In today’s Exponential Investor:

  • Protect your keys
  • Self-custody options
  • Exchange-to-wallet steps

“Not your keys, not your crypto” is a popular expression in the crypto world.

It’s not the first time you’ve heard us use it, and it probably won’t be the last.

It means that, if you don’t have hold the private keys that let you access your crypto holdings, your crypto isn’t actually yours.

Therefore, if you have crypto on an exchange that controls the private keys, the exchange controls your crypto.

It’s not until you’ve transferred your crypto from the exchange to your own wallet and you and only you have access to those private keys that the crypto really belongs to you.

Recent events in the crypto world have underscored the importance of keeping your crypto in wallets that you control, not a third party.

The collapse of the exchange, once the third-largest crypto exchange in the world, shows that your crypto isn’t entirely safe on any exchange.

If the exchange where your crypto is being stored goes down, goes bankrupt or just goes rogue, your crypto – and potentially a vast sum of wealth – goes down with it.

Since the collapse, we’ve had many questions about self-custody, primarily on what it means and how to do it, so that’s what we’re going to discuss today.

What is self-custody?

In crypto, self-custody is when you store your crypto in your own private wallet away from an exchange or third party.

This gives you complete control over your crypto holdings.

That said, let’s take a closer look at the self-custody options available.

Your keys, your crypto

In the crypto world, wallets are largely either “hot” or “cold”.

A hot wallet simply means the wallet is connected to the internet. A cold wallet, such as a USB stick, means it’s not.

There are three main types of hot wallet: a web wallet, a desktop/mobile wallet, and an exchange wallet.

First, web wallets store your private keys on a server, which is always online and accessible through a browser address.

This is probably the easiest to set up, as you only need your email address. You also don’t have the faff that comes with downloading wallet applications.

However, as is the case with most hot wallets, they can be susceptible to malicious malware. Some web wallets also don’t give you access to your private keys, so they are no different from an exchange.

Second, desktop and mobile wallets are applications that you download and run on your device.

Examples of these include MetaMask, Trust Wallet and even Coinbase.

(NB: Coinbase has a hosted exchange wallet and self-custody wallet, so don’t confuse leaving your crypto on the hosted wallet with a self-custody wallet.)

MetaMask is the most used crypto wallet in the world, with over 30 million monthly active users.

Desktop and mobile wallets give more control than a web wallet, as you have your own wallet version stored on your device. You can also import the wallet to multiple devices if you know your seed phrase (more on this later).

However, things can get a little confusing if you have multiple wallets for multiple crypto networks, so keeping track of which wallets you have and where you have them is important.

Finally, last of the hot wallets is the exchange wallet.

When you buy your crypto on an exchange, such as Coinbase or Binance, it will automatically sit in your exchange wallet.

However, as noted above, while it’s convenient to leave your crypto on-exchange, you’ll get the lowest  level of security and you’ll have no control of your holdings.

It’s a risk that we’ve never been comfortable with, and we’ve always strongly suggested that people self-custody assets off-exchange to avoid disasters like or other high-profile exchange collapses such as QuadrigaCX and Mt.Gox.

Cold wallets provide a different kind of self-custody.

Since they are kept offline and out of reach of malware and hackers, cold wallets are very secure. However, this usually comes at the expense of speed and efficiency. Inserting or loading up a cold wallet on a device is timelier than clicking on a wallet application.

One of the earliest iterations of a cold wallet was the paper wallet.

With the rise of bitcoin in the late 2000s, paper wallets were the main way to store the crypto until other digital wallets became more prominent.

A paper wallet is essentially your private key existing on a piece of paper. Yes, it sounds ridiculous today, but that’s how you did things a decade ago.

The private key can be used to import your wallet to an appropriate interface to move your crypto around. Storing your private key this way means it’s completely offline but still allows full control of your assets.

You can still create your own paper wallet using websites such as BitAddress.

It’s also worth noting that companies like Billfodl provide virtually indestructible metal devices that allow you to keep your private key on something exponentially more robust and long-lasting than paper!

However, there is now a new gold standard of cold crypto wallet: the hardware wallet.

The hardware wallet is a sophisticated device that provides the security of a cold wallet, but also the speed of a hot wallet.

Two leading providers of hardware wallets are Ledger and Trezor, and they have multiple models to choose from. Popular versions include the Ledger Nano S and Trezor Model One.

You can find the official sites of Ledger here and Trezor here.

It’s typical for hardware wallets to sell for around £100. There are cheaper USB wallet options, with some going for around £10.

Your private keys are stored and encrypted on a hardware wallet. Nobody – and not even the computer to which you are connecting the wallet – can see them. However, you must be aware of phishing sites. This means that, if you connect your hardware device to a fraudulent website that’s laced with malware, thinking that you’re on a legitimate site, your device may be compromised.

Also, buying these devices from third parties is unwise. If you can’t get them direct from the manufacturer, wait until you can. Often, third-party sellers sell corrupted devices that put your holdings at risk.

Hardware wallets are virtually unhackable unless you have some malicious malware on your device from a phishing site or a link or some kind of malware that you’ve accessed inadvertently.

As there’s a strict process for setting up a hardware device even if you lose it, you could still gain access to your crypto by inputting your seed phrase on another hardware wallet device.

This moves us nicely on to what a seed phrase is in crypto and why it’s so important.

Removing the seed of doubt

Whatever wallet you choose to use, don’t forget this one golden rule.

Make a note of your seed phrase and/or private key. Not a screenshot, or a picture. A good old-fashioned hand-written note that you can store somewhere secure. As mentioned, devices like those from Billfodl are fantastic for this.

The seed phrase is the random combination of words that give access to your device/wallet. It usually ranges between 12 and 24 words.

If you don’t know this, and you lose the device that contains your wallets, or your hardware, your crypto will be gone forever.

We also recommend you make a note of your private keys.

Also, before getting a crypto wallet, you need to ensure that your crypto holdings are compatible with the wallet you’re using.

Otherwise, you may go to transfer your crypto from the exchange and to your wallet before realising the wallet doesn’t support that particular crypto. Not all devices can work with all crypto networks, and sometimes you may need to use a desktop wallet. But you should always use a wallet that allows you to self-custody your assets.

We also recommend that, when you start using a wallet, you transfer a small amount of crypto to begin with. This is to avoid making mistakes, and potentially losing money through user error.

Exchange to wallet

Moving crypto from exchange to a hot wallet may vary slightly from exchange to exchange, but the process is generally the same:

  1. Buy crypto on exchange.
  2. Choose your wallet address to withdraw to. Ensure wallet address is correct.
  3. Click on “Withdraw”, and, where prompted, add your exchange details, such as password two-factor authentication.
  4. Confirm transfer. Depending on the exchange, this can take some time. Also, once the transfer is processed, you need to wait for confirmations on the particular blockchain before it completes. With bitcoin, it could take hours; with something like Cosmos, it could take seconds.

Using a hardware wallet, you would:

  1. Plug in and sign into your wallet device.
  2. Select the coin you want to receive from the exchange.
  3. Find the wallet address you want to receive the crypto.
  4. Copy the address and paste it into the exchange from which you’re receiving assets.
  5. Send crypto to this address. Again, you’ll need to wait for the transaction to process and the blockchain to confirm the transaction.

Of course, you can then transfer crypto from your wallet back to the exchange using a similar procedure.

Hopefully, this has given you a head start when it comes to storing crypto in self-custody.

Always remember: not your keys, not your crypto.

Until next time,

Sam Volkering and Elliott Playle
Exponential Investor