The concept of custody for cryptocurrency divides opinion, predominantly between industry stalwarts and new crypto users. The phrase “not your keys, not your crypto”, popularised by crypto evangelist Andreas Antonopoulos, regularly appears in comment sections and on social media about the topic. According to its proponents, if you do not have full sovereignty over your crypto assets, then someone else owns them.
Ultimately, the decentralised nature of crypto means the holder can define their own level of autonomy over it. You can assume full responsibility for your assets and be your own bank, entrust them with a custody provider or anything in between. There is an increasingly broad array of options all along this spectrum which cater for all types of crypto users – so what are they and what do they offer?
Hard, soft, hot or cold?
Cryptocurrency wallets enable their users to hold their virtual assets with varying degrees of accessibility, security and interoperability. The key differentiator between wallets is whether they are ‘hot’ or ‘cold’.
Hot wallets exist solely in a digital format on a computer with internet connectivity, therefore offering accessibility to their users first and foremost. They include cloud, browser and mobile wallets as well as your account on a crypto exchange.
Cold wallets are physical wallets programmed to enable the secure, offline storage of crypto. Typically, these come in the form of a USB stick-style device or as a ‘paper wallet’ which, quite simply, is your public and private keys printed on a sheet of paper. By no means the most technical solution, but a solid way to ensure a high level of security for your crypto if stored in a safe place.
Using a combination of both a hot and a cold wallet is a sensible solution, enabling easy access to some of your crypto for trading and secure, offline storage for longer term holding. Next, we will discuss some of the types of hot and cold wallets and the safety features that they provide.
By design, hot wallets primarily offer convenience. From cloud-based wallets such as those offered by Coinbase, Bitpay< and Status to software wallets like Electrum, Exodus and Jaxx, these are non-custodial solutions that provide wallet functionality but leave the entire responsibility for the private key to the user.
And therein lies the biggest security risk: the digital storage of your public and private keys in hot wallets make them the most susceptible to hacking. In particular, simply leaving your digital assets in your exchange account is inadvisable due to the regular targeting of these hot, high-volume stores of currency.
Large scale hacking of exchanges has been a common occurrence since the dawn of Bitcoin, so it is best practice to keep your assets outside these environments—in your hot wallet at the very least—when not trading.
Individuals have experienced significant losses through hacking, too. Selecting your hardware wallet is but one element of an ongoing security effort; the rest depends on how careful, attentive and vigilant you are with your assets and information.
Cold wallets are deemed the safest means of storing crypto assets. The hardware devices offered by Ledger and Trezor are the most popular choices, with reliable support for multiple cryptoassets.
The security offered by the hardware is very high level, although the majority of issues stem from personal lapses in security. In the event that you forget your PIN or passphrase for your hardware wallet, you would use a recovery key to access your assets which, according to advice, should be physically stored in a secure location.
Cryptosteel is a tool designed for exactly this purpose. Once you’ve manually assembled your recovery phrase into the stainless steel, rust-proof, acid-resistant and fireproof device, it keeps your recovery phrase safe from the elements. The challenge remains, however: where do you store it?
In most circumstances, those recovery phrases will be kept on paper and much like paper wallets, your security is rendered only as strong as the material it is printed on and the location it is stored in. Loss, damage, wear and tear and accidental sharing regularly render significant sums of cryptocurrency inaccessible but, if the paper is kept safe, it is still more secure from external threats than a hot wallet.
Recommended security measures
Different technologies, from pen and paper to sophisticated digital security, offer ample protection from attacks by nefarious parties, so the overarching point of this post is already quite clear: the onus is on the individual to make their crypto assets as secure as possible.
So, here are 7 best practice tips:
- Regularly back up your hot wallet and private keys and encrypt the backup file. An encrypted backup is stored offline and means that even if you do lose access to your wallet, you will be able to recover it from the point of encryption.
- Ensure that your cold wallet PIN is secure. As with the PIN for your bank account and any of your passwords, make sure that your wallet PIN is hard to guess.
- Keep your cold wallet recovery phrase offline. Storing it online—in an email or on a cloud-based file storage service for example—will reduce the security of your cold wallet to that of a hot wallet.
- Use multiple secure locations to store your information. Reliance on a single point of failure carries much more risk, so consider storing information on different mediums and in different places.
- Use a hot wallet which has multi-signature (multisig) functionality. In a similar vein to point 4, multisig only allows a transaction to be sent once multiple separate approvals have been given. If a single device or point of access to your crypto is compromised, it would also require approval from the other points.
- Keep a small amount of your holdings in your hot wallet at any one time. Reduce your exposure to external threats and only hold small denominations digitally for everyday use.
- Don’t give out any specific details relating to your assets online. It may seem obvious, but ensure that the websites you log in on have an HTTPS certificate. Once logged in, don’t discuss the amount of crypto you hold or where you hold it, even if it is in cold storage.
How can I reduce my liability?
Crypto is an emerging asset class which, despite its volatility, is piquing interest among retail investors and institutions alike as a portfolio diversifier with high potential upside.
As cutting-edge funds begin to increase the size of their crypto holdings—by up to 3 times in the past 12 months—dedicated crypto custodians are now coming to the fore. Custodians of traditional assets such as stocks, bonds and other financial instruments are a well established requirement, so their crypto counterparts are a natural progression for what many deem to be the future of finance.
Helping institutions into the market with high grade crypto custody will increase activity trading volumes by multitudes. But the safe, secure, professional custody services that they receive should be available to market participants at all levels to reduce personal liability for the security of crypto holdings and increase overall safety for the ecosystem.
So should I use a custody solution?
You might decide to use a custody solution—or any of the other storage solutions mentioned in this post—based on:
- The size of your crypto portfolio;
- How many different types of cryptoasset you hold;
- Any regulatory requirements you might be subject to;
- How often you’ll need access to it, and;
- How much you are willing to pay for a solution.
Ultimately, the crypto space is moving into the mainstream and, just as bank accounts are the default vehicle for spending and saving your fiat money, a combination of digital wallets and custody is the equivalent for crypto.
“Not your keys, not your crypto” is a warning to be heeded in the wake of exchange hacks, scandals and lax controls. But, as the industry moves towards compliance and regulation, legitimate custodians will start to offer the strong governance, controls and processes that will give comfort to cryptocurrency users new and old.