Coinhost documentation
Everything about how Coinhost works — from installing the app to exporting a sovereign recovery descriptor. Written for people who want to know what's happening under the hood.
Start here
Install & set up
Download the app, create an account, generate your mobile key. The 90-second path from nothing to your first vault-ready device.
Read → 02 / 4Creating a vault
The wizard, the descriptor, the three keys. Why you'll see "PENDING_HARDWARE" for a moment, and what "ACTIVE" actually means.
Read → 03 / 4Hardware setup
Pairing Trezor and Ledger via the Coinhost web bridge. Why we don't pair over Bluetooth. What the bridge does and doesn't see.
Read → 04 / 4Recovery
What happens when a key is lost. The 7-day cooling period. Exporting a sovereign recovery descriptor to leave Coinhost entirely.
Read →Core concepts
Three ideas do most of the work in Coinhost. The rest of the docs assume you've understood these.
1. Collaborative custody
You hold two keys. Coinhost holds one. Any two can sign. We are not a custodian — we're a co-signer you can fire at any time by exporting your descriptor and moving on.
2. Seedless
You never see a 12-word seed phrase for your mobile key. It's generated inside your phone's secure element and stays there. Recovery is via the other two keys, not by re-entering words.
3. Cooling periods are the product
Coinhost's recovery key won't sign for 7 days. During those 7 days, every vault participant gets daily alerts and one-click cancel. This is what makes coercion and social-engineering attacks reversible.
Coinhost is in private beta on testnet. Docs match v0.4.0 behavior — expect small changes before mainnet launch in Q3 2026.
Reference
For the deeper technical material:
- Security model — cryptographic primitives, key storage, threat model, audit status.
- FAQ — the questions we actually get asked.
- About & roadmap — milestones and company facts.