Edit Content
Submit Case
Submit Case
Edit Content
Submit Case
Submit Case

Cryptocurrency Wallets: Weighing the Convenience and Security of Hot, Cold, Custodial and Non-Custodial Options

News
8 min read

Cryptocurrency Wallets: Weighing the Convenience and Security of Hot, Cold, Custodial and Non-Custodial Options

Crypto wallets are useful tools for securely storing your cryptocurrencies and for moving them around. While there are many different projects and companies that tout wallets, there are actually different types of wallets – and any given company may offer multiple types.

In this article, we’ll break down the different kinds of wallets available, to help you understand which ones work in different circumstances. There are two main axes that we’re going to contrast wallets on: custodial vs non-custodial (or self-custody) wallets; and hot vs cold wallets.

In the process, we’ll also touch on hardware and paper wallets.

By the way, we’ll generally talk about “cryptocurrencies” and “funds” in this article – but, this could refer to any crypto token, cryptocurrency, NFT, etc.

Custodial vs Non-Custodial Wallets

When it comes to cryptocurrency wallets, there are two main types: custodial and non-custodial (or self-custody) wallets. Understanding the difference between the two is crucial for anyone looking to store their digital assets safely and securely.

Custodial Wallets

With a custodial wallet, a third party (usually an exchange or wallet provider) is the custodian of the funds. This means that they are responsible for holding and managing your private keys, which are needed to access your funds. Examples of popular custodial wallets include Coinbase, Binance, and Kraken.

Advantages of custodial wallets include that they are often:

  • Easier to use with friendlier user- interfaces
  • They often have easier onramps and offramps to your bank, and they may offer linked debit and credit cards
  • If you forget your password, there’s a reset that password
  • There’s often a paid support staff if you have a question or a problem
  • If you or a loved one dies, there’s usually a path for their heirs to be able to claim their crypto
  • They often have excellent reporting, which can be very handy at tax time

There are, however, disadvantages as well:

  • Many Defi and some NFT projects don’t work with custodial wallets
  • Airdrops often don’t work with custodial wallets
  • Since the custodian holds your private keys, you don’t have complete control over your funds. The custodian can decide (or be told by their government) to suspend your ability to access your funds. In many cases they will also report tax information to your government.
  • If the custodian’s security is compromised, there’s a risk that your funds could be stolen. While security practices today are generally far better than they were a decade ago, there have been countless exchange hacks, costing depositors billions in losses.

Non-Custodial Wallets

Non-custodial (or self-custody) wallets give users complete control over their funds. With a non-custodial wallet, you are the sole custodian of your private keys. Examples of non-custodial wallets include Bitcoin Core, Electrum, and hardware wallets such as those made by Ledger or Trezor.

Many of the advantages of self-custody wallets mirror the disadvantages of custodial wallets:

  • Non-custodial wallets work with all Defi and NFT projects and with airdrops
  • Self-custody wallets, carefully used, provide much more privacy than custodial wallets.
  • A government can’t force your wallet provider to suspend access to your funds

As you might guess, though – many of the advantages provided by custodial wallets don’t exist with non-custodial:

  • It’s harder to get your fiat cash into or out of crypto. You’ll need to use a crypto ATM, or strike a deal directly with an individual that wants to exchange cash for crypto.
  • Although there are exceptions, most self-custody wallets don’t offer customer support staff.
  • If you or a loved one dies, it’s much less likely that heirs will inherit their crypto.
  • Most importantly, if you lose your password and the backup to your private keys, there is no one that can simply “reset” your password. (If you fall into this camp, this is what CryptoAssetRecovery.com does. Contact us).

Security

When it comes to security, neither type of wallet is inherently more secure. The level of security depends on the custodian’s security practices and which threat actors are targeting your wallet. The largest modern day exchanges have extremely sophisticated security practices to minimize the risk of theft. The most widely adopted open source self-custody wallets have had many eyes examine their source code to find security flaws.

Smaller exchanges and self-custody wallets with fewer code audits are likely less secure than their larger counterparts.

Best Security Practices for Non-Custodial Wallets

If you’re using a non-custodial wallet, it’s important to take the steps to secure your wallet. Here are some best practices to follow:

  1. Choose a strong password and store it securely in at least two places.
  2. Understand how your self-custody wallet backs up your private keys. For most wallets, this is through a 12- or 24-word seed phrase. Write down your seed and store it securely in at least two places.
  3. Never store your private keys online (such as by taking a screen shot on your phone, or sending them to yourself in an email).

In conclusion, whether you choose a custodial or non-custodial wallet, it’s essential to understand the risks involved and take the necessary steps to secure your digital assets.

There’s no perfect advice for everyone. If you are trying to store and protect 1,000 Bitcoin, you should just dump it into the custodial exchange that your cousin recommends. If you’re buying your first $100 of Ethereum you don’t need a hardware wallet to manage it.

