Coldcard Mk4 Setup Guide: From Unboxing to First Transaction

You just got a Coldcard Mk4. Good choice. It is one of the most security-focused hardware wallets available, built specifically for Bitcoin and nothing else.

This guide walks you through everything: unboxing, PIN setup, seed phrase generation, connecting to Sparrow Wallet, and sending your first air-gapped transaction. By the end, you will have a fully working self-custody setup with your private keys never touching an internet-connected device.

The Coldcard Mk4 is priced at approximately $150 USD and is available directly from Coinkite. Buying direct from the manufacturer is the safest option — avoid third-party marketplaces where tampered devices have been sold.

This guide contains affiliate links. If you buy through our links, we may earn a commission at no extra cost to you. Buy a Coldcard Mk4

Key Takeaways

• The Coldcard Mk4 is a Bitcoin-only hardware wallet built for air-gapped operation (~$150 from Coinkite)
• Set a two-part PIN with anti-phishing words — protects against both unauthorized access and tampered devices
• Your 24-word seed phrase is generated on the device and must never exist digitally
• Sparrow Wallet connects to your Coldcard via MicroSD card — no USB required for a full air-gap
• Mk4 also supports NFC for faster PSBT transfer
• Advanced features: Seed XOR for split-key storage, BIP39 passphrases, spending limits
• Transactions are signed offline using PSBT files, then broadcast from your computer
• The entire setup takes about 30–45 minutes

What You'll Need

Before you start, gather these items:

• Coldcard Mk4 (buy direct from Coinkite, ~$150)
• MicroSD card (32 GB or smaller, formatted FAT32)
• MicroSD card reader for your computer
• Power source for the Coldcard (USB-C wall charger, battery pack, or the Coldpower adapter)
• Computer with Sparrow Wallet installed — see our Sparrow Wallet guide if needed
• Pen and the included backup card for writing down your seed phrase
• Optional: SeedPlate for long-term metal seed backup (available via Coinkite)

Note on power: For a fully air-gapped setup, power your Coldcard from a wall charger or battery pack rather than your computer's USB port. This guide focuses on the air-gapped workflow.

Before You Start: Verify Your Package

Counterfeit hardware wallets have been used in real attacks against bitcoiners. Always verify before trusting.

Check the tamper-evident bag:

1. Your Coldcard arrives in a special plastic bag with a unique serial number printed on it
2. Look for any tears, punctures, or signs the bag was opened and resealed
3. Check whether the word "VOID" appears on the bag's seal — if it does, the bag was opened. Stop and contact Coinkite immediately

Verify the serial number:

1. Write down the serial number from the bag before opening it
2. Power on your Coldcard (open the bag, connect it to a power source)
3. The serial number displayed on screen during first boot must match the number on the bag
4. Verify this number at coldcard.com to confirm it was manufactured by Coinkite

If anything looks off, stop and contact Coinkite before proceeding.

Step 1: Power On and Set Your PIN

When you first power on the Coldcard, it displays the Terms of Sale and Use. Scroll through and press the checkmark to accept.

Next, you'll see the serial number on screen. Verify it matches the bag.

Now you'll set your PIN. The Coldcard uses a two-part PIN system that is unlike most devices you have used.

How the two-part PIN works:

Your PIN has two halves, separated by a pause. If your full PIN is 2583-7194, here is what happens every time you log in:

1. You enter the first part: 2583
2. The Coldcard displays two anti-phishing words (e.g., "rocket" and "blanket")
3. You verify these words match what you memorized during setup
4. You enter the second part: 7194

Why two parts? The anti-phishing words are unique to your device and your specific PIN prefix. If someone swapped your Coldcard for a fake, the words would be different — warning you before you enter the second half of your PIN. No other hardware wallet has this feature.

