For bitcoin bulls who self-custody crypto, the global risks are growing

For bitcoin bulls who self-custody crypto, the global risks are growing


Whether to buy cryptocurrency as a long-term holding may be the biggest decision an investor interested in digital assets has to make, but where to store crypto like bitcoin can become the most consequential.

Following the wildfires earlier this year in California, social media posts began to appear with claims of bitcoin losses, with some users showing metal plates intended to protect seed phrases burnt up and illegible or describing the complexity of recovering crypto keys stored in a safety deposit box in a bank impacted by the fires. While impossible to verify individual claims about fires consuming hard drives, laptops and other storage devices containing so-called hard and cold storage crypto wallets and seed phrases, what is certain is that bitcoin self-custody presents a unique set of security issues. And those risks are growing.

Holders of crypto typically use some form of what can be called a “wallet,” and there are a few main features – whether that wallet is connected to the internet, and how much control is directly embedded in the wallet for trades and transfers. There is also the underlying issue of whether a crypto investor uses a third party for custody at all, or maintains total custody and trading control over their holdings.

The standard third-party platform “hot wallet” – think of an offering from a Coinbase or Blockchain.com – is constantly connected to the internet. Cold storage and “cold wallets,” on the other hand, include hardware devices (like a USB stick) that holds private keys offline, or even just a seed phrase (a master recovery code, a collection of 12 to 24 words used to recover access to a crypto wallet) on paper/metal. Hardware wallets or offline backups of seed phrases can be used to access crypto when connected to the internet through another device.

With third-party custodial options, there are steps to help owners remain vigilant against the threat posed by cybercriminals who can gain access to an internet-connected platform, including the use of two-factor authentication, and strong passwords. The U.S. Marshals Service within the Department of Justice, which is responsible for asset forfeiture from U.S. law enforcement, uses Coinbase Prime to provide custody for its seized digital assets.

Many crypto bulls prefer to self-custody digital assets like bitcoin for some of the same reasons they are interested in cryptocurrencies to begin with: lack of faith in some forms of institutional control. Custodial wallets from crypto brokers trade convenience for the risk of exchange hacks, shutdowns, or fraud, as in the case of the high-profile implosion of FTX. And the wildfires are just one example in a recent string of global events that raise more questions about shifts in the crypto custody debate. There is the ongoing conflict in the Middle East and Russia-Ukraine war, which has led crypto bulls from overseas to re-think their approach to self-custody.

Nick Neuman, co-founder and CEO of self-custody company Casa, said physical risks in the world like a natural disaster are an opportunity to revisit how bitcoin security works, and the common security lapses folded into most peoples’ practices. “Most people secure their bitcoin with one private key. If that key is on a single device or written down on paper as a seed phrase, it’s a single point of failure. If you lose that key, your bitcoin is gone,” he said.

It should be obvious that keeping seed phrases on paper offers the lowest level of protection against fire, yet it is common practice, Neuman said. Slipping these pieces of paper into fireproof bags or safes offer some protection, but not much, and even going the extra steps to have the seed phrases on “indestructible” metal storage plates presents a few failure points. For one, they might prove to be not so indestructible, and second, they may be impossible to locate amid the rubble. 

“Logically, given the location of the fires in California and the stories being shared on X, it’s highly likely bitcoin was lost,” said Neuman. “Some of them are pretty convincing,” he said.

Casa performs annual stress tests on seed phrase backups.

Some self-custody services, like Casa, offer multi-signature setups that reduce the risks of single-point failure. A multi-key crypto “vault” can include mobile phone keys, multiple hardware keys, and a recovery key that a company likes Casa holds on an owner’s behalf.

The multi-sig custody approach allows an owner to hold a majority of keys while a trusted partner holds a minority of keys. John Haar, managing director at Swan Bitcoin, says that in such a setup, the owner would need to lose all the physical devices and all copies of the seed phrases at the same time. As long as the owner can access at least one device or one seed phrase, they would be able to recover their bitcoin. This approach should significantly limit the potential for all of the devices to be lost in an event like a natural disaster, Haar said.

