Cryptos as digital instruments of ownership

Anyone who acquires Bitcoin or other cryptocurrencies is inevitably going to be confronted with custody of these assets at some point. Custody means the activity of storing cryptoassets as securely and carefully as possible. This is where Bitcoin and other cryptos differ from traditional assets such as shares or bonds. They are “digital instruments of ownership” and can, unlike most shares or bonds, be stored independently.

In addition to third-party custody (e.g. with a bank or broker), cryptoassets also enable self-custody. This is because they can be controlled individually. In other words: much like “real” objects, cryptos can be held directly on the blockchain by owners, without any intermediaries. All you need for this is an electronic signature, which is used by owners to prove that the cryptoassets belong to them.

The basics of self-custody

Custody of Bitcoin and other cryptos requires a basic understanding of the following four terms: public key, private key, backup/restoration phrase and blockchain address. We will briefly go through each of these.

Private key and public key: a unique key pair

Public key: your personal safe deposit box

The public key is part of an asymmetric encryption. As the name suggests, this can be viewed by anyone. The public key is used to encrypt data that can be decrypted only with the corresponding private key. In the context of digital assets, the public key is used to generate blockchain addresses to which cryptos can be sent. To use an analogy, the public key is like your bank account or safe deposit box, while the blockchain address is like an IBAN.

Private key: the secret access key

The private key is the counterpart to the public key. Together, the two form a unique key pair. The private key allows you to decrypt data that has been encrypted with the matching public key. In crypto, the private key is a secret, cryptographic sequence of characters used to sign and authorize blockchain transactions. The private key is like a secret access code, comparable to an e-banking password. It gives users or owners direct control over their cryptos on the blockchain. Unlike the public key, it is vital that the private key is kept secret in order to protect your cryptoassets against unauthorized access. A private key should also be stored securely at all times, because losing it would equate to losing the cryptoassets.

Restoration and seed phrase

Fortunately, private keys no longer come in random sequences of numbers and letters. Instead, they come in the form of 12-, 18- or 24-word combinations. This sequence of words is known as a “seed phrase” (restoration phrase). Presented as seed phases, private keys are easier to store as backup. A backup of the private keys can be created by writing the seed phrase in the right order and then storing it securely and secretly. This is the only way to restore the cryptos associated with this specific private key at any time.

Blockchain address

A blockchain address is a sequence of characters derived from the public key. This allows you to receive cryptoassets via transactions. Anyone looking to receive cryptoassets normally shares their crypto wallet-generated blockchain address with the sender. This address acts as a sort of pseudonym and cannot be linked directly to a person’s own identity. It is also important to realize that sharing a blockchain address is secure, because it can be used only to receive cryptocurrencies and not to steal them.

We’ve now explained the key terms relating to crypto custody. But how exactly do you handle public keys, private keys and blockchain addresses in practice? This is where the crypto wallet comes into play.

The importance of crypto wallets

Crypto wallets are to blockchain what browsers are to the Internet. Google Chrome, Firefox, Safari and Brave – nowadays, these programs have become part of everyday life and enable billions of people to access the Internet. Crypto wallets have a similar status. They allow users to access blockchain-related services – whether to use a decentralized finance application or just to store, receive and send cryptos.

The last three activities are amongst the main functions of a crypto wallet. Even though we use the term digital wallet, and we compare it to a physical wallet, crypto wallets do not actually hold any assets, unlike their traditional counterparts. The crypto itself exists only as a booking entry on the blockchain. Stored in the crypto wallet are the private access keys. This also means that, if a crypto wallet fails or access to it is lost, the cryptos can be restored at any time, provided the private keys are stored as a backup outside the crypto wallet.

The main characteristics of crypto wallets

There are two crucial distinctions to make with crypto wallets. First, we need to distinguish between the terms “hot wallet” and “cold wallet”, and secondly, between the terms “custodial wallet” and “non-custodial wallet”.

Hot wallet vs cold wallet

“Hot storage” and “cold storage” are terms commonly used by crypto enthusiasts. “Hot wallet” and “cold wallet” are also terms you’ll hear. In the case of hot storage, the private keys are online, i.e. connected to the Internet. This makes this storage technique inherently more vulnerable to (hacker) attacks. Cold storage solutions, on the other hand, keep private access keys strictly offline, making this a more secure storage method.

