"

If using a second hardware device in place of the mobile key, follow the same as you followed above for "Cosigner 1 of 3." Those instructions again are:

  • Choose "hardware wallet"
  • Plug in your second hardware device if it isn’t already
  • Click next
  • Select your hardware device and click next
  • Select "p2sh-segwit multisig"
  • The derivation path should change to something like m/48'/0'/0'/1' - replace it with the derivation path from your recovery data, which will look something like: m/49/0/0
  • Click next, then next again on the master public key screen

For cosigner 3 of 3

  • Choose "Enter cosigner key" and click next
  • Paste the "Casa Recovery Public Key" for the appropriate account from your recovery data
  • Click next

On the password screen, leave both fields blank and click next.

Electrum will now initialize your wallet and display all the transactions that have been received and sent by it. If your transactions don't show up after a minute or so, something went wrong during the process and Electrum derived the wrong set of addresses.

To send your assets to a new wallet, click on the "send" tab and fill in the "pay to" field with an address owned by your new wallet. Click the "max" button to sweep all of the value out of the wallet, and slide the "fee" bar to an appropriate fee depending upon your urgency. If your wallet contains many UTXOs (over 100) then you may encounter memory issues with your hardware device trying to send them all in one transaction; instead try sending smaller numbers of UTXOs in multiple transactions.

Once you click "send," you will be prompted to confirm the amount and destination address on each hardware device.

Upon completing the second signature, the "broadcast" button will no longer be greyed out. Click "broadcast" and then copy the transaction ID into a block explorer to check that the transaction has propagated across the network.

NOTE: Electrum can be finicky with hardware device signing support, especially on Linux. In order to prevent errors, ensure that you only have ONE Electrum instance running and plug both of your hardware devices in simultaneously rather than plugging and unplugging the devices as you sign.