Home Research $66M Bitcoin Home Invasion: Estate Plan as Physical Security Est. 24 min read

Breaking — March 29, 2026

Two California teenagers — ages 16 and 17 — face nine felony charges after a violent home invasion in Scottsdale, Arizona, targeting $66 million in Bitcoin. According to CryptoTimes, the attack was orchestrated through Signal by anonymous parties who knew the target held significant BTC. The teens drove 600 miles to execute the robbery. This is not an isolated incident — it's the latest in an accelerating pattern of physical attacks on known Bitcoin holders. The question is no longer whether you need physical security for your Bitcoin. It's whether your current custody architecture would survive a home invasion.

In This Article
  1. The Attack — What Happened in Scottsdale
  2. The $5 Wrench Attack Problem
  3. Why This Keeps Happening
  4. Multi-Sig as Physical Security
  5. The Irrevocable Trust as the Ultimate Physical Security
  6. Operational Security Playbook for Bitcoin-Wealthy Families
  7. What to Do Now — 5-Step Action Plan
  8. The Paradox: Self-Custody Means You Are the Single Point of Failure
  9. Frequently Asked Questions

Two children drove 600 miles to steal $66 million in Bitcoin.

Read that sentence again. Not seasoned criminals. Not a sophisticated hacking crew. Teenagers — a 16-year-old and a 17-year-old from California — recruited through Signal by anonymous parties who knew exactly where the Bitcoin was and who held it. They drove across state lines, invaded a home in Scottsdale, Arizona, and now face nine felony charges including armed robbery, kidnapping, and aggravated assault.

The target was a known Bitcoin holder. The attackers knew how much he held. They knew where he lived. And they believed — almost certainly correctly — that he personally controlled the keys to $66 million in Bitcoin.

This article is not about the criminal case. The Arizona justice system will handle that. This article is about the structural vulnerability that made the attack rational in the first place — and the custody architecture and estate planning strategies that eliminate that vulnerability entirely.

Because here is the uncomfortable truth that every Bitcoin holder with significant wealth needs to internalize: if you personally control the keys to your Bitcoin, you are the security system. And you are a security system that can be defeated by two teenagers with a weapon and a 10-hour drive.

The Attack — What Happened in Scottsdale

The facts, as reported by CryptoTimes on March 29, 2026, are stark in their simplicity.

Two teenagers from California — one 16, one 17 — were recruited through Signal, the encrypted messaging app, by anonymous parties who had identified a Scottsdale, Arizona resident as holding approximately $66 million in Bitcoin. The recruiters knew the target's identity, home address, and approximate holdings. They needed physical operatives willing to conduct a home invasion. They found two minors willing to drive 600 miles to do it.

The teens face nine felony charges. The charges suggest a violent encounter — armed robbery, kidnapping, and aggravated assault are not charges filed for a quiet break-in. Someone was threatened, restrained, or harmed.

Three elements of the attack are worth examining because they recur in virtually every physical Bitcoin theft:

The intelligence was specific. The attackers didn't randomly select a home in Scottsdale. They knew — or believed they knew — that this specific individual held approximately $66 million in Bitcoin. That intelligence came from somewhere: blockchain analysis, social media, a data breach, a conference connection, a loose-lipped associate, or some combination. The specificity of the targeting is the first vulnerability.

The attack was remote-orchestrated. The people who identified the target and organized the attack never set foot in Arizona. They recruited expendable operatives through an encrypted messaging platform. This is a pattern we're seeing with increasing frequency — a division of labor between the intelligence gatherers (who know which targets hold Bitcoin and where they live) and the physical operatives (who are often young, unsophisticated, and disposable from the organizers' perspective).

The target was presumed to control the keys. The entire premise of a Bitcoin home invasion is that the person in the home can, under sufficient duress, transfer Bitcoin. If the target cannot transfer Bitcoin — because the keys are not at that location, or because the custody architecture requires multiple signers across multiple geographies — the attack has no viable path to success. This is the fundamental insight that transforms custody architecture from a digital security concept into a physical security concept.

