Custodial vs. Non-Custodial Wallets

Wallet Basics

Cryptocurrency wallets are the primary way anyone can store, send, or receive digital assets. A crypto wallet is a client that connects you to the blockchain network, and it provides a visual way to interact with it, by displaying information like your account balance and transaction history on the network. It also makes the process of sending and receiving digital assets convenient, secure, and easy for an average user. 

The critical components of a cryptocurrency wallet are the public and private key pair. These are unique strings of characters that are used to identify the wallet and the user's ownership of the assets stored within it.

The public key is like a digital address, akin to a bank account number, that can be shared with others to receive funds.

The private key, on the other hand, is like a password or PIN that is used to access and manage the assets within the wallet. Like a PIN, the private key should be kept secret.

When a transaction is made, the wallet uses the private key to sign the transaction and confirm the user's ownership of the assets being sent. The transaction is then broadcast to the blockchain network, where it is verified and added to the blockchain ledger. Wallets initiate and manage transactions, and private and public key pairs sign, verify, and secure them on the blockchain network.

Custodial and Non-Custodial Wallet Introduction

There are two main categories of crypto wallets: custodial and non-custodial. Their difference revolves around control of the private key. Each has advantages and disadvantages, and which to choose depends on your personal tolerance of risk, trust, and responsibility. 

Custodial wallets are maintained and controlled by a third party, referred to as a “custodian.” The custodian has control over the private keys associated with the wallet, meaning they often have access to the funds stored within it. Popular examples of custodial wallets include those offered by exchanges like Blockchain.com and Binance. Creating a custodial wallet is similar to creating a digital bank account. Your custodian manages your assets and you place your trust in the institution to behave responsibly. The private key of the wallet is generated by the custodian and stored on their servers - with the notable exception of Fortmatic, which generates keys on the client-side, separated from the integrated app. Many custodians also offer a “password-protected private key,” where they cannot access private keys without a password provided by the client. 

In contrast, non-custodial wallets are self-sovereign, meaning the user controls their own private keys and, therefore, has complete access to their funds. In this case, the user is the custodian, and the wallet could be called “self-custodial.”  These types of wallets include hardware wallets like the BitBox02 and Trezor Model One, and software wallets like MyEtherWallet and MetaMask. From a security perspective, keeping assets in a non-custodial wallet is akin to storing cash at home. Your assets are entirely your own responsibility. The private key of a non-custodial wallet is generated on your personal device like a computer, web client, or hardware wallet. The private key is then stored as you see fit - but it is best to follow established security best-practices.

Custodial Wallet Pros and Cons

Custodial wallets are often considered the easiest option for new users, because creating one is as simple as making an account on a website. They often offer added convenience, such as the ability to easily buy and sell digital assets within the same platform. They also may support reversing transactions made in error, password recovery, and other customer support functions. However, there are downsides to using custodial wallets.

Since custodial wallets are maintained by a third party, they are a target for bad actors looking to steal large amounts of digital assets. However, reputable custodians understand this and have robust security standards in place. Additionally, in the event of a government crackdown, the custodian may be forced to hand over users' private keys to the authorities.

Custodial wallets are also subject to the risk of the platform itself shutting down, going bankrupt, or behaving improperly, which can lead to users losing access to their funds. A custodial wallet could work perfectly 99 times out of 100, but in the critical event where withdrawal is necessary, if something goes wrong, you could lose your assets.

In November 2022, as the crypto exchange and trading platform FTX was in the midst of collapse, users were locked from withdrawing their assets from the platform. Now bankrupt, FTX mismanaged and lost over $8 billion USD of customer funds. Unethical behavior was possible due to the custodial control FTX had over the assets inside of customer wallets. 

Non-Custodial Wallet Pros and Cons

Non-custodial wallets offer a potential for greater security and user control. Because these types of wallets allow users to hold and control their own private keys, they are not subject to the same risks of hacking or platform failure - but are not necessarily immune to it. Additionally, non-custodial wallets are often considered to be more resistant to government crackdowns, as there is not one central authority responsible for all user funds.

However, non-custodial wallets also have disadvantages. These types of wallets can be more difficult to set up and use, although their learning curve is shrinking rapidly.

A wallet from MetaMask, for instance, can be set up in under 5 minutes from start to finish, all inside of a web browser. The most important consideration for a hardware wallet is that users are responsible for their own security, meaning they must take the necessary precautions to protect their private keys. If a user loses their private keys or they get stolen, they will lose access to their funds.

It initially sounds reasonable to have personal responsibility for your own assets, but it is a serious consideration, and many people do not have the knowledge, diligence, or desire to protect their own assets.

