coinhost / docs / getting started

Install & set up

The 90-second path from zero to a Coinhost-ready device. At the end of this page, your mobile key exists, your account is secure, and you're ready to create a vault.

01 of 4 ~3 min read last updated Apr 18, 2026

1. Install the app

Coinhost is mobile-first. During private beta, testnet builds are distributed via TestFlight (iOS) and closed Play tracks (Android). Request access from the waitlist — approved testers receive an invite within 48 hours.

Beta note

Mainnet builds won't reach public app stores until Q3 2026, after our external security audit.

2. Create your account

Open the app, tap Create account, enter your email and a strong password. You'll verify the email before proceeding.

Security questions

You pick three security questions during registration. These gate the recovery flow later — we'll never call you to "verify" them. Write down the answers somewhere you'll still have access to in a year.

Terms & privacy

Accept terms and the privacy policy. The privacy policy is deliberately boring: we store your email, an Argon2 password hash, and metadata about your vaults. No analytics SDKs that track behavior; crash reporting is opt-out.

3. Your mobile key is generated

During email verification, Coinhost generates your mobile signing key silently, on-device. You won't see a 12-word phrase. You won't be asked to copy anything down.

Here's what actually happens:

A BIP39 mnemonic is created inside your phone's secure element using its hardware RNG.
The mnemonic derives an xpub at m/48'/0'/0'/2' (mainnet) or m/48'/1'/0'/2' (testnet).
The key material stays in the iOS Secure Enclave / Android Keystore. It never enters the JavaScript heap in plaintext.
An encrypted backup blob uploads to iCloud or Google Drive. The encryption key is device-bound; the cloud provider cannot decrypt it.

Why seedless?

Because every seed-phrase backup ritual eventually fails — metal plates get lost, photos get discovered, spouses forget where the envelope is. 2-of-3 multisig lets us skip the ritual entirely: your other keys are the backup.

4. Set your PIN & enable biometrics

Choose a 6-digit PIN. The PIN gates access to the keychain entry holding your mobile key — without it, the key can't be used, even by malware running on your device.

Then optionally enable Face ID / Touch ID / fingerprint. This just means you won't have to type the PIN every time; the PIN itself is always the backstop.

# what gets stored where:
email          →  Coinhost server (hashed, Argon2id)
password       →  never stored server-side; login derives auth token
mobile key     →  Secure Enclave / Keystore, PIN-gated
cloud backup   →  iCloud / Google Drive, device-key encrypted

5. You're ready

At this point you have a Coinhost account and a mobile key. The next step is creating a vault — which is where your hardware wallet and Coinhost's recovery key join the party.

← back Docs home next Creating a vault →