The $5 Wrench Attack Problem

In cryptography and information security, there is a famous concept — popularized by the xkcd comic #538 — called the "$5 wrench attack." The premise is devastatingly simple: it doesn't matter how strong your encryption is if someone can hit you with a $5 wrench until you give up the password.

Bitcoin's greatest strength is simultaneously its greatest physical security weakness.

The strength: Bitcoin is a bearer asset. Whoever controls the private keys controls the funds. There is no bank to call, no transaction to reverse, no fraud department to file a claim with. This is the entire point of self-sovereignty — no third party can freeze, seize, or confiscate your Bitcoin.

The weakness: Bitcoin is a bearer asset. Whoever controls the private keys controls the funds. If someone puts a gun to your head and says "transfer the Bitcoin," no cryptography protects you. The 256-bit encryption, the air-gapped hardware wallet, the steel seed phrase backup — none of it matters when the attack vector is not the mathematics but the human holding the keys.

The $5 wrench attack is not a cryptographic attack. It's a custody architecture failure. If a single person at a single location can move the funds, then that person at that location is the single point of failure — for both the Bitcoin and their own physical safety.

This is the conceptual gap that most Bitcoin security discussions fail to bridge. They focus on digital security — cold storage vs. hot wallets, seed phrase backup strategies, passphrase protection, hardware wallet comparisons. All of that is important. None of it addresses the scenario where an armed attacker is standing in your living room.

The Scottsdale case is a textbook $5 wrench attack at scale. The attackers did not try to hack the target's wallet. They did not try to intercept a transaction. They did not try to brute-force a private key. They drove to the target's house and used physical violence — or the credible threat of physical violence — to compel the transfer. The "wrench" in this case was nine felonies' worth of violence, but the principle is identical.

And the defense is not a stronger password. It's a custody architecture that makes compliance physically impossible.

Why This Keeps Happening

The Scottsdale attack is not an isolated incident. It is the latest entry in a growing ledger of physical attacks on known Bitcoin holders. The pattern is clear, the frequency is increasing, and the common denominator is the same every time: the attacker knew the target held Bitcoin.

The Pattern of Physical Bitcoin Attacks

March 2026 — Hong Kong Seed Phrase Filming. Earlier this month, a case surfaced in Hong Kong where an individual's seed phrase was secretly filmed during what appeared to be a social interaction. The attacker used the captured seed phrase to drain the victim's wallet. The seed phrase — the master key to a Bitcoin wallet — was literally visible because it existed in a form that could be photographed. This case illustrates a different dimension of the $5 wrench problem: the attack doesn't always require violence. Sometimes it just requires access — visual, physical, or digital — to a secret that a single person possesses.

2020 — Ledger Database Leak. In 2020, the customer database of Ledger, one of the world's most popular hardware wallet manufacturers, was compromised. The leaked data included the names, email addresses, phone numbers, and home addresses of approximately 272,000 customers who had purchased hardware wallets. The implications were immediate and devastating: attackers now had a curated list of people who held enough Bitcoin to invest in a hardware wallet, along with their home addresses. In the months and years following the leak, multiple home invasions, extortion attempts, and threats were traced directly to the leaked database. Victims received threatening letters, SIM-swap attacks, and in some cases, in-person visits from individuals demanding Bitcoin.

2020-2025 — Escalating Physical Attacks Globally. The pattern extends well beyond high-profile cases. Physical attacks on Bitcoin holders have been documented across the United States, Europe, South America, and Asia. Common scenarios include home invasions (often targeting known Bitcoin traders or miners), intimate partner theft (where a spouse or family member with physical access to seed phrases drains a wallet), kidnapping-for-Bitcoin schemes, and attacks at cryptocurrency meetups or conferences where attendees are followed to their hotels or homes.

