# Wallet Custody Models

**Published by:** [0xhubman.eth](https://paragraph.com/@0xhubman.eth/)
**Published on:** 2024-11-19
**URL:** https://paragraph.com/@0xhubman.eth/wallet-custody-models

## Content

Wallets, wallets, everywhere - but are they safe to store your crypto funds in? That can be a loaded question for some, and it all comes down to what custody model a specific wallet utilizes. And if you find yourself asking "what the heck even is a custody model?" then you've clicked on the right post! Whether you've just onboarded into crypto for the first time or have funds spread across 100 different wallets, knowing the key features of a wallet's custody model is important to avoid making any costly mistakes. Wallet custody models boil down to who has access to a wallet’s private key, since the private key controls the funds in the wallet. The two overarching categories of custody models include custodial wallets and self-custody wallets.Custodial WalletsCustodial wallets are the main entry point for many users in the crypto ecosystem. Crypto exchanges and qualified custodians offer custodial wallets to their customers. Custodial wallets mean the entity providing the wallet controls the wallet’s private key, and the users tell the entity what to do with their funds on their behalf. Additionally, these entities typically conduct KYC/AML checks on users who use their services. Custodial wallets can be considered similar to a bank account where you deposit funds and the bank has control and custody of your funds. ProsUsers are not responsible for security of their fundsEasy user onboarding similar to web2 UXStraightforward account recoveryConsUsers do not have direct control over their fundsExamplesCrypto Exchanges: Coinbase, Gemini, Kraken, Robinhood CryptoQualified Custodians: Anchorage Digital, BitGo, Coinbase CustodySelf-Custody WalletsSelf-custody wallets are the primary way most users interact with the on-chain crypto ecosystem (e.g., DeFi, NFTs, etc) and come in many forms, such as browser extensions, mobile apps, hardware wallets, and paper wallets. Self-custody means the user has access to the wallet's private key and can directly control the wallet's funds. Self-custody wallets for UTXO-based blockchains (like Bitcoin) all behave the same way, while self-custody wallets for Account-based blockchains (like Ethereum) can be implemented in one of two ways: externally owned accounts (EOA) or smart contract accounts (SCA). While both Account-based implementations can be used to send, receive, and hold funds, the key difference between these two implementations is how transactions are executed.EOAEOAs are self-custody wallets where the user controls the private key of their wallet and executes transactions by signing them with their private key. Most self-custody wallets that interact with the on-chain crypto ecosystem today are EOAs, mainly due to the popularity of wallet providers such as MetaMask and Coinbase Wallet. ProsUsers have complete control over their fundsConsUsers are responsible for the security of their fundsIf a user loses their private key or seed phrase, the funds in their wallet are lost foreverIntimidating user onboarding for new participantsExamples: Coinbase Wallet, MetaMask, Rabby, LedgerSCAWhile not a new concept, SCAs (also known as smart contract wallets) have been steadily gaining popularity and developer mindshare over the past few years due to the promise of streamlining user onboarding and enabling mass adoption through the implementation of account abstraction. A SCA is a self-custody wallet in the form of a smart contract, where transactions are executed via pre-determined smart contract code instead of a user signing a transaction with a private key. This allows for greater customizability of the wallet’s functionality, such as social recovery, enabling MFA, sponsoring transaction fees, multi-sig functionalities, and bundling transactions. SCAs can be created through various strategies, such as an EOA/relayer combination, layer 2 rollups with native account abstraction, or a SCA factory smart contract. ProsAbstracts away much of the required technical knowledge for new usersAllows for social recoveryIncreased security due to not relying on a private keyConsStill in early days and not widely supported in the greater crypto ecosystem yetPotential unknown risks in the implementation of account abstractionExamples: Coinbase Smart Wallet, Argent, Soul WalletMulti-Sig WalletsMulti-sig wallets (short for multiple signatures) are a more complex wallet custody model that refers to a wallet that requires more than one signature, or private key, to control the funds. As such, this means multiple private keys are required to sign any transaction