By Alex Brown
Three Type of Wallets
In the world of cryptocurrency, assets are not held in brokerage or bank accounts, but rather wallets. Wallets can be understood as the custodial vessel for all digital assets: coins, NFT’s, governance tokens, metaverse land, etc. Like the wallet in your pant pocket, these digital wallets have several subaccounts—like the various credit cards, debit cards, membership cards, ID’s—for each asset type.
While there are many wallets, each with its own unique features, there are three main categories that can be used to simplify your search for a custodial solution. Those in cryptography will tell you there are two types of wallets: hot and cold wallets. Cold wallets are relatively uniform, but the distinction between private (self-custody) hot wallets (i.e. browser wallets like Metamask) and exchange-held or third-party-custody hot wallets (i.e. Coinbase) is becoming increasingly highlighted. All three types of wallets (cold, private hot, exchange-held hot) serve various flavors of security, convenience, and accessibility to assets.
When assets are moved across the blockchain, approval of a transaction requires the “private keys” of the sender. Think of this as your debit/ATM card pin number, signature on a check, or approval of a Venmo request—each providing a tradeoff between security and convenience/accessibility.
Cold wallets are widely regarded as the least convenient but most secure form of holding your crypto. That is because the private keys for your wallet are stored in a physical hard drive. The cryptocurrency coins themselves are stored on the blockchain, but the private keys that are required to access them are stored on a hard drive that is never connected to the internet. This lack of connection to the internet is referred to as “air-gapped” and rids your wallet of the vulnerabilities that plague hot wallets. In both types of hot wallets, the private keys are stored on servers/databases that are connected to the internet and susceptible to potential exploitation. In using a cold wallet, you need to physically approve transactions with your connected hard drive (which possesses the private keys) on whichever device you are viewing your wallet on, such as an iPhone or laptop. Note again, the crypto is not stored on the hard drive or your smart device, but the blockchain. Your physically connected hard drive just gives you the authority to access it, making it the most secure and autonomous form of cryptocurrency storage.
This process also entails protecting a hard drive and the 24-word recovery phrase that is used in the case of a damaged or lost hard drive. These “hard drives” are crypto-specific and manufacturers are producing sleeker, more convenient, and more luxurious cold storage devices each year.
Private (Self-Custody) Hot Wallets
While cold wallets boast air-gapped private keys for security reasons, hot wallets provide added convenience by requesting a simple PIN/password that ultimately grants you approval power, similar to your pin on a debit card or passcode to sign in to mobile banking. In the case of a private (self-custody) hot wallet, however, no other entity knows/manages the private keys. They are encrypted in a database, and similar to a cold storage wallet, the owner uses a recovery phrase if their computer or password is compromised. Similarly, assets are stored on the blockchain and your PIN/passcode gives you access to your private keys, which in turn, give you access to your crypto. This affords users the same autonomy and private key control as a cold wallet but the nimbleness and digital accessibility that define hot wallets. In the same way that private hot wallets seem to be the best of both worlds, they also suffer from the security risks that plague hot wallets and burden users with the task of managing/protecting their own private keys (much like cold wallets).
Private hot wallets are being used to conduct “on-chain” transactions, like staking, buying NFT’s, or transferring assets on the blockchain. People typically store assets they intend to hold for a long time in cold storage and use a private hot wallet for buying, exchanging, staking, and using assets on a DeFi application or marketplace. It is also worth noting hot private wallets can be converted to cold storage by “importing” them onto your cold storage device.
Exchange-Held (Third-Party-Custody) Hot Wallets
Exchange-held (third-party-custody) hot wallets differ from private (self-custody) hot wallets in that the former concedes control of the private keys to another party, namely Coinbase, Gemini, Binance, etc. Much like your Bank of America checking account of Schwab trading account, you aren’t responsible for keeping custody of your assets (or in the case of crypto, the private keys that access your assets). Third-party-custodians use highly secure storage practices (typically cold storage) and keep internal ledgers of its users’ balances, instead of the previous two types of wallets which store balances/transactions on the blockchain and rely on individuals to protect/provide the private keys.
These third-party custodians use KYC (Know Your Customer) and AML (Anti-Money-Laundering) administrative practices, which play to your benefit (as long as you’re not a criminal!) in ensuring the ability the recover your account. They provide a significant amount of third-party counter-risk with often large insurance policies and robust cyber security systems. Of course, this deprives users of on-chain transactions like staking and various DeFi opportunities, but some exchanges are beginning to offer DeFi-powered yields on the tokens you hold. Note: Coinbase now offers a service called Coinbase Wallet where users can convert assets to a private hot wallet and manage the private keys themselves.