The Common Denominator

Across every physical Bitcoin attack, the common factor is not the amount stolen, the geographic location, or the sophistication of the attackers. It is this: the attackers knew or believed that the target held significant Bitcoin and that the target personally controlled the keys.

Both elements are necessary. Knowing someone holds Bitcoin but not being able to locate them physically is useless for a physical attack. Locating someone physically but not knowing whether they hold Bitcoin or how much is speculation, not targeted robbery. The attacks that succeed — and that keep happening — occur at the intersection of identifiable wealth and personal key control.

This means there are exactly two categories of defense:

  1. Prevent attackers from identifying you as a Bitcoin holder — operational security, privacy, entity structures
  2. Ensure that even if identified, you cannot comply with demands — custody architecture that distributes control so no single person and no single location holds enough keys to move the funds

The second category is the one most Bitcoin holders get wrong, and it's the one that could have changed the outcome in Scottsdale.

Multi-Sig as Physical Security

Multi-signature (multisig) Bitcoin transactions require more than one private key to authorize a transfer. In a 2-of-3 multisig setup, three keys exist, and any two of the three must sign a transaction for it to be valid. In a 3-of-5 setup, five keys exist and any three must sign.

Most people think of multisig as digital security — protection against a single key being compromised through hacking, device failure, or theft. That's correct but incomplete. When the keys are geographically distributed, multisig transforms from digital security into physical security.

The Mechanics of Geographic Key Distribution

Consider a 2-of-3 multisig setup where the three keys are held as follows:

Example — 2-of-3 Multisig with Geographic Distribution

Key 1: Hardware wallet in a bank safe deposit box in Phoenix, Arizona
Key 2: Hardware wallet held by a trusted family member in Denver, Colorado
Key 3: Hardware wallet in a vault facility in Zurich, Switzerland

To move any Bitcoin from this wallet, two of these three keys must sign the transaction. No single location holds two keys. No single person has access to two keys.

Now replay the Scottsdale scenario against this architecture. An attacker invades the home of the Bitcoin holder. They demand a transfer. The holder says — truthfully — "I cannot move the Bitcoin. I have one key, but it's not at this location. It's in a bank safe deposit box. Even if I go to the bank, I still need a second key, which is held by someone in another state."

The attacker has no viable path to the Bitcoin. The cryptographic requirement of two keys cannot be bypassed with physical violence at a single location. The holder is not being brave or deceptive — they are stating a literal, structural truth about the custody architecture.

Multisig with geographic key distribution is the only physical security measure that works by making compliance literally impossible. You're not relying on courage, deception, or resistance under duress. The architecture itself is the defense.

Why Geographic Distribution Matters More Than Key Count

A common mistake is to implement multisig without geographic distribution. If you have a 2-of-3 setup but all three keys are in your home — one in a safe, one in a desk drawer, one taped behind a painting — a home invader has access to all three. The multisig provides zero physical security benefit because all keys are in the attack radius.

The security comes from the distribution, not the count. Two keys in two different cities provides more physical security than five keys in five different rooms of the same house.

For families with significant Bitcoin holdings, we recommend the following minimum geographic distribution:

The Scottsdale target's $66 million in Bitcoin places them firmly in the institutional tier. At that level, single-signature self-custody is not just risky — it's reckless.

The Irrevocable Trust as the Ultimate Physical Security

Multisig distributes key control. An irrevocable trust goes further: it removes you from the custody equation entirely.

When Bitcoin is held in a properly structured irrevocable trust — particularly a directed trust established under a Wyoming Private Family Trust Company — the trustee holds signing authority over the Bitcoin. Not you. The trustee manages the custody infrastructure, controls the keys, and authorizes any transactions according to the trust document's terms.

You — the grantor who originally transferred the Bitcoin into the trust — literally do not have the keys.