from the multi-sig wallet. The combination of private keys required for transaction signing can consist of both self-custody and custodial private keys, or only one or the other. Multi-sig wallets are similar to a single door that requires multiple keys to open it. Most multi-sig wallets are referred to as ‘X-of-Y’, where X amount of signatures out of Y possibilities are required. Common implementations of multi-sig wallets utilize a ‘3-of-5’ or ‘4-of-7’ architecture. ProsIncreased security as an attacker would need access to multiple private keys to compromise the walletIf one of the private keys is lost, utilization of the wallet is still possible with the remaining private keysCons‘X-of-Y’ signatures does not necessarily mean X people hold X private keys, it could be a single person who holds every private key. Not necessarily a con, but could promote a false sense of securityComplex setup that introduces a variety of ways that loss of funds could occurExamples: Safe Vaults, Unchained CapitalMPC WalletsMPC wallets (short for multi-party computation) are similar to multi-sig wallets; however, as described above, a multi-sig wallet requires multiple private keys to sign a transaction whereas an MPC wallet divides a single private key among multiple parties. Leveraging multi-party computation, these types of wallets typically split the private key amongst the user and a remote server or third-party to eliminate a single point of failure. When a transaction requires signing, the involved parties collaborate to generate the signature without actually reconstructing the single private key. MPC wallets are commonly used among institutional entities, with consumer-facing products gaining popularity as well. ProsIncreased security as an attacker would need access to multiple parties/key shards to comprise the walletData can be shared in a distributed manner without trusted third partiesKey shards are encrypted to avoid revealing any private informationConsComplex setup that typically requires more communication between multiple parties, which could lead to slower transaction signingExamples: ZenGo, Lit Protocol, FireBlocksHot Wallets vs Cold WalletsIn addition to the custody models described above, there is another way to classify wallets depending on the connectivity of the wallet's private key: hot wallets and cold wallets. Hot wallets connect directly to the internet and are useful for storing crypto short-term, while cold wallets are offline (i..e, never connected to the internet) and are ideal for storing crypto long-term. By ‘connecting to the internet’, this is referring to whether the wallet’s private key is ever exposed to a network connection and could potentially become compromised. Custodial wallets utilize a mix of hot and cold wallets depending on the entity's internal infrastructure and business needs. Regarding self-custody wallets, below are different form factors of self-custody wallets for both hot and cold wallets, along with a brief description of the wallet mechanics and products available to users.Hot WalletsBrowser extension wallet: wallet that lets users connect directly to dApps within their browserExamples: Coinbase Wallet, MetaMask, Rabby, PhantomMobile app wallet: wallet within an app on your phone that is able to utilize QR codes for sending and receiving funds. WalletConnect is utilized for many mobile app wallets to connect to dAppsExamples: Uniswap, Rainbow, MetaMask, Coinbase WalletDesktop wallet: wallet within a client on your desktop that can also integrate natively with some dAppsExamples: Electrum, Sparrow, ExodusCold WalletsHardware wallet: wallet in the form of a physical device. Hardware wallets are typically used in tandem with browser extensions wallets acting as the online UI to interact with dApps, while the wallet's private key never leaves the hardware device or connects to the internetExamples: Ledger, Trezor, Grid+ Lattice, Cold CardPaper wallet: wallet in the form of your private key being written on a piece of paper, inscribed in metal, or some other physical form factor. The private key for this wallet should never be photographed, sent via text or email, or left in plain sight.Examples: Keystone, Notepad

## Publication Information

- [0xhubman.eth](https://paragraph.com/@0xhubman.eth/): Publication homepage
- [All Posts](https://paragraph.com/@0xhubman.eth/): More posts from this publication
- [RSS Feed](https://api.paragraph.com/blogs/rss/@0xhubman.eth): Subscribe to updates

## Optional

- [Collect as NFT](https://paragraph.com/@0xhubman.eth/wallet-custody-models): Support the author by collecting this post
- [View Collectors](https://paragraph.com/@0xhubman.eth/wallet-custody-models/collectors): See who has collected this post