WTH Does Non-Custodial Mean?
I have been involved in the cryptocurrency space for just over two years now. At the beginning of my journey, I had a really hard time understanding all the jargon: ECDSA, seed key, passphrase, etc. There’s just a lot to learn, even for someone technical. One topic that kept coming up again and again was this notion of custody. It’s really important and it’s critical you to know what it means.
Custody simply refers to who owns the assets. In the cryptocurrency world, a user can hold his or her assets (by holding private keys) or trust a third party to do it. E.G. Coinbase, Binance, Gemini.
Now let’s develop the idea of custody a bit more and talk about exchanges:
A custodial exchange is one that holds your cryptocurrencies. They have access to your funds and promise to keep them safe. This is essentially the same as legacy banking systems, they custody your money. You do not control your private keys, the exchange tells you when and how you can access your money.
A non-custodial exchange is the opposite, the exchange does not hold user funds and only he / she has access and can control / move it.
Although there is a strong argument to be made that custodial exchanges are a great entry point into cryptocurrencies for newbies (because they tend to be a bit more developed smoother user interfaces), lets not forget the fundamentally most interesting, powerful, and important property of blockchain technology: decentralization.
“You need to “be your own bank”. Crypto custody starts with a requirement: Crypto currencies being encrypted, you need to own and keep your own private keys, which will enable you to sign your transactions and you will own a secret code (a passphrase) that will allow you to recover your funds (a “seed”). The management of this private key and codes is at the origin of nearly all the problems you may have encountered to date.” — Techcrunch
I have a belief that you should control your own assets. We are at an inflection point for blockchain technology where you no longer need to choose between custodial (easy to use) and non-custodial (clunky and not intuitive) solutions. You can have non-custodial solutions that have all the benefits of nice UIs of custodial solutions.
You should be in control of your private keys, no one else. Let’s take a look why:
- In February 2014, Japan based Mt.Gox exchange, was hacked. Over $450 Million was stolen. They stated that almost 750,000 of its customers’ Bitcoins, as well as 100,000 of its own Bitcoins, had been stolen. The total loss constituted around 7% of all Bitcoins available.
- In August 2016, Bitfinex, the 2nd largest exchange in the history of Bitcoin, announced they got hacked. 120,000 BTC which was worth $72 million back then was stolen. Bitfinex wanted to use hot wallet instead of cold wallets to get better liquidity for their users. They partnered with BigGo, one of the biggest multi-sig wallet service providers in the world. Three private keys were distributed, two for Bitfinex and one for BitGo. BitGo would verify the validity of all transactions reducing the risk. There are a lot of theories as to why exactly that happened, but one of the most popular one states that BitGo would do whatever Bitfinex told them to do, so there was never a real extra signature required. There was only one point of failure and that was Bitfinex’s servers.
- In early 2018, Japanese exchange Coincheck was hacked. Attackers stole over $500 Million. Quoting from Fortune:
“The company did own up to a security lapse that allowed the thief to seize such a large sum: It kept customer assets in what’s known as a hot wallet, which is connected to external networks.”
In 2018, cybersecurity company Carbon Black stated that exchanges were the most popular target for cybercriminals, making up 27 percent of attacks of the entire year.
Let’s take a look at all the hacks that have occured….
Ok Mario, this is scary, I am fully convinced, how can I handle my own coins? — Alex.
There are two main options out there:
- Hot storage (software wallet): A lot of people use them (E.g: Bitcoin Core). They are simple desktop or mobile apps that hold your private keys and they are connected to the internet constantly. I personally like them a lot. It is like my Bank mobile app, but it contains my coins, right there.
- Cold storage (hardware wallet): This are hardware devices that people uses to store their coins. These ones are not connected to the internet by design, only when you use them.
Cold storage tends to be “safer” because it is not connected to the internet but is typically harder to use.
There are tons of solutions out there that allow users to custody their own assets (including us!). Do your homework.
If you want to know more about Ember Fund or continue the discussion, join me on Telegram or Twitter. Thanks for reading!