To set your PIN:

1. Select "Choose PIN Code" from the menu
2. Enter your first part (2–6 digits) and press the checkmark
3. The Coldcard shows your two anti-phishing words. Write these down. You need to recognize them every login
4. Enter your second part (2–6 digits) and press the checkmark
5. Re-enter both parts to confirm

PIN tips:

• Use at least 4 digits for each part (8 total minimum)
• Avoid obvious sequences like 1234-5678
• Store your anti-phishing words separately from your seed phrase
• After 13 incorrect PIN attempts, the Coldcard bricks itself permanently. This is by design

Step 2: Generate Your Seed Phrase

Your seed phrase is 24 words that encodes your private keys. Anyone with these words controls your bitcoin. This is the most important step.

For a deeper explanation, read our Seed Phrase Guide.

Generate the seed:

1. From the main menu, select "New Seed Words"
2. The Coldcard generates 24 words using its hardware random number generator
3. The words appear on screen, one set at a time

Write them down:

1. Use the included backup card or clean paper
2. Write each word carefully, in order, numbered 1–24
3. Double-check your spelling — BIP-39 words look similar (e.g., "abandon" vs "about")
4. The Coldcard will quiz you on several words to verify you wrote them correctly

What NOT to do:

• Never type the seed into any internet-connected device
• Never photograph it
• Never store it digitally anywhere
• Never share it with anyone

Optional: Add dice roll entropy

Select "New Seed Words" then "Advanced" to roll a physical die 99 times. The Coldcard mixes your dice rolls with its hardware randomness. This satisfies anyone who wants to verify their own entropy source.

Optional: BIP39 Passphrase (25th Word)

After generating your 24 words, you can add a BIP39 passphrase — a user-defined string that produces an entirely separate wallet. Even if someone steals your 24 words, they cannot access your bitcoin without the passphrase.

Critical tradeoff: forgetting the passphrase means permanently losing access. Only use this if you understand the risk and have a secure, separate storage method for the passphrase.

Step 3: Verify Your Backup

Before moving on:

1. Go to "Advanced/Tools" > "Backup" > "Verify Backup"
2. Re-enter specific words the Coldcard asks for
3. Confirm the match

Optional: Encrypted MicroSD backup

1. Insert a MicroSD card
2. Go to "Advanced/Tools" > "Backup" > "Backup System"
3. The Coldcard saves an encrypted backup file to the card
4. Write down the displayed encryption password and store it with your backup card

This encrypted file is an additional safety net — your written 24 words remain the primary and most important backup.

Step 4: Connect to Sparrow Wallet

Sparrow Wallet is the ideal desktop companion for the Coldcard. For a full Sparrow setup walkthrough, see our Sparrow Wallet guide.

Export your wallet from the Coldcard (MicroSD):

1. Insert your MicroSD card into the Coldcard
2. Go to "Advanced/Tools" > "Export Wallet" > "Generic JSON"
3. Enter account number 0 when prompted
4. The Coldcard saves coldcard-export.json to the MicroSD card
5. Remove the MicroSD card

Alternative: NFC export

The Coldcard Mk4 supports NFC. If your setup supports it, you can transfer the wallet export wirelessly — faster than MicroSD for frequent operations.

Import into Sparrow:

1. Insert the MicroSD card into your computer
2. In Sparrow, go to File > New Wallet
3. Give your wallet a name and click Create Wallet
4. On the settings screen, click "Airgapped Hardware Wallet"
5. Find the Coldcard section and click "Import File"
6. Select coldcard-export.json from the MicroSD card
7. Click "Apply" and set a password for the Sparrow wallet file

You now have a watch-only wallet in Sparrow. It can track your balance and generate addresses, but cannot spend bitcoin without the Coldcard signing the transaction.

Script type note: For fresh setups in 2026, choose Taproot (P2TR) on the Coldcard before exporting. Sparrow v2.x fully supports Taproot, which gives you more efficient transactions and the best available privacy.

Step 5: Receive Your First Bitcoin

Generate a receiving address:

1. In Sparrow, click the "Receive" tab
2. Sparrow displays a bitcoin address and QR code

Verify the address on your Coldcard — do not skip this:

1. On your Coldcard, go to "Address Explorer"
2. Enter account number 0
3. Scroll through the addresses
4. Confirm the address matches what Sparrow displays

If they match, you are safe to receive bitcoin at that address. A mismatch means something is wrong — do not send funds until you understand why.

