Not Your Keys Not Your Coins: How to Protect your Digital Assets
Over the years, the message of "Not your keys, not your coins" has been prevalent throughout the crypto community. However, in the wake of a multitude of recent high-profile centralized exchanges (CEX) and Crypto Banking collapses, insolvencies, and acquisitions, that phrase is emerging with a newfound vigor in the crypto community.
To understand the importance of this phrase, we first have to dissect what it means. Not your keys, not your coins refer to the importance of digital asset investors having control and sovereignty over the private keys to their crypto wallet(s). Your private key is essentially like your 'seed phrase'; a random string of characters is the single point of access to your wallet. As a user, to send funds, sign messages, or recover access to your wallet, you must utilize your private key in one way or another. With non-custodial wallets like Metamask, Coinbase Wallet, and Trust Wallet, or hardware wallet providers such as Ledger, or Trezor, you are the only individual able to access your private keys upon the creation of your account.
These features are not the case with custodial wallets. Instead, custodial wallets are services where a centralized entity, such as an exchange, acts as the custodian for one or more sets of private keys on your behalf. Essentially, these entities operate similarly to banks, where they offer to manage your private keys securely. As a user, you make a deposit, and the exchange or entity keeps track of your balance(s) on an internal ledger. The risks in this are pretty obvious; unlike banks, crypto exchanges are often subject to far less regulation as it relates to the amount of collateral they need to keep, deposit minimums, audits, and what they do with the capital once it has been deposited.
Additionally, many of these exchanges/entities, such as Luna or Celsius, have used the practice of offering outlandish interest rates on the deposits they receive to entice deposits out of customers. As we have seen, this has not panned out very well for many of these major centralized providers, with an estimated over $40 billion in investor money lost between just those two examples. And there are many more similar stories.
On top of that, the major players that have managed to operate without having issues, such as Coinbase, Binance, and Crypto.com, carry similar risks. Although these entities are far more regulated than the two horror stories I've mentioned, they still operate under a custodial system. The glaring issue here is that these entities are not federally insured by the FDIC the way traditional banks are. This means that should any of these entities go insolvent, all of the uninsured creditors (meaning you) could potentially lose all of the money you have deposited.
Well, how does one protect themselves from these risks? The answer is to set up a secure, non-custodial wallet for your assets.
With a non-custodial wallet, you can securely manage the ownership of your private keys, reducing any potential counterparty risks. The single point of failure is you, the user. While this may be a bit scary and feel like a lot of pressure for many users, there are protections you can take to securely store and manage your private keys to mitigate risk as much as possible.
Recommendations we make for some products you can use to reduce risk include Ledger, Trezor, and Gnosis Safe. If you are interested in learning more about in-depth wallet security and best practices, feel free to check out one of our other articles on wallet security best practices and everything you need to know to keep your assets as safe as possible.
If you are interested in learning more about in-depth non-custodial asset management solutions for your company, firm, or institution, feel free to reach out to Solidity.io to learn more about how we can help you.