Well-known Bitcoin core developer Luke Dash Jr. recently reported that his entire Bitcoin stack was stolen. While questions have emerged about his personal security setup, the long-term viability of securing one's own assets in an open digital environment is an ongoing concern for the industry.

Private Key Security

The security of both custodial and non-custodial wallets are governed by the security of the private key generation process. A typical user cannot validate every aspect of key generation themselves, and we all exhibit a degree of trust in our chosen wallet.  When using a custodial wallet, it can be difficult to know if the private key generation process has been compromised, because it is typically done on the custodian’s side - each customer may not even have their own keys. There are a few steps you can take to ensure the security of your assets and mitigate risk:

1. Use well-established and reputable service providers: Choose service providers that have a good track record of security and have been in the industry for a while. 
2. Check for security certifications: Service providers that have been certified by reputable organizations, such as the ISO, SOC 2, or PCI DSS, have undergone rigorous security audits and have been found to have adequate measures in place.
3. Protect your personal information: Provide the service provider with as little personal information as possible. Only grant the minimum amount of information required to create an account and avoid giving sensitive information like passport numbers.
4. Read Terms of Service (yes, really): Some custodial agreements will guarantee user asset recovery in the event of bankruptcy or other catastrophic events, and some will not. Choose carefully.
5. Use multi-factor authentication: If the service provider offers multi-factor authentication, enable it. This will add an extra layer of security to your account and make it more difficult for hackers to gain access.

Non-custodial wallets still may have risks during key generation. Steps to ensure security apply here too:

1. Use a hardware wallet: Hardware wallets provide an additional layer of security by requiring the user to physically confirm transactions and protect the private keys with a PIN code.
2. Consider using cold storage: Cold storage refers to storing private keys offline, disconnected from the internet. This is one of the most secure ways to store digital assets and is recommended for long-term storage.
3. Generate keys offline: Even if you don’t use cold-storage, consider generating the private keys on a clean device or hardware wallet disconnected from the internet instead of on your personal computer. 
4. Keep your private keys safe: Don’t let anyone else watch you while you generate your keys. After generation, store your private keys in a safe place, and avoid keeping them on a computer that is connected to the internet. Never send your keys over email or messenger applications, avoid having them in sight of cameras, and do not scan them on a photocopy machine. 
5. Backups: Paper backups in multiple safe locations work well and are easy to set up. Write down your seed phrase clearly on durable paper and use a pen with archival-quality ink. Make a note of where you store these - if you forget, they are useless, and if one gets lost you should consider the wallet compromised. 
6. Multi-factor authentication, updated software, anti-virus tools, and firewalls are always recommended.

While it may seem scary to consider the security of crypto wallets, it is an important aspect of this industry. Care is critical, but so is ease-of-use! You don't take on much risk if you are just experimenting with your first crypto wallet and don't plan to invest much in it - the best way to learn is to try. Naturally, as assets grow so does your knowledge, and you will begin to upgrade your security setup. 

Wallet Options

If you have determined which wallet solution is best for you, listed below are some popular custodial and non-custodial wallets.

Custodial:

1. Fortmatic*
2. Bitski*
3. ZenGo
4. Binance Wallet

Non-Custodial (software):

1. MetaMask*
2. Coinbase Wallet*
3. Exodus
4. Pillar

Non-Custodial (hardware):

1. Trezor
2. BitBox02
3. Ledger
4. KeepKey

*The Fortmatic, Bitski, MetaMask, and Coinbase wallets are all supported by our NFTeapot Shopify App.

Wrap-up

It is important to note that a choice of wallet is not set in stone, and assets can be transferred between the wallets of one user. A custodial wallet can be used for short-term trading, with regular transfers to a secure, long-term, self-custody solution, like a cold-storage hardware wallet. This system balances convenience and security, but you may need to budget for transaction fees. You also must ensure that your custodial wallet allows withdrawals to self-custody. Any wallet that does not support withdrawals in the native asset is not recommended. 

Custodial and non-custodial wallets each have their own pros and cons, and the best choice will depend on the individual user's specific needs and risk tolerance.

Custodial wallets are more convenient and easy to use but have a higher risk of hacking and platform failure. Non-custodial wallets provide users with more control and security but require more knowledge and personal responsibility for that security.

Here at Curvegrid, our engineers and staff use a variety of ways to store and secure their crypto. We tend to rely more on non-custodial solutions and hardware wallets, but the crypto security landscape develops constantly and everyone has different priorities - as always, DYOR.