Skip to content
Sun, Jul 12 UTC 02:12:59 CAP $1.98T
26 Fear Live
Join free
Beginner 5 min read

Crypto Wallets Explained: Custody, Security, and Seed Phrases

A wallet doesn't store your coins — it stores the keys that prove you own them. Here's how custodial, self-custody, hot, and cold wallets differ, and how to keep one safe.

Key concepts

  • A wallet stores keys, not coins — your balance lives on the blockchain; the wallet proves and authorises your control over it.
  • Custodial wallets, such as exchange accounts, are simpler but mean trusting a third party to hold your keys.
  • Self-custody means holding your own private keys directly, with no support line to call if something goes wrong.
  • Hot wallets are internet-connected and convenient; cold wallets, especially hardware wallets, keep keys offline for stronger security.
  • A seed phrase can recreate every key in a wallet — anyone who sees it can copy the entire wallet.
  • "Not your keys, not your coins": whoever holds the private key controls the funds, no matter who they were sent to.

“Wallet” is a slightly misleading word. A crypto wallet does not actually hold your coins the way a physical wallet holds cash — your balance lives on the blockchain itself. What a wallet holds is the cryptographic keys that prove you control that balance and let you authorise moving it. Understanding that one distinction changes how you think about almost everything else in this guide: custody, security, and what actually happens when a wallet is “hacked”.

Keys, not coins

Every wallet is built around a key pair: a public key, which can be shared to receive funds, and a private key, which must never be shared and is used to authorise spending. Whoever holds the private key controls the funds — not whoever the funds were originally sent to, not whoever set the wallet up, whoever currently holds the key. That is the entire basis of ownership in cryptocurrency, and it is why the community shorthand “not your keys, not your coins” gets repeated so often. It is blunt, but it is accurate.

Custodial vs self-custody

The first major decision any crypto user makes, often without realising it, is whether to hold their own keys or let someone else hold them.

A custodial setup — typically an account on a centralised exchange — means the exchange holds the private keys on your behalf, similar to how a bank holds your money rather than you keeping it under a mattress. This is simpler for beginners: there is a password-reset option, customer support, and no risk of losing a physical device or phrase. The trade-off is that you are trusting the exchange’s security and solvency, and you do not have direct control of the underlying keys — if the exchange is hacked, becomes insolvent, or restricts withdrawals, your access depends on them.

Self-custody means you generate and hold the private keys yourself, using a wallet application or device that you control directly. Nobody can freeze the funds or restrict a withdrawal, but that independence is absolute: there is no support line to call if you lose the keys, and no one who can reverse a mistake on your behalf. Self-custody is the setup most people mean when they talk about “real” ownership in cryptocurrency, but it only makes sense once you are prepared to take security seriously.

Hot vs cold

Within self-custody, wallets split further into hot and cold, based on whether the keys ever touch an internet-connected device.

A hot wallet keeps keys on a device that is connected to the internet — a phone app or browser extension, for example. It is convenient for regular use and small amounts, but that same internet connection is what malware, phishing sites, and other remote attacks use to try to reach the keys.

A cold wallet keeps keys on a device that is never connected to the internet, most commonly a dedicated hardware wallet — a small physical device purpose-built to generate and store keys offline and sign transactions without ever exposing the private key to a connected computer. Cold storage is slower to use day-to-day, which is exactly why it suits larger, longer-term holdings better than a hot wallet does: the inconvenience is the security feature. A sensible pattern many people settle on is a hot wallet for small, everyday amounts and a cold wallet for anything they would be unhappy to lose.

Seed phrases: the master key

Almost every modern self-custody wallet generates a seed phrase when it is set up: a sequence of ordinary-looking words, presented in a specific order. That phrase is a human-readable backup of every private key the wallet can generate — write it down correctly, and you, or anyone else, can restore full access to the wallet’s funds on an entirely new device. Lose it, without another backup, and there is no way to recover the wallet if the original device is ever lost or damaged.

Because a seed phrase can recreate every key in the wallet, it is, functionally, more sensitive than the keys themselves. Anyone who sees it can copy your entire wallet without needing your device, your passwords, or your permission.

Security do's and don'ts

A short, practical list, aimed squarely at beginners:

  • Do write your seed phrase on paper, or a metal backup plate, and store it somewhere private and secure — ideally in more than one location.
  • Do use a hardware wallet for any amount you would genuinely be upset to lose.
  • Do double-check a receiving address before sending — transactions cannot be reversed once confirmed.
  • Don’t type your seed phrase into a website, an app, an email reply, or a chat message, ever. No legitimate wallet, exchange, or support team will ever ask for it.
  • Don’t store a seed phrase as a plain photo or text file on a device that is connected to the internet.
  • Don’t treat a screenshot as a secure backup — cloud photo syncing can expose it far beyond the original device.

Almost every theft of self-custodied funds traces back to one of these basics being skipped, rather than to some exotic technical exploit. The mechanics explained in how cryptocurrency works show why: whoever holds the key holds the funds, full stop, so the seed phrase is the single point that matters most.

Choosing a setup that fits you

There is no single correct answer for every person. Holding a small amount purely to learn how transactions work is a reasonable case for starting with a simple hot wallet or even a reputable exchange account. Holding a meaningful amount for the long term is a reasonable case for a hardware wallet and a carefully stored seed phrase. What matters is making the choice deliberately, understanding the trade-off you are accepting, rather than defaulting into whichever option was fastest to set up. This is general education, not personalised advice — your own risk tolerance and circumstances should guide the specifics.

Where to go next

Our companion article, What Is a Crypto Wallet? How to Keep It Safe, walks through the setup process itself in more detail, and Avoiding Crypto Scams covers the social-engineering tactics that specifically target seed phrases and wallet access.

Frequently asked questions

What's the difference between a wallet address and a private key?

An address is derived from your public key and is safe to share — it's what other people use to send you funds. Your private key is the secret counterpart that authorises spending and must never be shared. Sharing an address is normal; sharing a private key or seed phrase means giving away control of the funds.

Can I recover a wallet if I lose my device but still have my seed phrase?

Yes. That is precisely what a seed phrase is for — entering it into a new, compatible wallet regenerates the same private keys and restores access to the funds. This is also exactly why the phrase itself needs to be protected at least as carefully as the device it backs up.

Is a hardware wallet worth it for a beginner?

It depends on the amount involved. For a small amount held mainly to learn, a reputable hot wallet or exchange account is a reasonable starting point. Once the amount held is large enough that losing it would genuinely hurt, a hardware wallet's offline security becomes worth the extra inconvenience.

What should I do if I think my seed phrase has been exposed?

Move funds to a brand-new wallet, generated with a fresh seed phrase on a device you trust, as soon as possible — treat any exposure as a live compromise rather than a maybe. Anyone with the phrase can recreate the wallet at any time, so changing a password or app setting alone will not fix it.

This guide is educational and not financial advice. Crypto is volatile and high-risk — always do your own research.
Next guide

How to Buy Your First Crypto Safely: A Beginner's Guide

Keep exploring