This creates a physical security posture that is fundamentally different from any form of self-custody, including multisig:

1. You Cannot Comply Under Duress — Because You Don't Have the Keys

An attacker who invades your home and demands you transfer Bitcoin from the trust will encounter a structural impossibility. You do not have signing authority. You do not have the private keys. You could not transfer the Bitcoin if you wanted to. This is not a psychological strategy (pretending not to have access) or a deception (claiming you can't when you can). It is a legal and technical reality: the trust holds the Bitcoin, the trustee controls the keys, and you are not the trustee.

2. The Trust Has Institutional-Grade Custody

A properly administered trust uses institutional-grade multisig custody with keys distributed across secure facilities. The trustee — whether a Wyoming Private Family Trust Company, a regulated trust company, or a directed trustee acting under the trust document — implements custody protocols that include geographic key distribution, time-locked transactions, multi-person authorization requirements, and audit trails. The custody infrastructure is the same type used by institutional investors managing billions of dollars in digital assets.

3. Attackers Cannot Compel What You Don't Control

The legal concept is simple: nemo dat quod non habet — you cannot give what you do not have. An attacker can threaten, restrain, or harm you, but they cannot change the legal and technical reality that the Bitcoin is not in your custody. The trust document governs how and when distributions are made. Even the trustee is bound by the document's terms — they cannot simply transfer $66 million to an anonymous Bitcoin address on demand.

4. The Trust Survives Your Incapacitation or Death

This is the estate planning dimension that elevates trust-based custody above every other physical security strategy. If the worst happens — if the attacker incapacitates or kills the holder — an irrevocable trust continues to operate. The trustee continues to manage the Bitcoin according to the trust document. Successor trustees step in. Beneficiaries are protected. The Bitcoin does not become inaccessible because the person who knew the seed phrase is no longer available.

Single-signature self-custody has no such continuity. If the sole keyholder is killed or permanently incapacitated, the Bitcoin is effectively lost — a second form of permanent damage beyond the physical harm itself.

5. Estate Tax Benefits Compound the Security Advantage

Beyond physical security, an irrevocable trust provides a structural estate tax advantage: appreciation inside the trust occurs outside your taxable estate. If Bitcoin appreciates from $66K to $200K or $500K over the coming years, that appreciation — for Bitcoin transferred into an irrevocable trust now — is permanently removed from estate tax exposure. At the current federal estate tax rate of 40%, the tax savings on significant appreciation can be measured in millions of dollars.

Physical security and estate tax efficiency are not separate considerations. They are both solved by the same architectural decision: transferring Bitcoin into an irrevocable trust with institutional-grade custody.

Scenario Analysis

The Scottsdale Attack — Two Custody Architectures, Two Outcomes

Architecture A: Single-signature self-custody. Target holds the private key to $66M in Bitcoin on a hardware wallet at home. Attackers invade, threaten violence, and demand a transfer. The target has the technical ability to comply. The outcome depends entirely on the target's willingness and ability to resist under life-threatening duress. The Bitcoin is at risk.

Architecture B: Irrevocable trust with institutional multisig. Target transferred Bitcoin to a directed trust two years ago. The Wyoming Private Family Trust Company holds signing authority via a 3-of-5 multisig with keys distributed across three states. The target has no keys, no signing authority, and no ability to move the Bitcoin. Attackers invade and demand a transfer. The target cannot comply — not because they're brave, but because they literally cannot. The Bitcoin is not at risk. The attack has no viable path to success.

Same target. Same attackers. Same 600-mile drive. Radically different outcomes — determined entirely by the custody architecture established before the attack.

Operational Security Playbook for Bitcoin-Wealthy Families

Custody architecture is the primary defense. But a comprehensive physical security posture for Bitcoin-wealthy families requires a layered approach. The following eight rules form an operational security playbook that addresses both prevention (making it harder for attackers to identify and target you) and resilience (ensuring that even if targeted, the attack cannot succeed).

Rule 1: Never Discuss Bitcoin Holdings in Public or on Social Media

This is the most basic operational security rule and the one most frequently violated. Every physical Bitcoin attack begins with intelligence — the attacker's knowledge that the target holds significant Bitcoin. Social media posts about Bitcoin gains, screenshots of portfolio balances, photos at Bitcoin conferences, or even casual mentions of "my Bitcoin" in public conversations all contribute to a targeting profile.

