The phrase "not your keys, not your coins" has become crypto's most repeated catechism, yet the majority of bitcoin holders have never once controlled their own private keys. They hold IOUs from exchanges, which is to say they hold promises from companies that have, with some regularity, broken them. This is not hypocrisy so much as a confession: self-custody is harder than its evangelists admit, and easier than its skeptics assume.

The concept is deceptively simple. A bitcoin wallet is not a container but a pair of cryptographic keys—one public, which functions like an address, and one private, which functions like a signature. Whoever possesses the private key can move the bitcoin. There is no customer service line, no password reset, no court order that can reverse a transaction. This is either freedom or terror, depending on your tolerance for personal responsibility.

The mechanics of holding your own

Self-custody begins with generating a private key, typically expressed as a twelve- or twenty-four-word seed phrase. This phrase, written on paper or stamped into metal, is the entirety of your wealth in portable form. Lose it and the bitcoin is gone—not stolen, not frozen, simply inaccessible forever, like a safe deposit box buried under a collapsed building. The blockchain will record those coins for eternity, owned by no one.

Hardware wallets—small devices that store keys offline—have become the standard tool. They sign transactions without ever exposing the private key to an internet-connected computer, which eliminates most remote attack vectors. The user experience has improved dramatically; modern devices walk users through setup with the patience of a flight attendant explaining seatbelts. But the responsibility remains absolute.

Why most people don't bother

The case for exchange custody is not stupidity but convenience. Coinbase and Kraken offer insurance, fraud protection, and the ability to recover accounts through identity verification. For someone buying a few hundred dollars of bitcoin, the marginal risk of exchange insolvency may feel lower than the risk of misplacing a seed phrase during a move. This is a reasonable calculation, even if it violates crypto's founding principles.

The collapses that periodically remind holders why self-custody matters—Mt. Gox, QuadrigaCX, FTX—tend to fade from memory within a market cycle or two. New entrants arrive with no scar tissue. They see slick apps and assume the infrastructure is as reliable as their brokerage account. Sometimes they are right. Sometimes they learn the expensive lesson that crypto exchanges are not banks, and the regulatory frameworks that protect depositors elsewhere do not apply.

The middle path

Multisignature arrangements and collaborative custody services have emerged as compromises. A user might hold two of three keys required to move funds, with a regulated custodian holding the third as a backup. This preserves meaningful control while providing a recovery mechanism. It is neither the pure autonomy of solo self-custody nor the full delegation of exchange accounts, but it acknowledges that most people are not prepared to be their own bank.

Our take

Self-custody is not a moral imperative; it is a risk preference. For those with meaningful holdings and the discipline to secure a seed phrase, it remains the only arrangement that delivers what bitcoin originally promised: money that cannot be confiscated, frozen, or lost to someone else's mismanagement. For everyone else, the honest answer is that they are trusting institutions in a system designed to eliminate the need for trust. That is a choice worth making consciously, not by default.