Our advice? If you’re new to crypto and the amount of crypto that you’re storing is small, keep it in a custodial account. As you learn more about the space, and as your needs develop, start using self-custody wallets as well.

“Hot” Wallets vs “Cold” Wallets

Yet another way that people compare crypto wallets is whether they are “hot” or “cold”. Hot wallets store their private keys online, while “cold” (also called “cold storage) wallets store their private keys offline, without an internet connection.

This is not a distinction between whether or not you access the wallet in your web browser: it’s about whether the device on which you store your private keys has an internet connection.

Any wallet that stores its private keys on a smartphone is a hot wallet. (I suppose technically you could remove the SIM card and the communications chip and the NFC chip – but, it would be pretty tricky to ensure that there is no hardware that allows an internet connection).

People do reconfigure laptops and desktop computers to remove all hardware that can generate an internet connection.

But, the most common “cold” wallets are hardware wallets (or paper wallets).

Hot wallets are intended for regular, everyday use. Cold wallets are intended for long-term storage of large balances.

Why is it so important that Cold Storage Wallets don’t have Internet Connections?

There are two large categories of risk when a wallet is connected to the internet:

  • Theft by hacking
  • Phishing attacks

Cold wallets don’t entirely eliminate theft as a risk (A thief could still break into your home and steal your hardware wallet). But, by far the most common attack vector for crypto thieves is to remotely access wallets over the internet. Removing your private keys from the internet removes this risk.

Phishing is a cyber attack where a hacker tries to trick a user into revealing or transferring their private keys. A common phishing attack is to send people to a website that impersonates an NFT or defi site. The site then encourages people to connect their wallet and grant extensive permissions. Once the connection is complete, the site simply steals their funds.

Again, cold wallets aren’t a perfect protection against phishing, but since you can’t simply “connect” a wallet online, the risk is dramatically lower. (Due to the fact that cold storage wallets are rarely accessed – and often involves going through several time-consuming steps – it gives the user time to realize that perhaps the request they’re responding to isn’t a valid one).

But, if cold wallets are so secure, why does anyone use a hot wallet at all? The answer is simple: security isn’t the only consideration. If you’re going to use crypto (as opposed to just HODLing), it’s also important that you be able to spend it without too much friction. So, let’s talk about some of the reasons to use a hot wallet.

Advantages of Hot Wallets

When Bitcoin was invented (and the Bitcoin white paper was published), it was envisioned as a form of digital cash. The idea was that you could buy a pizza (or a house) with Bitcoin, in the same way that you could use fiat cash.

The primary advantage of a hot wallet is that your funds are available to be spent, traded or moved at a moment’s notice. See a great buying opportunity? You can make a purchase in seconds. Need funds and worry that your favorite token is going to drop 20%? You can sell that token immediately.

Custodial wallets hosted by exchanges online are typically hot wallets. This is the easiest way to buy and sell (onramp and offramp) fiat money into crypto.

To make an analogy to fiat money, hot wallets are like the cash that you carry around in your purse or wallet. You know that there’s a risk that a pickpocket could grab your purse and run off. So, you don’t walk around with a bearer bond for all of your assets in your wallet. You just keep the money that you need in case you want to stop into a coffee shop and buy a drink.

Best Practices with Hot Wallets

There’s no shame in keeping money or tokens in a hot wallet – but, you should follow best practices:

  • Know that the funds are at risk, and that criminals will try to phish your funds. Be skeptical, and don’t act impulsively.
  • Maintain both a hot wallet and a cold wallet:
  • Keep a small portion of your funds in a hot wallet.
  • Keep the bulk of your funds in a cold wallet.
  • Add a secure form of two-factor authentication (2FA) to your hot wallet. (Receiving a text message on your cell phone is not secure. There are many cases of thieves convincing cell carriers to move their target’s cell phone number to a thief’s phone).

You may also like

How to Send your Wallet with no Risk of Theft

What are Cross Chain Transactions and How do You Recover Them?

How to Recover Blockchain.com Legacy Wallets with an Unexpected Number of Mnemonic Words (13, 16, 22 words)

Best Practices in Attempting to Recover Funds from Crypto Scams

Get Help From Our Experts

Click the button below to get started.

Submit Your Case
Frequently Asked Questions

What is cyber security?

Cyber security is a term used to describe the protection of electronic and computer networks, programs and data against unauthorized access. Maintaining a high standard of security is essential to protect critical systems and data against cyber-attacks. The sophistication, persistence and continuous evolution of cyber threats means organizations are finding it increasingly challenging to defend against them. This makes it essential to approach cyber security as a continuous journey, involving regular assessments and appropriate investment in people, processes and technologies to mitigate the risk.

What are cyber security services?