The rule extends to family members. A spouse's Instagram post from a Bitcoin conference, a child's school essay about their parents' Bitcoin wealth, a friend's congratulatory comment on a post — all of these create data points that sophisticated attackers aggregate.

Action: Audit all social media accounts (yours and your family's) for any mention of Bitcoin, cryptocurrency, or digital asset holdings. Remove it. All of it.

Rule 2: Use Corporate Entities for All Bitcoin-Related Transactions

If Bitcoin is purchased, held, or transacted in your personal name, it creates a paper trail that connects your identity to your holdings. Exchange KYC records, tax filings, on-chain addresses — all of these can be linked to you personally.

Using corporate entities — typically a single-member LLC or a trust — for all Bitcoin-related activity inserts a layer of separation between your personal identity and your holdings. The LLC buys the Bitcoin, not you. The trust holds the Bitcoin, not you. The entity's EIN appears on exchange records and tax filings, not your SSN.

This is not about tax avoidance (the tax treatment is typically identical for disregarded entities). It's about reducing the number of databases that connect your name to your Bitcoin.

Action: Establish a Wyoming LLC or trust for all future Bitcoin-related activity. Transfer existing exchange accounts to entity ownership where possible.

Rule 3: Geographic Key Distribution — No Single Point of Failure

As discussed above, multisig with geographic key distribution ensures that no single location holds enough keys to move funds. This is the architectural backbone of physical security.

Action: Move to multisig custody immediately. Distribute keys across at least two geographic locations. For holdings above $5M, use 3-of-5 multisig with keys in three or more cities.

Rule 4: Duress Wallet / Decoy Wallet Strategy

A duress wallet — also called a decoy wallet — is a secondary Bitcoin wallet containing a small, plausible amount of Bitcoin that can be surrendered under threat. The purpose is to give an attacker something to take without revealing the existence or location of the primary holdings.

The mechanics: maintain a single-signature wallet on a readily accessible device (phone or hardware wallet in your home) with 1-3% of your total holdings. This wallet should look like your "main" wallet — it should have transaction history, a reasonable balance, and be readily accessible. Under duress, you can "comply" by transferring from this wallet.

Limitations: this strategy is complementary, not primary. Sophisticated attackers who know your approximate holdings (as in the Scottsdale case, where they knew the target held $66M) may not be satisfied with a $200K decoy balance. The duress wallet buys time and creates ambiguity — it does not replace proper custody architecture.

Action: Set up a duress wallet on an easily accessible device with a plausible but small balance. Do not discuss the duress wallet strategy publicly.

Rule 5: Physical Security Upgrades — Home Security and Travel Protocols

Physical security measures — alarm systems, cameras, reinforced doors, safe rooms, guard services — are worthwhile investments for any high-net-worth family. For Bitcoin-wealthy families, they serve a specific purpose: they increase the difficulty and risk of a physical attack, which deters opportunistic attackers and buys time during an incident.

Travel protocols are equally important. Known Bitcoin holders should vary their routes, avoid predictable schedules, and exercise caution when traveling to and from Bitcoin-related events. The post-conference attack — where an attendee is followed from a Bitcoin conference to their hotel or home — is a documented pattern.

Action: Invest in a professional home security assessment. Install commercial-grade alarm and camera systems. Establish travel protocols for Bitcoin-related events.

Rule 6: Family Education — Heirs and Spouses Must Understand

Your operational security is only as strong as its weakest participant. If your spouse discusses your Bitcoin holdings at a dinner party, or your teenage child posts about it on social media, your security is compromised regardless of your personal discipline.

Family education should cover: (1) why discretion about holdings is critical to physical safety, (2) what information should never be shared and with whom, (3) what to do in the event of a home invasion or threatening contact, and (4) who to call and what to say (and not say) to law enforcement. This is particularly important for the dynamics between spouses — marital conflict creates a unique vulnerability where an aggrieved spouse has both knowledge of and potentially physical access to Bitcoin custody infrastructure.