“You can spread these keys across multiple regions or even countries, and you need any three of the five keys to approve a bitcoin transaction,” Neuman said of Casa’s five-key approach.

Jordan Baltazor, chief administrative officer at Fortress Trust, a regulated crypto custodian, says best practices that we use in other areas of personal life should apply to cryptocurrency. For one, diversification of storage approach and weighing of risks. Digital assets are no different, he says, when it comes to backing up personal and sensitive data on the cloud to ensure data against loss or corruption.

Companies including Coinbase and Jack Dorsey’s Block offer products that try to merge some of these ideas, creating a more secure version of a crypto wallet that remains convenient to use. There is Coinbase Vault, which includes enhanced security steps before a user can access crypto holdings for trading. And there is Coinbase Wallet and Block’s Bitkey, which have mobile apps that work like a traditional wallet making moving bitcoin around easy, but with the ability to pair with hardware wallets and added security more commonly associated with cold storage.

Bitkey hardware requires multiple authorizations for transactions for added security, similar to “multi-sig wallets.” Bitkey also offers recovery tools so one of the biggest risks of self-custody — losing codes or phrases needed to recover a cold wallet — is less of an issue.

Solutions like Dorsey’s may help to solve the tension between convenience and security; at minimum, they underline that this tension exists and will likely be something of a roadblock to more widespread crypto adoption. Beyond the risks out there in the form of wildfires, all kinds of natural disasters, and wars, bitcoin self-custody can be vulnerable to the biggest personal risk of all: unexpected death of the bitcoin owner. There is arguably nothing more complicated than inheritance when it comes to unlocking the crypto chain of custody.

Coinbase requires probate court documents and specific will designations before releasing funds from custody, while physical wallets offer little to no support, potentially leaving all that digital value stuck on a private key. Bitkey rolled out its inheritance solution in February for what a Bitkey executive called, “kind of a multibillion-dollar problem waiting to happen.”

“People who have a material investment in bitcoin absolutely need to be thinking differently about how to protect it,” Neuman said. He says that after disasters like the California wildfires, or when exchanges go bust like FTX, the industry does see more crypto holders taking action to move to more secure storage setups. “I suppose it’s human nature to wait until ‘bad things happen’ to spur action to improve your own personal situation,” he said. “But I think people would be better off if they were more proactive. Otherwise, they risk having that ‘bad thing’ happen to them, and then it’s too late,” he said.



Source

Palo Alto Networks to acquire CyberArk in  billion deal
Technology

Palo Alto Networks to acquire CyberArk in $25 billion deal

Piotr Swat | Lightrocket | Getty Images Palo Alto Networks will take over Israeli identity security provider CyberArk in a deal valued at roughly $25 billion. The California-based cybersecurity company will pay shareholders $45 apiece for 2.2005 shares of CyberArk, representing a 26% premium to its share price Friday. The deal is expected to close […]

Read More
At 10 years old, Ethereum’s future is brighter than ever despite recent setbacks
Technology

At 10 years old, Ethereum’s future is brighter than ever despite recent setbacks

Omar Marques | Lightrocket | Getty Images It’s been a decade since Ethereum’s inception, and although its native ether token has largely struggled for the last half of it, its future looks brighter than ever. Ether has become more attractive to institutions in recent weeks largely due to legislation around stablecoins – most of which […]

Read More
Robinhood’s 175% rally this year is best among U.S. tech stocks
Technology

Robinhood’s 175% rally this year is best among U.S. tech stocks

As Robinhood investors await second-quarter earnings, expectations are sky-high. The online broker, known for popularizing stock and crypto trading with young investors, has seen its shares surge 177% this year, outpacing all other U.S. tech companies valued at $5 or more, excluding those that went public in 2025. The next best performer is Palantir, up […]

Read More