A Few Words About Crypto Wallets
Despite the name, a crypto wallet doesn’t actually store your cryptocurrency. It’s a piece of software (sometimes on a dedicated piece of hardware like a USB key) that manages the cryptographic keys to digital assets that belong to you, while the currency itself is actually housed on the blockchain. (See Part 1 of this series for a refresher on blockchains and other crypto basics.)
A crypto wallet can either be custodial, meaning it’s hosted by a third-party, often an exchange like Coinbase, Gemini, or Kraken, or it can be self-hosted (sometimes called “noncustodial”), meaning the wallet and its keys live on a device you maintain. Each approach has its benefits and risks.
Custodial Wallets. If you entrust your wallet to an exchange, you are relying on the company to maintain and secure the wallet (and access to your assets) on your behalf. Large, well-funded exchanges tend to have better cybersecurity tools and protocols than your average investor, but they are also a tempting target. And there have been many large-scale crypto-hacking incidents, including Mt. Gox (2011), CoinCheck (2018), KuCoin (2020), DMM Bitcoin (2024), and most recently in February of 2025, when the Dubai-based exchange ByBit lost $1.5 billion in Ether to North Korean hackers, according to the FBI.
And once crypto assets are stolen, there’s no guarantee that you can get them back. Crypto exchanges are not covered by FDIC insurance, so there’s no federal program to reimburse investors if assets are stolen or the exchange itself collapses, as happened with FTX in 2022 (although a federal court did order FTX to pay back many of its investors as part of the firm’s bankruptcy).
Keeping your wallet on an exchange can help with password management. According to several exchanges we contacted for this article, if you forget your password, they will facilitate a password reset using two-factor authentication, frequently followed by a multiday hold on withdrawals to prevent fraud.
Self-Hosted (aka Noncustodial) Wallets. Even if you’ve bought crypto on an exchange, you can always transfer your digital assets to a self-hosted wallet from companies such as Exodus, Zengo, or Trust Wallet. Some wallets even allow you to purchase crypto directly through the wallet (although they are typically doing so through an exchange and charging a fee). Some self-hosted wallets can handle multiple currencies, but you should always check to ensure that a wallet you use can store the type of asset you plan to use it for.
Most wallets are free to download, but the companies make money through fees on crypto sales, various crypto financial services, and promotions. When you set up a self-hosted wallet, you create a password that secures the wallet on the device as well as a 12 to 24-word “seed phrase” to recover your wallet and all of your asset keys in case the device it is stored on is lost.
Once your assets are in a self-hosted wallet, they are yours to manage. That’s a good thing if, for instance, the exchange you bought them through collapses or gets hacked, because the assets in your wallet won’t be exposed to those risks. But managing your own coins can become a problem if you forget the seed phrase and your wallet is lost or stolen.
“There’s an adage in crypto called ‘not your keys, not your coins’,” Reiners says. “If someone else has access to your private keys, they have access to your bitcoin. They can steal it. They can move it wherever they want. So you’ve heard these just insane stories about someone who had their private key on a thumb drive that got accidentally thrown out and now they’re going crazy.”
That’s because with a self-hosted wallet, there’s no recourse for getting back your assets if they are lost or stolen. There are infamous stories of forgotten seed phrases and “cold wallets,” both fascinating and painful to read, including the Welshman whose hard drive containing the keys to thousands of bitcoins, worth hundreds of millions of dollars, was accidentally thrown away. He has spent years trying to buy the landfill he believes it is in. Also, estate planners warn that crypto investors who forget to share the passwords and seed phrases with their heirs risk losing those assets forever.
And the stories get darker from there. There are a disturbing number of cases where crypto holders have been kidnapped and physically coerced into turning over their assets. They include a bizarre incident where two men allegedly tortured an Italian crypto investor for two and a half weeks in a luxury New York City townhouse in an attempt to get his coins.
So what’s the bottom line on custodial vs. self-hosted wallets? Custodial wallets may be easier for beginners, and they offer account recovery options. Self-hosted wallets provide more control but require careful management of passwords and recovery phrases because losing access to a self-hosted wallet can mean permanent loss of funds.