Cyber security services are specialized engagements designed to enable organizations to manage and mitigate the risk and impact of cyberattacks. Kroll’s cyber security services are designed to help organizations protect, detect and respond. The right mix of cyber security services, including advisory services, proactive assessments, managed detection and response, incident response and breach notification, ensures that organizations are able to defend against threats on endpoints, across the surface web and throughout the deep and dark web.

What are the 3 pillars of information security?

Infosec, or information security, forms a critical part of cyber security because it helps to protect online data from authorized access or use. The three pillars of infosec, Confidentiality, Integrity and Availability, often referred to as the CIA triad, are foundational principles for maintaining a robust level of security. Confidentiality involves checking whether your systems are protected from external, authorized access. Integrity entails ensuring that data has not been tampered with and is correct and trustworthy, while availability involves checking that networks, systems and applications are operational and ready for use when required.

Where to start with cyber security?

An effective starting point for effective cyber security is to assess your current cyber security posture. Look at which of your systems, networks and data are secure and which are vulnerable. Consider using external providers to undertake assessments such as penetration testing to gain a complete picture. Uncovering potential vulnerabilities will then allow you to start developing an effective cyber security policy and strategy. Again, expert support with this will ensure that your cyber security approach is effective and robust.

What is asset recovery?

Asset recovery involves the confiscation of illicit assets, usually the proceeds of crime, and the return of these assets to the legitimate owner(s). Assets can take the form of money or other items of value, for example real estate, precious metals, investments such as shares, virtual assets such as cryptocurrencies, race horses, luxury goods, or an aeroplane. Asset recovery can be a purely domestic process when the funds have been hidden or invested in the jurisdiction where they were illegally obtained. It can also be international, when the funds have been sent to another jurisdiction. The process of asset recovery is complex but generally covers four basic phases: pre-investigation (verification of information), investigation (often including seizing/freezing assets and international cooperation to obtain intelligence or evidence), judicial proceedings (following which the court may issue a confiscation order for the assets), and disposal or return (where the assets are returned to the rightful owner).

Why is asset recovery important in preventing and combatting corruption?

First, for its deterrent effect. People are more likely to engage in corrupt behaviour if they are confident that – even if they are caught and convicted – they and their families will still be able to enjoy their illegally obtained wealth. Recovering illicit assets helps deter corruption by turning it into a higher-risk, lower-reward activity. Second, by convicting corrupt officials and recovering stolen assets, countries can also generate funds for development and strengthen their criminal justice system. The end results are stronger rule of law, integrity and trust in government.

What support do you offer in terms of actual cases?

Our asset recovery specialists work hand-in-hand with practitioners in our partner countries to tackle complex international financial crime cases. We are currently assisting with around 100 high-stakes cases across 20 countries.

Our assistance takes the form of advice in the following fields:

  • Intelligence gathering and analysis
  • Asset tracing
  • Financial profiling
  • Investigation and prosecution strategies
  • International cooperation and mutual legal assistance

Many of our experts are embedded in partner institutions, where they can provide closer support more efficiently and build the necessary relationships and trust.

Through our technical assistance and on-the-job coaching, we not only help to advance individual asset recovery cases but also develop skills and good practices among the practitioners we work with. That often leads to long-term reform processes to give practitioners the legal and institutional frameworks necessary to operate effectively.

While assisting with asset recovery cases, we help to identify and address gaps in national laws, policies and practices. Common challenges are:

  • Poorly developed processes for building and documenting cases
  • Lack of, inadequate, contradictory or unclear legal framework
  • Weak/inefficient international networks
  • Lack of domestic inter-agency cooperation
  • Infrastructure and technology deficits
  • Insufficient security of staff, documents and communications
  • Agencies lacking autonomy
What Our Customers Say About Us

Bettie Boyett

Excellent service, prompt responses, and the return of my password (in just two days!).

Scott W Hayes

"Keeping your information secure is their main focus..."

Marshall Weaver

They did a great job and had my funds recovered within a few days. Only downside is that it’s a little expensive.

Laura Stansberry

I would like to thank them. They worked so hard to recover my assets, over several months. I had nearly given up, but they persisted on my behalf, and they came through for me. I can't praise them enough, you can trust them with your crypto asset recovery.

Christina Douglas

They did a great job and had my account recovered within a few days. Only downside is that it’s a little expensive.

Michael

Overall excellent service They assist me in getting two of my wallets back. The team at Logan is really helpful, and I am really appreciative of their assistance. I have not used the wallets in more than four or five years, and when I returned, I essentially forgot and could not find everything. They were the only people who could have actually helped me! My life changed because of what they did; I lost everything, but now I have everything!

  • Created by security experts to empower individuals, firms, and nation-states to take charge and use modern tools and methods in fighting security threats. 
Get in Touch
Email Us Now
SERVICES
WALLETS WE RECOVER
Company

All Rights Reserved © 2011 – 2025 Aliance Consults Journalism.

This is a staging environment