Crypto Custody: Self-Hosted or Exchange?

You can own Bitcoin in two ways: 1) Custody by an exchange (Coinbase, Kraken, Binance). You create an account, they hold your coins in their infrastructure. You access them through their app. 2) Self-custody through a wallet. You hold the private key (like a password) that controls your coins. Only you can move them. The 'Not Your Keys, Not Your Coins' saying reflects this. If Coinbase hacks and loses your Bitcoin, you have legal recourse but potentially lose money. If you lose your seed phrase (the master password for your wallet), your coins are gone forever with no recourse. Both approaches have risks.

Pros: Convenience (easy buying/selling), accessibility (access from any device), insurance (major exchanges insure deposits against hacks), and simplicity (no tech knowledge required). Cons: Counterparty risk (exchange bankruptcy, like FTX collapse in 2022 where customers lost billions), regulatory risk (government seizure or restriction), hacking risk (despite insurance, sometimes hacks happen), and surrender of control (you're trusting a company to maintain your assets). History: Mt. Gox exchange lost customer Bitcoins. QuadrigaCX shut down with lost customer funds. FTX defrauded customers. These companies held customer assets and mismanaged them catastrophically. For average investors, exchange custody is practical. For large amounts ($100K+), the counterparty risk becomes meaningful.

Pros: You control your coins. No counterparty risk (only you can move them). Censorship-resistant (governments can't freeze accounts). True ownership. Cons: You're responsible for security. A $39 hardware wallet is your backup if you lose access. Phishing attacks can steal your seed phrase. You can forget your password. You can lose your device. You can send coins to the wrong address and lose them. User error is catastrophic. Most people should not self-custody because the responsibility is too high. You need to understand security practices, store seed phrases safely, and accept that 'lost keys = lost coins' is permanent.

A hardware wallet (Ledger, Trezor) is a small device that stores your private keys offline. When you want to move coins, you plug in the device, approve the transaction on the device screen, and the transaction is signed offline. This keeps your private keys offline (away from internet threats) while providing control. If your computer gets hacked, the hacker can't access your coins (they're on the device, not the computer). Hardware wallets cost $50-200 and require learning how to use them. For someone with $50K+ in crypto, a $100 hardware wallet is worthwhile insurance. For someone with $2K, exchange custody is fine.

Multi-sig wallets require multiple private keys to authorize transactions. Example: 2-of-3 multi-sig means you hold 2 keys and a trusted third party holds the third. Spending coins requires both your key and the third-party key. This protects against single-point-of-failure: if one key is compromised, coins still can't move. Enterprise investors and cryptocurrency funds use multi-sig. It's overkill for individuals with modest amounts but prudent for multi-million-dollar portfolios. Setting up multi-sig requires technical competence. Mistakes in configuration can result in coins being locked forever.

Small amounts (<$5K): Exchange custody is fine. Convenience outweighs security risks. Medium amounts ($5-50K): Consider a hardware wallet if you're committed to crypto. Exchange works too, but hardware wallet reduces risk. Large amounts ($50K+): Hardware wallet is prudent. Multi-sig for very large amounts ($1M+). Very large institutional amounts: Custodians specializing in cold storage (Fidelity, Kraken Custody) offer insurance and security at scale. The rule: custody risk should scale with amount. $2K doesn't justify hardware wallet complexity. $200K demands it.

If you hold your own coins: 1) Write down your seed phrase (12-24 words) on paper and store it securely (safe deposit box, fireproof safe). 2) Never type your seed phrase into computers (except during setup). 3) Use hardware wallets for transactions (keep device offline until needed). 4) Test your recovery process (make sure you can access coins from the seed phrase before funding the wallet with serious money). 5) Avoid phishing (don't click links in emails, always navigate to wallet software through direct links or app stores). 6) Use passphrases (additional encryption on top of seed phrase). 7) Keep software updated (wallet software patches security holes regularly). These practices are tedious but essential for security.