← Learn

03 — Crypto & Web3 · Core

Custody, Security & Self-Sovereignty

CTRT Learn · Core · 12 min read

In brief

  • In crypto, owning an asset means controlling its private key. "Not your keys, not your coins."
  • This is real ownership — and real responsibility. There's no password reset, no fraud department, no undo.
  • The core choice is self-custody (you hold the keys) vs custodial (someone holds them for you). Each has distinct risks.
  • Most losses come not from broken cryptography but from human error and scams. Security is mostly discipline.

Self-sovereignty is crypto's most radical promise: you can own assets that no bank, government, or company controls. But that promise comes with a hard edge — if you truly own it, you alone are responsible for protecting it. This lesson covers how custody actually works, the real risks, and the practical discipline of not losing everything. It's the most important practical course in this track.

What ownership really means here

As you saw in the Blockchain course, a crypto wallet is a pair of cryptographic keys. The private key (and the seed phrase that can regenerate it) is the one and only thing that controls your assets. Whoever holds the private key owns the funds — full stop. This leads to crypto's most repeated maxim: "not your keys, not your coins." If someone else holds your keys, you're trusting them. If you hold them, you have absolute control and absolute responsibility. There is no higher authority to appeal to.

Self-custody vs custodial

This is the fundamental fork in how you hold crypto:

  • Custodial — a third party (typically an exchange) holds the keys for you. It feels like a bank account: convenient, recoverable passwords, customer support. But you don't truly own the assets — the custodian does, on your behalf — and you inherit their risks: hacks, insolvency, freezes, or fraud. History is littered with collapsed exchanges that took users' funds with them.
  • Self-custody — you hold the keys yourself. True ownership: no one can freeze or seize your assets, and no company failure can touch them. The trade-off is total responsibility — lose the keys and the funds are gone forever, with no recovery.

Neither is universally "right." Convenience and recoverability versus sovereignty and self-reliance — the correct balance depends on the amount, your skill, and your needs.

Types of wallets

Self-custody wallets come in two broad forms, trading convenience against security:

  • Hot wallets — software on a phone or computer, connected to the internet. Convenient for frequent use, but more exposed to malware and hacks. Good for smaller, spending amounts.
  • Cold wallets — hardware devices or other methods that keep keys offline, signing transactions without ever exposing the key to the internet. The gold standard for securing significant holdings.

A common sensible setup mirrors traditional finance: a small amount in a hot wallet (a "spending account") and the bulk in cold storage (a "vault").

Where losses actually happen

Crucially, the cryptography itself is essentially never broken. Almost all losses come from human factors:

  • Phishing and scams — fake sites, fake support, and fraudulent links that trick you into revealing your seed phrase or signing a malicious transaction. The single biggest cause of loss.
  • Lost keys — seed phrases misplaced, destroyed, or never backed up. Fortunes have vanished this way.
  • Malware — software that steals keys from an infected device.
  • Mistakes — sending to the wrong address, which is irreversible.

The unbreakable rule: never, ever share your seed phrase or private key with anyone, for any reason. No legitimate person or service will ever ask for it. Anyone who does is stealing from you.

Practical security discipline

Good security is mostly habit, not expertise:

  • Back up your seed phrase offline — written down, ideally on durable material, stored securely in more than one place. Never digital, never photographed, never in the cloud.
  • Use a hardware wallet for meaningful amounts.
  • Verify everything — addresses, websites, and transactions before signing. Slow down; haste is how people get robbed.
  • Assume every unsolicited message is a scam — DMs, "support," giveaways, urgent warnings.
  • Plan for inheritance — ensure trusted people can recover your assets if something happens to you, without exposing the keys while you're alive (a thread from the Wealth Structuring course).

The weight of sovereignty

Self-custody is empowering and demanding in equal measure. For the first time, individuals can hold wealth that is truly theirs, beyond anyone's control — the literal realisation of the sovereign-money idea from the previous course. But "be your own bank" means being your own security department, fraud team, and recovery service too. Take that responsibility seriously and self-sovereignty is one of the most profound tools crypto offers. Take it lightly and it's the fastest way to lose everything.

Key terms

  • Private key / seed phrase — the secret that controls your assets; guard it absolutely.
  • Self-custody — holding your own keys; full ownership and full responsibility.
  • Custodial — a third party holds your keys; convenient but you take their risk.
  • Cold wallet — offline key storage; the standard for large holdings.
  • Phishing — scams that trick you into revealing keys or signing malicious transactions.

Next course — Scaling: L1s, Rollups & L2s →

CTRT Learn is general education, not financial, legal, or tax advice. Nothing here is a recommendation to buy or sell any asset. Digital assets are volatile and may result in total loss of capital. CTRT is operated by Centrente, part of the Trancent world.