The Essential Wallet Guide, Part 3: Custodial and Non-Custodial Mobile Wallets
Being able to access your finances on the go has revolutionized how we communicate. Some people make their entire living from working online, and their mobile phones are a big part of that system. To move crypto adoption forward, the developer community is tapping into the potential of crypto wallets that are designed specifically for the smartphone. (If you are concerned that mobile apps are not compatible with financial security, take a look at this article — you might be surprised!)
There are so many mobile crypto apps to choose from out there, that it may be difficult to understand how they differ and what specific benefits they offer. Mainly, mobile crypto apps fall into three categories:
1. custodial wallets (centralized)
2. non-custodial wallets (decentralized)
3. other, unique mobile solutions for interacting with the blockchain and Web3
Which app will be right for you depends completely on what your goals are.
Custodial
The most important distinction to understand with all crypto wallets, including mobile ones, is whether they are custodial or non-custodial, centralized or decentralized.
In a custodial (centralized) wallet, servers run by the app hold all your information for you. In these wallets you are more likely to have the same options that are available in a regular banking app, such as resetting your password, getting special deals on your birthday, signing up for an email list, and sometimes recovering stolen funds. These wallets can also be tied to online exchanges, so it’s important to be aware how and where your information is being shared.
A good example of a custodial wallet is the original Coinbase app, which basically serves as the exchange built into your phone. Accounts are synced across their servers, so you can access the same wallet from either web or mobile by simply logging in with your email. This is very convenient, but it’s also a clear sign your information is being collected and stored by a third party. In these cases, there’s barely any difference from having a regular banking app. You are not in control of your funds and information.
By the way, exchanges can also be centralized or decentralized. When custodial wallets are tied to an exchange, it’s most likely a centralized exchange that holds your keys and your funds. Decentralized exchanges don’t hold your funds or manage your keys, so using them in combination with non-custodial wallets allows you to retain full control over your crypto.
Non-custodial
In a non-custodial (decentralized) wallet app, you are in charge of everything. None of your information is stored, so no one can manage your funds but you. This can sound frightening initially, but it’s also liberating in the long run. You will never have to pay surprise fees, deal with support for your password problems, or worry about your information getting leaked through back-end servers… because it doesn’t exist there. Your entire financial identity is yours alone.
This is what is meant by ‘being your own bank’ and ‘not your keys, not your crypto’. From a certain perspective, decentralization is the reason for blockchain’s existence in the first place, and with non-custodial wallets, you are taking advantage of the benefits of decentralized finance. In the big picture, non-custodial wallets are a more secure option because no one else has any control over your money. By putting the power entirely into your hands, though, non-custodial wallets can be challenging to manage. Losing your access information or sharing it with anyone can, and does, lead to the permanent loss of funds.
Unique solutions and the future of Web3
Some mobile crypto apps don’t fall neatly into either of the two wallet categories described above. For sites that support them, Progressive Web Apps (PWAs) can be installed on the smartphone as well as on the desktop (described in Part 1 of the wallet series). These are basically just web wallets accessed from the phone, but their mobile environment may not be the best if it’s not curated for mobile use. Accessing your wallet offline through a PWA can be useful in certain circumstances, but sending a transaction will always require a connection. Whether a PWA is custodial or non-custodial depends on the nature of the web service from which it originates.
Another type of mobile wallet is the hardware-like wallet. For example, take MEWconnect. This is MEW’s smartphone app, but it mainly acts as a secure access point for MEW’s web interface, rather than being a full interface in itself. Like a hardware wallet, it cannot send transactions from the device itself, but provides greater key security than any software solution. It even gives you a 24-word mnemonic phrase for recovery!
To use MEWconnect, you access the wallet on your phone, and then scan a QR code to secure the connection between mobile and browser. This technology is at the forefront of Web3 interactions and facilitates connectivity with real security to back it up. In the future, connections to multiple decentralized applications and even between mobile devices may be mediated via secure QR scans.
Hardware-like wallets are non-custodial by their nature, as they keep your keys secure within the device and give you a phrase for wallet recovery in case the device is lost or broken. When in doubt, remember this: if you’re receiving a 12 or 24 word phrase that you are asked to keep very safe and never give to anyone — you are using a non-custodial solution. If all you get is a password to the app, but no private key or phrase — then it’s a custodial one.
In Part 4, we’ll be returning to browser-based wallets with the ‘browlet’, a wallet that is hosted within a browser extension to allow interactions with Dapps and other actors in the Ethereum marketplace. We’ll also discuss what Web3 is, while reviewing the best security practices to keep you safe while exploring the cryptosphere. Keep an eye out!