Action: Hold a family security meeting. Establish clear rules about what information about your Bitcoin is off-limits for discussion. Make it age-appropriate but unambiguous.

Rule 7: Specialized Bitcoin Custody Insurance

Standard homeowner's insurance policies typically exclude or severely limit coverage for digital assets. Specialized custody insurance — available through providers like Evertas, Coincover, or through institutional custody partners — can cover theft, including physical coercion scenarios, depending on the specific policy terms.

Insurance is a remediation strategy, not a prevention strategy. It does not prevent an attack, but it provides financial recovery if custody architecture fails. The best policies cover both hot wallet and cold storage losses, including losses resulting from physical duress.

Action: Obtain quotes from specialized Bitcoin custody insurance providers. Review policy exclusions carefully — ensure physical coercion / duress scenarios are covered.

Rule 8: Letter of Instruction with Estate Attorney — Emergency Protocols

A letter of instruction, held by your estate planning attorney (not at your home), should detail: (1) the custody architecture for your Bitcoin, including the multisig configuration and key locations; (2) who holds each key and how to contact them; (3) emergency procedures in the event of your incapacitation, kidnapping, or death; (4) the identity and contact information of the trustee for any trust-held Bitcoin; and (5) a designated emergency contact who can coordinate with the trustee and law enforcement.

This document should be stored at your attorney's office, not at your home. If an attacker finds a document at your home that details your entire custody architecture, you've handed them a roadmap. The letter of instruction is for your family, your attorney, and your trustee — not for anyone who gains unauthorized physical access to your home.

Action: Draft a letter of instruction with your estate planning attorney. Update it whenever your custody architecture changes. Store it at the attorney's office, with a copy at a second secure location outside your home.

What to Do Now — 5-Step Action Plan

The Scottsdale attack is today's headline. The next attack — on a different holder, in a different city — is a matter of when, not if. If your custody architecture cannot survive a home invasion, you are operating on borrowed time.

Here are five concrete steps, in priority order, that Bitcoin holders with significant wealth should implement now:

Custody Infrastructure Due Diligence

Evaluating Institutional Custody for Your Bitcoin?

Whether you're structuring a trust, selecting a collaborative custody provider, or building an institutional-grade multisig setup, due diligence on the custody infrastructure is critical. Abundant Mines developed a 36-question framework for evaluating custody and hosting providers — it covers security architecture, key management, insurance, regulatory compliance, and operational controls.

Download the 36-Question Due Diligence Framework →

The Paradox: Self-Custody Means You Are the Single Point of Failure

The Bitcoin ethos celebrates self-custody. "Not your keys, not your coins" is the foundational principle of the ecosystem. And it's correct — from a sovereignty perspective. If you don't control your keys, you're trusting a third party with your wealth, and third parties can be hacked, go bankrupt, freeze your account, or comply with government seizure orders.

But there is a paradox at the heart of self-custody that the community has been slow to confront:

If you hold your own keys, you are the single point of failure — for the Bitcoin and for your own physical safety. Self-custody without architectural safeguards doesn't eliminate trust. It concentrates it in the most vulnerable possible node: a single human being at a known physical location.

The Scottsdale attack crystallizes this paradox. The target was presumably a self-sovereignty advocate — someone who held their own keys, controlled their own Bitcoin, and answered to no bank or custodian. That sovereignty is what made them a target. The attackers didn't need to hack an exchange, compromise an institutional custodian, or subvert a banking system. They just needed to find the one person who held the keys and apply sufficient violence.

The resolution of this paradox is not to abandon self-custody. It's to evolve the definition of self-custody beyond "one person, one key, one location" to something architecturally robust:

Custody architecture IS security architecture. The design of how your Bitcoin is held — how many keys exist, who holds them, where they're located, what legal structures govern them — is not a secondary consideration. It is the primary determinant of both your Bitcoin's safety and your physical safety. The hardware wallet brand, the seed phrase material, the safe specifications — these are implementation details. The architecture is what matters.

