# Wallet Custody Models By [0xhubman.eth](https://paragraph.com/@0xhubman.eth) · 2024-11-19 --- Wallets, wallets, everywhere - but are they safe to store your crypto funds in? That can be a loaded question for some, and it all comes down to what custody model a specific wallet utilizes. And if you find yourself asking "what the heck even is a custody model?" then you've clicked on the right post! Whether you've just onboarded into crypto for the first time or have funds spread across 100 different wallets, knowing the key features of a wallet's custody model is important to avoid making any costly mistakes. Wallet custody models boil down to who has access to a wallet’s private key, since the private key controls the funds in the wallet. The two overarching categories of custody models include custodial wallets and self-custody wallets. Custodial Wallets ----------------- Custodial wallets are the main entry point for many users in the crypto ecosystem. Crypto exchanges and qualified custodians offer custodial wallets to their customers. Custodial wallets mean the entity providing the wallet controls the wallet’s private key, and the users tell the entity what to do with their funds on their behalf. Additionally, these entities typically conduct KYC/AML checks on users who use their services. Custodial wallets can be considered similar to a bank account where you deposit funds and the bank has control and custody of your funds. **Pros** * Users are not responsible for security of their funds * Easy user onboarding similar to web2 UX * Straightforward account recovery **Cons** * Users do not have direct control over their funds Examples * Crypto Exchanges: [Coinbase](https://www.coinbase.com/), [Gemini](https://www.gemini.com/), [Kraken](https://www.kraken.com/), [Robinhood Crypto](https://robinhood.com/us/en/about/crypto/) * Qualified Custodians: [Anchorage Digital](https://www.anchorage.com/), [BitGo](https://www.bitgo.com/), [Coinbase Custody](https://www.coinbase.com/prime/custody) Self-Custody Wallets -------------------- Self-custody wallets are the primary way most users interact with the on-chain crypto ecosystem (e.g., DeFi, NFTs, etc) and come in many forms, such as browser extensions, mobile apps, hardware wallets, and paper wallets. Self-custody means the user has access to the wallet's private key and can directly control the wallet's funds. Self-custody wallets for UTXO-based blockchains (like Bitcoin) all behave the same way, while self-custody wallets for Account-based blockchains (like Ethereum) can be implemented in one of two ways: externally owned accounts (EOA) or smart contract accounts (SCA). While both Account-based implementations can be used to send, receive, and hold funds, the key difference between these two implementations is how transactions are executed. ### EOA EOAs are self-custody wallets where the user controls the private key of their wallet and executes transactions by signing them with their private key. Most self-custody wallets that interact with the on-chain crypto ecosystem today are EOAs, mainly due to the popularity of wallet providers such as MetaMask and Coinbase Wallet. **Pros** * Users have complete control over their funds **Cons** * Users are responsible for the security of their funds * If a user loses their private key or seed phrase, the funds in their wallet are lost forever * Intimidating user onboarding for new participants Examples: [Coinbase Wallet](https://www.coinbase.com/wallet), [MetaMask](https://metamask.io/), [Rabby](https://rabby.io/), [Ledger](https://www.ledger.com/) ### SCA While not a new concept, SCAs (also known as smart contract wallets) have been steadily gaining popularity and developer mindshare over the past few years due to the promise of streamlining user onboarding and enabling mass adoption through the implementation of account abstraction. A SCA is a self-custody wallet in the form of a smart contract, where transactions are executed via pre-determined smart contract code instead of a user signing a transaction with a private key. This allows for greater customizability of the wallet’s functionality, such as social recovery, enabling MFA, sponsoring transaction fees, multi-sig functionalities, and bundling transactions. SCAs can be created through various strategies, such as an EOA/relayer combination, layer 2 rollups with native account abstraction, or a SCA factory smart contract. **Pros** * Abstracts away much of the required technical knowledge for new users * Allows for social recovery * Increased security due to not relying on a private key **Cons** * Still in early days and not widely supported in the greater crypto ecosystem yet * Potential unknown risks in the implementation of account abstraction Examples: [Coinbase Smart Wallet](https://www.coinbase.com/wallet/smart-wallet), [Argent](https://www.argent.xyz/), [Soul Wallet](https://www.soulwallet.io/) Multi-Sig Wallets ----------------- Multi-sig wallets (short for multiple signatures) are a more complex wallet custody model that refers to a wallet that requires more than one signature, or private key, to control the funds. As such, this means multiple private keys are required to sign any transaction from the multi-sig wallet. The combination of private keys required for transaction signing can consist of both self-custody and custodial private keys, or