When FTX collapsed, customers discovered they didn't own Bitcoin or Ethereum—they owned an IOU from a company that had already spent their money. When Mt. Gox failed years earlier, the lesson was identical. The pattern repeats because the fundamental concept remains poorly understood: in cryptocurrency, possession isn't about where your coins sit on a screen. It's about who controls the private keys.
Self-custody means holding your own cryptographic keys, typically through a hardware device or software wallet that you alone control. The alternative—leaving assets on an exchange—means trusting a third party with those keys. This is the exact arrangement that traditional banking requires, which makes it deeply familiar. It's also the arrangement that crypto was designed to eliminate.
The key is the asset
A private key is a string of characters that functions like an unforgeable signature. Whoever possesses it can move the associated cryptocurrency. There is no customer service line, no fraud department, no password reset. The blockchain recognizes the key, not the person. This is simultaneously crypto's greatest feature and its most unforgiving characteristic.
When you hold assets on Coinbase or Binance, you don't have the private keys—the exchange does. Your account balance is a database entry in their system, a promise that they'll honor your withdrawal request. For most users most of the time, this works fine. The exchanges are regulated, insured to varying degrees, and professionally managed. But "most of the time" has proven to be an expensive qualifier.
The convenience trap
Exchanges thrive because self-custody is genuinely difficult. Hardware wallets require setup, firmware updates, and secure storage of recovery phrases—typically twelve or twenty-four words that can restore access if the device is lost. Lose the phrase, lose the funds. Forever. There is no appeals process.
This creates an uncomfortable reality: the average person is probably worse at securing their own assets than a well-run exchange. They'll write the recovery phrase on a sticky note, store it in cloud photos, or simply forget where they put it. The crypto industry's mantra of "not your keys, not your coins" assumes a level of operational security that most humans don't practice for anything else in their lives.
Yet the alternative has its own catastrophic failure modes. Exchanges can be hacked, mismanaged, or operated by outright frauds. Regulatory seizures can freeze accounts. Terms of service can change. The question isn't whether self-custody is hard—it's whether you trust yourself or a corporation more, and under what circumstances.
The spectrum of solutions
The industry has developed middle paths. Multi-signature wallets require multiple keys to authorize transactions, distributing risk. Some custodians offer insurance and institutional-grade security while still providing clients with partial key control. "Social recovery" schemes let trusted contacts help restore access without giving them spending power.
None of these eliminate the fundamental trade-off. They just rebalance it. The person who keeps significant wealth in crypto must eventually make a decision about custody, and that decision reflects their assessment of counterparty risk, personal competence, and the specific assets involved.
Our take
Self-custody isn't for everyone, and pretending otherwise has done more harm than the concept's critics. But understanding it remains essential—even for people who ultimately choose to trust an exchange. The choice should be conscious, not default. Every person holding cryptocurrency on a centralized platform should be able to articulate why they trust that platform more than they trust themselves. If they can't answer that question, they haven't really understood what they own.
