What is a crypto wallet, and who really holds your money?
A wallet does not store money, it holds a key. Custodial vs non-custodial, the five wallet types, real security levels and the honest trade-offs.
On this page
Delete your banking app tonight and your money sleeps untouched at the bank. A wallet flips that logic: the app is replaceable, the key inside it is not. Understand that one inversion and everything else, custody, seed phrases, hardware devices, falls into place.
What is a crypto wallet, really?
A crypto wallet is an app or a small device that stores a secret key: a long number proving you own money recorded on a public ledger, a blockchain. The money is never “inside” the wallet. A dollar held as USDC lives on the ledger itself, visible to anyone; the wallet holds the only key that can move it.
Every wallet gives you two things. An address, which works like an IBAN: you can share it freely, and people use it to send you money. And a private key, which works like a handwritten signature that cannot be forged: it approves outgoing payments, and whoever holds it holds the money. Every wallet type that follows is just a different answer to one question: who keeps that key?
Custodial or non-custodial: who holds the key?
On a custodial service, typically a crypto exchange, the platform keeps the keys and you keep a claim, the same way a bank owes you your balance. That is comfortable right up until the platform fails. When FTX collapsed in November 2022, customer withdrawals exposed a hole of roughly $8 billion: the money people saw in their accounts was, in part, no longer there. It was not the first time. In 2014, Mt. Gox, then the largest exchange, lost around 850,000 bitcoins to theft and mismanagement. And custody concentrates risk even when the books are honest: in February 2025, thieves working for North Korea took about $1.5 billion from the exchange Bybit in a single operation, the largest crypto theft on record according to the FBI. The crypto adage “not your keys, not your coins” is blunt, but it compresses all three stories into six words.
On a non-custodial wallet, you keep the key. No company can freeze the money, lend it out behind your back, or lose it in a bankruptcy; the trade is that nobody can reset your password either. The cost of that freedom is measurable: Chainalysis estimates put permanently lost bitcoin between 2.3 and 3.7 million coins, roughly 11 to 18% of the maximum supply, most of it stranded by lost keys. Self-custody moves the risk; it does not delete it. We unpacked what non-custodial means for shared expenses in a companion piece.
What are the main types of wallet?
Five families cover almost everything in use today. Each one redistributes the same three burdens: convenience, control, and the consequences of a mistake.
The exchange account (custodial)
An account on a platform like Coinbase, Kraken or Binance. It feels like online banking: email login, password reset, a support line. That familiarity is real value, especially for buying coins with a card or a bank transfer. The weakness is structural, not technical: your balance is a promise from a company, and if the company freezes withdrawals or fails, you wait in line with its other creditors. Fine as an on-ramp; risky as a vault.
The software wallet (self-custody on your phone)
Apps like MetaMask or Trust Wallet keep the key on your device, protected by your phone’s lock. At setup they hand you a seed phrase: 12 or 24 ordinary words that encode the key itself. Write them down and any device can rebuild your wallet; that is the whole backup system. It cuts both ways. Anyone who reads those words owns your money from anywhere on Earth, and if they burn with the notebook, no company on the planet can restore them. Free, powerful, and unforgiving.
The embedded wallet (self-custody, without the homework)
The newest family: a wallet built directly into an app and created when you sign up, often with an Apple or Google login. No seed phrase ceremony. Under the hood, providers such as Privy split the key into separate shares and only reassemble it inside a secure hardware enclave, an isolated chip environment that neither the app nor the provider can read. Done well, this is self-custody with the sharp edges filed down: you control the money, but no single company, and no single stolen phone, holds the whole key. The honest caveat: you are trusting the provider’s architecture rather than a piece of paper, so it matters that the design is published and independently audited.
The hardware wallet
A small physical device, Ledger and Trezor are the best known, that generates the key inside a dedicated chip and never lets it out. Transactions are signed on the device itself, so even a compromised computer cannot leak the key. For large, long-term holdings this remains the strongest option available to individuals. The trade-offs are practical: it costs money, it is awkward for daily payments, and it still relies on a seed phrase backup, so the notebook problem does not disappear.
The smart account
Since Ethereum’s Pectra upgrade went live on May 7, 2025, an ordinary wallet can temporarily behave like a programmable account. In plain terms, wallets can now carry rules: daily spending limits, recovery through people you designate, or letting someone else pay the network fee (the gas). The likely path is that these features dissolve into the wallets above rather than form a product you buy separately. Early, but worth knowing the words.
How do wallets actually get robbed?
Not by breaking the math. The cryptography behind a private key has no publicly known shortcut; guessing one is not a realistic attack. What fails, in practice, ranks like this:
- The platform fails. The biggest losses in crypto history, Mt. Gox, FTX, Bybit, all happened at custodians, not in someone’s phone wallet.
- You sign something malicious. Phishing sites and fake reward pop-ups do not steal keys; they ask you to approve a transfer dressed up as something harmless. Even the Bybit thieves attacked the screen the staff signed on, not the vault behind it.
- The seed phrase leaks or vanishes. A photo of it in your camera roll is a copy of your money sitting in your cloud backup. Losing every copy is just as final in the other direction.
- The phone gets stolen. Least severe of the four, because a locked device with biometrics and an app PIN buys you time to move funds from a backup.
The hygiene that follows is short: no service will ever need your seed phrase, so any request for it is theft; read what you sign, especially amounts and permissions; and send a small test amount before a large one.
So which wallet should you actually use?
The question is miscast as either-or. The pattern security people converge on is matching the holder to the amount: an exchange account as a bridge to and from your bank, a software or embedded wallet for the money you actually move around, a hardware device once savings reach an amount whose loss would genuinely hurt. Keys you cannot afford to lose belong in hardware; money you use every week belongs in a wallet your phone can protect.
Why it matters for shared money
Group money has historically meant custodial money: someone fronts, an app holds a pot, a platform sits on the balance. The wallet stack above makes another design possible. Spliz, for instance, is non-custodial by design: an embedded wallet is created when you sign up, or you connect one you already have, and the app never holds anyone’s funds; balances settle wallet-to-wallet in USDC, and nothing moves without your signature. That is one application. The wider shift is the interesting part: accounts you own outright, guarded by your own devices, are becoming the default architecture for new money apps rather than the expert option.
A wallet is not where your money lives. It is the answer to who holds the key, and for the first time, the practical answer can be: you.
Sources
- FBI public service announcement, February 26, 2025, attribution of the $1.5 billion Bybit theft to North Korea.
- Wikipedia, Bankruptcy of FTX, the November 2022 collapse and the $8 billion customer shortfall.
- Wikipedia, Mt. Gox, the 2014 loss of roughly 850,000 bitcoins.
- Ethereum Foundation, Pectra mainnet announcement, the May 7, 2025 activation that brought smart-account features to ordinary wallets.
- Ledger Academy, Chainalysis estimates of 2.3 to 3.7 million permanently lost bitcoins.
- Privy, security architecture, key sharding and hardware-enclave signing for embedded wallets.
The shared account for your friends. Settle your next group tab in one signature.