The estate plan IS the security plan. An irrevocable trust with a directed trustee is not just a tax optimization or a wealth transfer strategy. It is a physical security measure that removes you — the single point of failure — from the custody equation. The estate plan is the mechanism by which you stop being the person who can, under duress, transfer $66 million in Bitcoin.

Two teenagers drove 600 miles because they believed — almost certainly correctly — that one person at one address controlled the keys to $66 million. If that one person had established a trust with institutional-grade multisig, there would have been nothing to steal, no one to coerce, and no reason to make the drive.

The custody architecture you build today is not a theoretical exercise. It is the structural decision that determines whether your home is a target or whether an attacker arrives to discover that the person inside genuinely, verifiably, technically and legally cannot do what they're being asked to do.

That is not a security upgrade. It is a paradigm shift. And it starts with a conversation with your estate planning attorney, not with a hardware wallet purchase.

Frequently Asked Questions

What is a $5 wrench attack on Bitcoin?

A $5 wrench attack refers to the idea that no amount of cryptographic security protects Bitcoin if someone can physically threaten the holder with violence to compel them to hand over their private keys. The term originates from xkcd comic #538. For self-custody holders, this means that if you personally control the keys, a home invader with a weapon can force a transfer. The defense is custody architecture that ensures no single person holds enough keys to move the funds.

How does multi-signature Bitcoin custody protect against physical attacks?

Multi-signature (multisig) custody requires multiple private keys — typically 2-of-3 or 3-of-5 — to authorize any Bitcoin transaction. When those keys are distributed across different geographic locations, no single physical attack on one location can result in stolen Bitcoin. The holder literally cannot comply with an attacker's demand because they don't have enough keys at that location.

Can an irrevocable trust protect my Bitcoin from physical theft?

Yes. When Bitcoin is held in a properly structured irrevocable trust — particularly a directed trust with a Wyoming Private Family Trust Company or institutional trustee — the trustee holds signing authority, not you. You literally do not have the private keys. An attacker who targets you cannot compel you to transfer Bitcoin you do not control.

What is a duress wallet and how does it protect Bitcoin holders?

A duress wallet is a secondary Bitcoin wallet containing a small, plausible amount of Bitcoin that can be surrendered under threat of violence. It gives attackers something to take without revealing primary holdings. This is a complementary strategy — not a replacement for proper custody architecture — because sophisticated attackers may not be satisfied with a small amount.

Why do Bitcoin holders keep getting targeted in home invasions?

Bitcoin is a bearer asset with irreversible transactions. Holders are targeted because: (1) whoever controls the keys controls the funds with no reversal mechanism; (2) Bitcoin wealth is often publicly visible through social media, blockchain analysis, or data breaches like the 2020 Ledger leak; (3) many holders use single-signature self-custody, meaning one person at one location can move all the funds. The common denominator is always that the attacker knew the target held Bitcoin and believed the target controlled the keys.

What should Bitcoin holders do immediately to improve their physical security?

Five immediate steps: (1) Stop discussing holdings publicly and scrub social media; (2) Move to multisig with geographically distributed keys; (3) Use corporate entities for all Bitcoin transactions; (4) Set up a duress wallet with a small plausible amount; (5) Consult with an estate planning attorney about an irrevocable trust where a trustee — not you — holds signing authority.

Does Bitcoin custody insurance cover physical theft from a home invasion?

Standard homeowner's insurance typically excludes digital assets. Specialized Bitcoin custody insurance from providers like Evertas or Coincover can cover theft, but policy terms vary significantly. Physical coercion losses may fall into gray areas. The most reliable protection is custody architecture that prevents the loss in the first place — if your Bitcoin is in a multisig trust and you don't hold enough keys to transfer it, there's nothing to steal.