With the growth of the web3, securing digital assets has never been more important. Blockchain wallets are at the core of securing digital assets such as cryptocurrencies or NFTs. There are numerous companies providing wallet solutions, but can be broadly categorized into two buckets: custodial and non-custodial wallets. There are sub-sections that follow each of these wallet types, but the core difference that emerges is that of the management of private keys. Upon wallet creation, a private key and a corresponding public key is generated. The private key acts as the password to the wallet, and therefore grants the holder of the private key complete access to the wallet, and the management of the assets secured by it. Therefore, understanding the difference between the two wallet types from a private key management perspective in making informed decisions about keeping your crypto secure.
A custodial wallet is a type of blockchain wallet that is managed by a third party, such as an exchange or online service. The term custodial is in reference to the management of private keys where a third party is responsible for securing the private keys associated with the wallet and has control over the assets stored in it. Custodial wallet services tend to offer simpler onboarding experiences to new entrants of web3, where there is no burden of managing wallets, or the seed phrases associated with them. However, the convenience of using custodial services often times comes with the burden of losing control over funds. The implications of private key ownership in the custodial model is clearly noticed when exchanges pause withdrawals, or lock users out of their accounts barring them access to their cryptocurrencies.
Non-custodial wallets, on the other hand, are wallets that you control and manage yourself. This means that you are responsible for securing your own assets and are in complete control of your private keys. Non-custodial wallets can be either hot or cold. Hot wallets are connected to the internet and are more convenient for everyday use, while cold wallets are offline and more secure.
Hot WalletsHot wallets are also known as software wallets. The ‘hot’ aspect comes from the fact that hot wallets tend to connected to the internet through the devices that they reside in - in computers and smartphones. Additionally, private key generation also takes place within the device that the wallet is associated with, and is also stored within the device. Although hot wallets provide users the control otherwise not found in custodial wallets, they are not the most secure solution due to the internet connected nature of the wallet. Therefore, hot wallets are usually used to secure smaller amounts of cryptocurrencies, and designed for convenience.
Cold WalletsCold wallets, also known as hardware wallets are physical devices used to manage your private keys, and thereby your cryptocurrencies and NFTs. Cold wallets are external hardware that connect to internet connected devices through USB, Bluetooth or QR code technology, but are not themselves connected to the internet. The hardware is responsible for the generation and storage of your private keys. Often times, cold wallets come with proprietary chips called secure elements that aid in securing your private keys. Hardware wallets tend to be the safest option to secure larger amounts of crypto since the private keys are never exposed to the internet, and the wallet itself is not internet connected.
Vulnerabilities in Non-Custodial Wallets
Although non-custodial cryptocurrency wallets offer greater control and security compared to custodial wallets, they are not immune to vulnerabilities. Here are some of the vulnerabilities that you must be aware of:
Physical security concerns with seed phrases: All non-custodial wallets today require users to maintain a physical backup of the wallet known as a recovery phrase or a seed phrase. Seed phrases are essentially a human-readable format of the private key of the wallet. Therefore, seed phrase backups must be secured in a physical format, and not on internet connected devices.
Software vulnerabilities: Malicious software updates can cause the loss of funds due to the malicious software prompting users to make transactions that are not legitimate, or accessing private keys that may be present in internet connected devices.
Human error: Even with the best security measures in place, human error can still be a vulnerability. For example, you may accidentally reveal your seed phrase to someone or lose access to your wallet if you forget your password or lose your recovery seed phrase. It is important to follow best practices for security, such as using strong and unique passwords and backing up your recovery seed phrase in a secure location.
Cypherock is a hardware wallet that goes the extra mile to minimize the risks associated with non-custodial wallets. Cypherock uses an algorithm called Shamir Secret Sharing which splits the private key of the wallet upon generation into 5 shards - stored individually on the X1 device and 4 X1 cards. Cypherock X1 uses a cryptographic threshold of 2/5 shards to reconcile your private key. So, to sign, or to make a transaction you simply need to tap 1 X1 card on the X1 device.
Cypherock understands the risks associated with current non-custodial wallets. Here are some of the few ways Cypherock is ensuring the security of your crypto assets:
Cypherock does not require users to maintain seed phrase backups, which reduces the risk of an exposed seed phrase, or phishing attempts to acquire the seed phrase from the user.
The private key of the wallet is not stored in one single location. Instead, it is sharded into 5 hardware pieces which can be geographically separated to maximize security.
Visit our website to learn more about security features of Cypherock, and how we’re ensuring the security of your crypto assets.
Steps to keep your cryptocurrency safe
Use a hardware wallet to secure larger amounts of funds and valuable NFTs.
Enable two-factor authentication on custodian wallet accounts like exchanges. Although custodian wallets do not grant ownership over the wallets, better account authentication practices like two-factor authentication makes it harder for malicious actors to gain control over your account.
- Use a strong and unique password, and change passwords frequently.
Keep your software up to date: Make sure to keep your software and operating system up to date. Software updates ensure that bug fixes and vulnerabilities have been addressed, which may help protect your crypto and NFTs.