only one or the other. Multi-sig wallets are similar to a single door that requires multiple keys to open it. Most multi-sig wallets are referred to as ‘X-of-Y’, where X amount of signatures out of Y possibilities are required. Common implementations of multi-sig wallets utilize a ‘3-of-5’ or ‘4-of-7’ architecture. **Pros** * Increased security as an attacker would need access to multiple private keys to compromise the wallet * If one of the private keys is lost, utilization of the wallet is still possible with the remaining private keys **Cons** * ‘X-of-Y’ signatures does not necessarily mean X people hold X private keys, it could be a single person who holds every private key. Not necessarily a con, but could promote a false sense of security * Complex setup that introduces a variety of ways that loss of funds could occur Examples: [Safe Vaults](https://safe.global/), [Unchained Capital](https://unchained.com/) MPC Wallets ----------- MPC wallets (short for multi-party computation) are similar to multi-sig wallets; however, as described above, a multi-sig wallet requires multiple private keys to sign a transaction whereas an MPC wallet divides a single private key among multiple parties. Leveraging multi-party computation, these types of wallets typically split the private key amongst the user and a remote server or third-party to eliminate a single point of failure. When a transaction requires signing, the involved parties collaborate to generate the signature without actually reconstructing the single private key. MPC wallets are commonly used among institutional entities, with consumer-facing products gaining popularity as well. **Pros** * Increased security as an attacker would need access to multiple parties/key shards to comprise the wallet * Data can be shared in a distributed manner without trusted third parties * Key shards are encrypted to avoid revealing any private information **Cons** * Complex setup that typically requires more communication between multiple parties, which could lead to slower transaction signing Examples: [ZenGo](https://zengo.com/), [Lit Protocol](https://litprotocol.com/), [FireBlocks](https://www.fireblocks.com/) Hot Wallets vs Cold Wallets --------------------------- In addition to the custody models described above, there is another way to classify wallets depending on the connectivity of the wallet's private key: hot wallets and cold wallets. Hot wallets connect directly to the internet and are useful for storing crypto short-term, while cold wallets are offline (i..e, never connected to the internet) and are ideal for storing crypto long-term. By ‘connecting to the internet’, this is referring to whether the wallet’s private key is ever exposed to a network connection and could potentially become compromised. Custodial wallets utilize a mix of hot and cold wallets depending on the entity's internal infrastructure and business needs. Regarding self-custody wallets, below are different form factors of self-custody wallets for both hot and cold wallets, along with a brief description of the wallet mechanics and products available to users. ### Hot Wallets * Browser extension wallet: wallet that lets users connect directly to dApps within their browser * Examples: [Coinbase Wallet](https://www.coinbase.com/wallet), [MetaMask](https://metamask.io/), [Rabby](https://rabby.io/), [Phantom](https://phantom.app/) * Mobile app wallet: wallet within an app on your phone that is able to utilize QR codes for sending and receiving funds. WalletConnect is utilized for many mobile app wallets to connect to dApps * Examples: [Uniswap](https://apps.apple.com/us/app/uniswap-crypto-nft-wallet/id6443944476), [Rainbow](https://apps.apple.com/us/app/rainbow-ethereum-wallet/id1457119021), [MetaMask](https://apps.apple.com/us/app/metamask-blockchain-wallet/id1438144202), [Coinbase Wallet](https://apps.apple.com/us/app/coinbase-wallet-nfts-crypto/id1278383455) * Desktop wallet: wallet within a client on your desktop that can also integrate natively with some dApps * Examples: [Electrum](https://electrum.org/), [Sparrow](https://sparrowwallet.com/), [Exodus](https://www.exodus.com/) ### Cold Wallets * Hardware wallet: wallet in the form of a physical device. Hardware wallets are typically used in tandem with browser extensions wallets acting as the online UI to interact with dApps, while the wallet's private key never leaves the hardware device or connects to the internet * Examples: [Ledger](https://www.ledger.com/), [Trezor](https://trezor.io/), [Grid+ Lattice](https://gridplus.io/products/grid-lattice1), [Cold Card](https://coldcard.com/) * Paper wallet: wallet in the form of your private key being written on a piece of paper, inscribed in metal, or some other physical form factor. The private key for this wallet should never be photographed, sent via text or email, or left in plain sight. * Examples: [Keystone](https://keyst.one/shop/products/keystone-tablet), [Notepad](https://www.amazon.com/Mintra-Office-Legal-Pads-perforated/dp/B07Q3SY5WZ/ref=sr_1_2_sspa?crid=1VYMLP9CX8LXE&keywords=paper+notepad&qid=1687546614&sprefix=paper+notepad%2Caps%2C120&sr=8-2-spons&sp_csd=d2lkZ2V0TmFtZT1zcF9hdGY&psc=1) ![](https://cdn.jsdelivr.net/npm/emoji-datasource-apple/img/apple/64/1f609.png) --- *Originally published on [0xhubman.eth](https://paragraph.com/@0xhubman.eth/wallet-custody-models)*