Custodial vs non-custodial wallets

The second important difference concerns whether third parties have access to a wallet’s private keys. This comes into play with a custodial wallet. Anyone using this kind of wallet solution must assume that third parties have access to the private keys and are consequently able to access their own cryptoassets. A non-custodial wallet, by contrast, requires that only wallet owners have access to the corresponding keys and that third parties are unable to view them.

A note on the sheer variety of crypto wallets

Let’s come back to the analogy of Internet and browsers: in much the same way that the Internet spawned a whole host of browsers, blockchain technology has also led to the emergence of many different crypto wallets from various providers. Whilst many were launched by private companies, there are also community-driven initiatives that launch open-source versions, which means that they focus in particular on transparency.

Mobile, desktop and web wallets

In the early days of crypto, it was mainly desktop wallets that helped early blockchain enthusiasts to store their cryptoassets on their computers. As acceptance increased, mobile wallets became more and more popular. These allow people to manage cryptoassets on their smartphones. Web wallets are also convenient, because they are integrated directly within different browsers. The one thing all these wallet types have in common is that they are regarded as hot wallets, which come in both custodial and non-custodial varieties.

Hardware wallets and paper wallets

“Hardware wallets” are enjoying increasing popularity. These are classed as cold wallets, because the private keys are stored on a separate device (usually a USB storage stick), and a blockchain transaction is signed offline from there. This makes hardware wallets one of the most secure wallet types. At the same time, they also tend to be non-custodial. The precursors to hardware wallets were paper wallets. These are also offline, but things can go wrong when creating them, which is why hardware wallets are preferable to paper wallets.

Self-custody vs third-party custody

Now we’ve introduced terminology for custody solutions and different wallet solutions, we need to ask the big question: what are the benefits of self-custody, and is this preferable to third-party custody?

Crypto enthusiasts swear by the motto: “Not your keys, not your coins”. According to this motto, only those who have their very own private keys are truly in control of their own assets. This way of thinking is consistent with the crypto ethos and is also said to be inspired by Nick Szabo, who is considered by many to be the real Satoshi Nakamoto.

Self-control is not without individual responsibility

This motto is laudable, but not without its risks. The ability to control one’s own assets goes hand in hand with individual responsibility. This requires being familiar with crypto custody and taking the necessary security precautions to minimize any risks, such as loss, fraud and hacking, as well as possible. If someone doesn’t know enough about the subject, they are in danger of making mistakes, which can quickly make the person themselves the biggest security risk.

The risks and challenges of self-custody

One of the biggest risks is hackers, who can tamper with your crypto wallet without your knowledge. Hackers try to gain a foothold using fraudulent websites and e-mails, also known as phishing attacks. If they succeed, one wrong click is often all it takes, and the private key and all the related cryptos are gone. At this point, it’s extremely difficult to track them down if the cryptoassets were sent to a blockchain address that is part of a huge nirvana.

Potential loss of the private keys poses an equally major risk. This is because a backup copy of the keys can be so well hidden that it’s just impossible to recover them. Or perhaps you’re clearing out your room, and you forget the backup was in a chest. Whether it’s down to personal negligence or not, if you lose your own private keys, there’s no going back. There is also no emergency hotline, which you might otherwise use with a bank to recover the password to your bank account.

It should also be mentioned that self-custody does not automatically regulate the inheritance of a person’s cryptos. Poor preparation – i.e. a lack of clear instructions on managing and transferring cryptoassets – can lead to major problems and uncertainty for the surviving parties, which is why careful planning is essential around cryptoasset inheritance.

Third-party custody done properly

For all these reasons, a person’s concerns over security may persuade them to outsource crypto custody to third parties. Swiss banks are the most suitable option for this. They have built up a great deal of public trust, operate in a politically stable environment and can draw on a wide range of expertise thanks to the many blockchain companies based in Zug, Zurich and the rest of Crypto Nation Switzerland. As of 2024, PostFinance also offers crypto custody for third parties as a professional service that meets the highest security standards.