This step protects you against malicious wallet software showing you a fraudulent address it controls. Always verify on the hardware device before sharing a receive address.

Step 6: Send Your First Transaction (Air-Gapped)

The air-gapped workflow: create the transaction on your computer, sign it offline on the Coldcard, broadcast from your computer. The file format is PSBT (Partially Signed Bitcoin Transaction).

Create the transaction in Sparrow:

1. Click the "Send" tab
2. Enter the recipient's address, amount, and fee rate
3. Click "Create Transaction"
4. Review the details, then click "Finalize Transaction for Signing"

Save the PSBT to MicroSD:

1. Insert the MicroSD card into your computer
2. Click "Save Transaction" in Sparrow
3. Save the .psbt file to the MicroSD card
4. Remove the card from your computer

Sign on the Coldcard:

1. Insert the MicroSD card into your Coldcard
2. Power on and enter your PIN — verify your anti-phishing words before entering the second half
3. From the main menu, select "Ready to Sign"
4. Select the .psbt file
5. The Coldcard displays recipient address, amount, and fee
6. Verify everything carefully. Confirm the address and amount match your intent
7. Press the checkmark to sign
8. The Coldcard saves a -signed.psbt file to the MicroSD card

Broadcast from Sparrow:

1. Insert the MicroSD card into your computer
2. In Sparrow, click "Load Transaction"
3. Select the signed .psbt file
4. Click "Broadcast Transaction"

Your transaction is live on the network.

Advanced Features Worth Knowing

Seed XOR: Split Your Seed for Extra Security

The Coldcard Mk4 supports Seed XOR, which lets you split your 24-word seed into two or more separate 24-word backups. You need all parts to reconstruct the original seed. This means a single backup location being compromised does not expose your bitcoin.

This is an advanced feature for users who have mastered the basics. Find it under "Advanced/Tools" > "Seed XOR."

Spending Limits

The Coldcard lets you configure spending limits — maximum transaction amounts that can be signed without additional confirmation. Useful for setups where you want an extra friction layer on large outflows.

Find this in "Settings" > "Multisig Wallets" or "Spending Limits" depending on your firmware version.

PSBT Over NFC

For operations that do not require a full air gap (e.g., signing smaller transactions more quickly), the Coldcard Mk4's NFC capability can transfer PSBTs to and from compatible devices wirelessly. Faster than MicroSD for high-frequency workflows.

Air-Gapped vs. USB: Which Should You Use?

The Coldcard Mk4 supports both air-gapped (MicroSD) and USB-connected operation.

Air-gapped is better when:

• You are storing significant amounts of bitcoin
• You want maximum security (keys never near an internet-connected device)
• You use the Coldcard as cold storage that you touch rarely

USB connection is better when:

• You are making frequent transactions and want a faster workflow
• You are comfortable with the physical USB connection
• You are using Sparrow's USB signing feature for direct communication

For most people holding bitcoin long-term, the air-gapped method is worth the extra 60 seconds per transaction.

Firmware Updates

Keeping firmware current is important for security patches.

Check your current version:

1. Unlock your Coldcard
2. Go to "Advanced/Tools" > "Upgrade Firmware" > "Show Version"

Download the latest firmware:

1. Visit coldcard.com/docs/upgrade
2. Download the .dfu file for the Mk4
3. Optionally verify via PGP signatures

Install the update:

1. Copy the .dfu file to a FAT32-formatted MicroSD card (32 GB or smaller)
2. Insert the card into your Coldcard
3. Go to "Advanced/Tools" > "Upgrade Firmware" > "From MicroSD"
4. Select the firmware file
5. Do not disconnect power during the update (takes ~15 seconds)
6. Device restarts automatically

The LED may turn red during the update. This is normal. After logging in post-update, it returns to green.

Common Setup Issues and Fixes

Coldcard freezes on startup Hold the power key for 10 seconds to force a restart. Try a different power source (battery pack instead of wall charger). Persistent freezing may indicate a hardware issue — contact Coinkite.

MicroSD card not recognized Make sure the card is 32 GB or smaller and formatted FAT32. Larger cards formatted as exFAT will not work. Push the card in until it clicks.

