A Primer on Crypto Custody

Crypto Custody of Wallets Allow for Accessibility and Security of Digital Assets

Once an investor invests in a cryptocurrency, as with any other asset, it becomes important to store it in a way that is secure and accessible. To do this, investors can use a crypto wallet, which functions similar to how a leather wallet carries cash. Rather than storing physical assets, crypto wallets contain a public key and a private key.

The former is effectively the public-facing wallet address and is used to receive inbound cryptocurrencies. When sending crypto to a wallet address, you put the public key as the destination address. A private key is used to facilitate the transfer of cryptocurrencies out of a wallet and prove ownership over any funds held at the address. Possession of the private key allows an individual to effectively take control of the assets inside the wallet and move the fund elsewhere, and thus it becomes important that this key should be known only by the owner of wallet itself.

Both keys work together to send cryptocurrency from one wallet to another. In order to send coins through the blockchain network, a user must first enter the public key as the final destination and then confirm the transaction by entering the private key.

Crypto custody is the safekeeping these keys. Private keys, in particular, can be hard to remember or can be stolen or hacked. Lost private keys will result in crypto holders to forever losing access to their wallets, and thus, their crypto. Crypto custody is to protect investors’ private keys and, as a consequence, their digital assets. One can self-custody, where the investor is their own custodian, or can utilize third party custodians, where investors allow firms such crypto exchanges, crypto managers and crypto custodians to hold their keys for them.

Custodians can choose between a hot or cold wallet to hold these keys. Hot wallets are connected to the Internet, whereas cold wallets are offline but can be made online when investors want to access their crypto. While the former is more convenient to use, the latter provides greater security.

Investors Can Choose to Self-Custody or Work with Third-Party Custodians

Self-custody is when investors personally hold the private key for their own wallet, such as through a desktop or hardware wallet. Being your own custodian means having complete control over your wallet, but it also means you bear all the risks too. For example, if you lose access to the physical device that serves as your crypto wallet, forget the private key, or are hacked, you will lose access to your crypto.

On the other hand, investors can work with third-party custodians. These custodians hold clients’ private keys to their wallets for them and ensure the security of their holdings. Third party custodians include aforementioned crypto exchanges (such as Coinbase and Binance) and other platforms (such as Anchorage, NYDIG and Paxos). While institutional investors are typically required to use a “qualified custodian”, retail investors can choose between third-party custodian vs. self-custody. Third-party custodians allow investors to be more hands-off, thus making it the easier option for newer investors. Some custodians can also offer insurance on the funds stored with them.

Crypto exchange Gemini (according to their website), for example, insures against the theft of digital assets from Gemini’s hot wallet that results from a direct security breach, hack of Gemini’s systems, a fraudulent transfer initiated by Gemini, or theft by a Gemini employee. Their policy does not, however, cover losses from any losses resulting from unauthorized access to an individual’s account.

Third-party custodians can also offer interest on funds an investor chooses to store with them. Gemini, for example, offers up to 8.05% APY through Gemini Earn. However, since the third-party custodian controls your crypto, they can choose to freeze or block your assets or limit withdrawals. Such was the case with crypto lenders Celsius and Voyager Digital, which froze users’ assets due to extreme market conditions in the crypto market.

Investors Can Choose Hot or Cold Wallets: Hot Wallets Are More Convenient but Cold Wallets Are More Secure

Regardless if one chooses to self-custody or use a third-party custody, their private keys will be stored in a crypto wallet. Besides storing the private keys, crypto wallets allow funds to be secure and accessible and allows owners to send and receive crypto. Investors and custodians can use hot wallets or cold wallets.

Hot wallets are connected to the Internet and are linked with public keys and private keys that help facilitate transactions and act as security measures. Hot wallets can be in the form of web browser-based wallets, mobile wallets and desktop wallets. A benefit of hot wallets is ease-of-use.

Because they are always online, there’s no need to transition between offline and online to make a cryptocurrency transaction. Users can easily use mobile hot wallets to trade or make purchases with their cryptocurrency. However, because hot wallets are always online and public and private keys are stored on the internet, they are vulnerable to online attacks such as phishing attacks, which could lead to stolen funds. Examples of hot wallets include MetaMask, Coinbase Wallet, Phantom and Edge Wallet.

Cold wallets, on the other hand, remain offline and must be made online by the owner in order to access their funds. Thus, cold wallets are generally more secure than hot wallets and stealing from a cold wallet usually would require physical possession of or access to the cold wallet, as well as any associated PINs or passwords that must be used to access the funds. Cold wallets can be in various forms, such as paper wallets or hardware wallets. Hardware wallets are less convenient than hot wallets because they must be powered on and then connected to the internet. In addition, while hot wallets are usually free, hardware wallets can cost between $50 and $200 but is an important investment for investors holding large amounts of crypto to guarantee security for their funds.

Many institutional grade custodians will use store the majority of their digital assets in a cold wallet, and the remaining in hot wallet for easier access. Institutional custodians in particular also offer other security measures, such as the aforementioned insurance. Gemini Wallet, thus, stores across hot and cold wallets and insures the hot wallet for system against system wide breaches. Institutional custodians can also can utilize bug bounty programs, which involve ethical hackers to find system vulnerabilities that can be addressed by the custodian.




Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Fundamental analysis on cryptocurrencies, digital assets and blockchain enabled financial products