Why Crypto Self-Custody is Not the Future
A common saying among crypto enthusiasts is “not your keys, not your coins.”While this idea of keeping all of your cryptocurrency in your own wallet rather than with an external provider may have been true in the early days of Bitcoin and may still be somewhat true today, it’s increasingly losing its appeal to me.
Let me start with a short explanation of the most common blockchain based wallets. Most crypto wallets are made up of a private key and a public key. The private key should be kept secret, acts as a password to your account, and is required to authorize transactions. The public key is your “address,” is needed for other people to send crypto to your account, and lets people view the contents of your account. The “keys” from the saying “not your keys, not your coins” refers to the private key. If you don’t have the private key, you can’t authorize transactions.
There are several different ways to store your cryptocurrency but they can all be categorized into three different categories: software wallets, hardware wallets, and exchanges/custody providers. Software wallets are pieces of software that store your private key and can use it to create and authorize transactions for you. They are essential if you want to interact with the blockchain in any way, including buying NFTs or participating in DeFi (decentralized finance). However, because the devices that this software is running on are connected to the internet, they are not very secure. Software wallets are vulnerable to social engineering scams and malware.
Hardware wallets, like the one depicted above, are often advertised as the ideal way to keep your crypto safe. To use it, the wallet needs to connect to computer with internet connectivity (usually a smartphone or laptop). Then, a transaction is created by the computer, authorized by the hardware wallet, and then passed back to the computer to be sent off to the blockchain network. During this process, the hardware wallet can keep the private key safe, even if the connected device is riddled with malware.
However, even hardware wallets have security issues. They are still vulnerable to social engineering scams. For example, if a user is tricked into thinking a fake NFT marketplace website is legitimate, they could attempt to purchase an NFT and authorize the transaction on the hardware wallet. The money is then sent to the scammer’s wallet without the user getting anything in return. There is no way to reverse that transaction.
Most, if not all, hardware wallets have also been shown to be hackable if the hacker has physical access to the device. In some cases, the hacker would be able to directly extract the private key. In other cases, the hacker would be able to take control of the device and install their own software. Then, if the user tries to authorize a transaction in the future, they could be deceived into authorizing an entirely different transaction that empties their account.
Exchanges and Custody Providers
This category includes any service that stores the cryptocurrency for you. This includes cryptocurrency exchanges like Coinbase, interest account providers like BlockFi, or custody providers like Coinbase Custody. The key difference beween using these services instead of self-custody wallets (hardware or software wallets) is that you do not have your own private key. Your crypto is held by the service provider, often in the same wallet with many other users’ crypto.
These service providers have traditionally been disregarded as a safe way to store your cryptocurrency because of their lack of security. Cryptocurrency exchanges have large targets on their backs and are often hacked, with billions of dollars worth being stolen every year. There have also been many cases of accounts being locked because the account owner tried to deposit cryptocurrency that had been previously linked to illegal activity (even if the account owner was not involved in any way).
However, the security of these service providers is increasing at rapid speeds, and I believe that they will soon achieve higher levels of security than self-custody wallets. Increased regulation and demand for cryptocurrency related services has driven these companies to focus more and more on the security of their services. The cryptocurrency stored with them is also increasingly covered by insurance, much unlike any self-custody wallets. Larger companies such as MicroStrategy are choosing to trust custody providers to store their crypto for them.
There are also numerous advantages over self-custody solutions. High levels of scamming and illegal activity highlights the need for customer support and consumer protection measures, which are often much easier for these service providers to implement. Consumers don’t need to pay attention or even think about the security of their cryptocurrency because that is handled by the service provider. The services are much simpler than self-custody solutions, giving opportunities for less involved or tech-savvy individuals to participate or invest. Even support for direct interactions with the blockchain such as DeFi or NFT transactions are being implemented. For example, Coinbase offers DeFi-based interest rates on any DAI (a cryptocurrency tied to the USD) in your account and will soon be releasing an NFT marketplace. These services don’t just imitate the experience with self-custody solutions, they improve on them by being much simpler to use and requiring no technological expertise to use safely.
For cryptocurrency and blockchain technology to become mainstream, the simplicity and ease of use of related services will also have to improve so that an average person can use them without running into issues. Direct interaction with the blockchain will eventually fade into the background to increase accessibility for the average consumer. It remains to be seen how this future will be realized, but I believe full custody service providers will play a central role.