Sparrow shows "error executing HWI" when connecting via USB Make sure you are running Windows 10/11, macOS 10.15+, or a recent Linux distribution. Try a different USB cable or port.

Anti-phishing words look wrong Do not enter the second part of your PIN. Your device may have been swapped or tampered with. Contact Coinkite before proceeding.

"Troublesome Change Outs" warning when signing A security warning that the change output structure differs from your inputs. If you created the transaction in Sparrow and the details look correct, you can safely approve it. Common false positive in single-sig setups.

Max Network Fee exceeded The Coldcard blocks transactions where the fee exceeds 10% of the total value by default. Adjust in Settings if you intentionally want a high-fee transaction.

Metal Backup Your Seed Phrase

Paper works, but paper burns, fades, and dissolves in water. For long-term storage, stamp or engrave your 24 words onto a metal plate.

The SeedPlate (made by Coinkite) is a natural companion to the Coldcard — a stainless steel plate you punch your words into. Available at Coinkite. Other options include titanium plates and steel washers.

Store your metal backup in a secure location, separate from your Coldcard. If someone finds your seed phrase, they can take your bitcoin without needing the device or your PIN.

For a complete guide on seed phrase storage, read What Is a Seed Phrase and How to Protect It.

Frequently Asked Questions

What happens if my Coldcard breaks or gets lost?

Your bitcoin is safe as long as you have your 24-word seed phrase. Buy a new Coldcard (or any BIP-39 compatible hardware wallet), select "Import Existing" instead of "New Seed Words," and enter your 24 words. Your wallet and all your bitcoin are restored exactly.

Can I use the Coldcard with wallets other than Sparrow?

Yes. The Coldcard works with Electrum, Wasabi Wallet, Nunchuk, Specter Desktop, and others. Sparrow is the most popular choice for air-gapped setups because of its excellent PSBT support and clean interface. See our Sparrow Wallet guide for the full pairing workflow.

Should I add a BIP39 passphrase?

A passphrase adds a powerful security layer — even if someone finds your 24 words, they cannot access your bitcoin without it. However, if you forget the passphrase, your bitcoin is gone permanently. Only use one if you understand the tradeoff and have a secure, separate way to preserve it. See our Self-Custody Guide for more on this decision.

What is Seed XOR and should I use it?

Seed XOR lets you split your seed into two or more parts, each of which is a valid-looking (but useless) 24-word phrase on its own. You need all parts to reconstruct your actual seed. This is useful if you want to store backups in multiple locations without any single location being enough to steal your bitcoin. It is an advanced feature — master the basics first.

Is the Coldcard Mk4 worth $150?

For anyone holding meaningful amounts of bitcoin long-term, yes. The Mk4 is the most security-focused hardware wallet available, with features like air-gapped operation, the two-part anti-phishing PIN, Seed XOR, and spending limits that no other wallet matches. For a detailed breakdown, read our Coldcard Mk4 review.

How often should I update the firmware?

Check every few months. Don't skip major versions. Security patches are the most important reason to update. You don't need to update every minor release unless it fixes something directly relevant to your setup.

Can I use the Coldcard without a computer?

You can generate and store keys entirely on the Coldcard without a computer. But to send or receive bitcoin, you need wallet software (like Sparrow) on a computer to build and broadcast transactions. The Coldcard handles signing; the computer handles the network.

Does the Coldcard support Taproot?

Yes. The Coldcard Mk4 fully supports Taproot (P2TR) addresses and PSBT signing for Taproot transactions. In 2026, Taproot is the recommended script type for new wallets — choose it when exporting your wallet to Sparrow.

Ready to set up your Coldcard? Get the Coldcard Mk4 directly from Coinkite and take full control of your bitcoin.

For more on securing your bitcoin, explore our [Self-Custody Guide](/learn/self-custody-guide/), [Seed Phrase Guide](/learn/seed-phrase-explained/), and [Sparrow Wallet guide](/wallets/sparrow-wallet-guide/).

Affiliate disclosure: Some links in this guide are affiliate links. If you purchase through them, Bitcoin.diy may earn a commission at no extra cost to you.