// Self-custody · Crypto track
Where your money actually sits · plain English

Self-custody vs the exchange.

Your coins never leave the chain. They were never in your wallet, and they were never inside the exchange either. A key signs, the chain records, and the only real question is who holds the key. This is the lesson I wish someone had drawn for me before I trusted a platform with more than I could afford to lose.

not advice · not a lawyer · just the map
Why this lesson exists

I spent years inside banks. I watched who the system serves and who it bleeds. The whole point of this technology is that you can hold value nobody can freeze or print away, but that only works if you understand what you are actually holding. Most people never get told. So they leave everything on an exchange, call it "my crypto," and find out the hard way that it was an IOU the whole time.

// 02 // 02 · keys sign, chains record

There is no coin in the wallet.

A coin is not a file. It is not a token that sits somewhere and gets moved around. A coin is a row in a public ledger that every computer on the network keeps a copy of. The row says: this much value, controlled by whoever can produce a valid signature for this address.

Your private key is the thing that produces that signature. It is a very large secret number. It never touches the chain. When you "send" coins, you are not moving anything. You are signing a message that says "reassign this ledger entry to a new address," and broadcasting it. The network checks the signature and updates every copy of the ledger.

A wallet, then, is a keychain, not a vault. It holds keys, not coins. A seed phrase (usually 12 or 24 words) is the human-readable backup of those keys. Whoever has the seed can rebuild every key and sign for everything. That is the whole security model, and it is why "back up your seed" is not a nag, it is the entire game.

THE PUBLIC LEDGER · EVERYONE HOLDS A COPY addr 0x9f…21c0.50 BTC addr 0x3a…7be2.00 BTC addr 0x77…e040.13 BTC the coin is this row — not a thing in your pocket private key signs the reassignment SELF-CUSTODY you hold the key EXCHANGE they hold the key · you hold an IOU
fig.01 — keys sign, chains record. The coin is a ledger row. Whoever holds the signing key controls the row. Self-custody: that is you. Exchange: that is them, and your balance is an entry in their books.
Takeaway: "not your keys, not your coins" is not a slogan, it is a description of the machine. If you cannot produce the signature yourself, you do not hold the asset. You hold a promise from whoever can.
// 03 // 03 · both directions honestly

Both choices can cost you everything. Differently.

Crypto Twitter tells you self-custody is always right and exchanges are always evil. That is half the truth. Custody is a trade, and it cuts both ways. The failure modes are just different, so pick the one you can actually survive.

 Exchange (custodial)Self-custody
Who can freeze itThe company, a court, a hack, a bank-run halt on withdrawalsNobody. It's a signature, not an account
If you mess upPassword reset, support ticket, sometimes a reversalNo undo. Wrong address or lost seed = gone
Counterparty riskHigh. You're an unsecured creditor if they failNone. No company between you and the coin
You-riskLow. They handle keys and backupsHigh. You are the vault, the backup, and IT
Who you're trustingA business's solvency and honestyYour own discipline and your backup
The honest version

Self-custody does not remove risk. It moves the risk onto you. You trade counterparty risk for personal-responsibility risk. For a lot of people that is the right trade, because you can control your own behavior and you cannot control a CEO's. But if the honest answer is "I will lose the piece of paper," an exchange with good security may genuinely be safer for you than a hardware wallet you neglect. Know which person you are before you decide.

// 04 // 04 · what leaving it on a platform has cost

The receipts. Every one of these was "my crypto."

This is not fear-mongering, it is a public record. Every collapse below started the same way: users held a balance on a platform, called it theirs, and could not withdraw one morning. The dollar figures are real, the dates are real, and the part nobody mentions is how long the money was frozen even in the cases that ended well.

Feb 2014 Mt. Gox ~850,000 BTC ~7% of all bitcoin repaid from Jul 2024 10-year wait Jul 2022 Voyager froze withdrawals "FDIC insured" — it wasn't 35.72% initial recovery Jul 2022 Celsius ~$4.7B owed to users ~600k ruled unsecured creditors exited Jan 2024 Nov 2022 FTX ~$16.5B estate outright fraud paid from 2025 · see asterisk
fig.02 — the custodial graveyard. Red dot = withdrawals stopped. Even the "good" outcomes took years, and the recovery figures hide a catch, next section.
Mt. GoxThe one that taught the whole industry the phrase

By early 2014 Mt. Gox handled the majority of all bitcoin trades in the world. In February 2014 it halted withdrawals and filed for bankruptcy, saying roughly 850,000 BTC were gone, about 750,000 belonging to customers and 100,000 its own, around 7% of every bitcoin that existed. At the time that was worth roughly $450M. Today it would be tens of billions.

  • About 140,000 BTC were later recovered from an old wallet.
  • Repayments to creditors began in July 2024, a full decade after the collapse.
  • The final repayment deadline has been pushed to October 31, 2026. Some creditors have waited twelve years.

The strange twist: because bitcoin rose so far over that decade, creditors who get repaid receive far more dollars than they lost, while getting back a fraction of the coins. They were unwilling long-term holders, locked in by a bankruptcy court, not by choice.

Celsius & Voyager"Earn interest on your crypto" — and the fine print

Voyager suspended all withdrawals on July 1, 2022 and filed Chapter 11 five days later. It had marketed accounts as effectively safe, and the FTC later charged that its claims of FDIC insurance were false. The initial in-kind distribution returned 35.72% of claims, with more depending on litigation over money owed by Three Arrows Capital and FTX.

Celsius froze withdrawals in June 2022 and filed Chapter 11 on July 13, 2022, owing users more than $4.7B. Here is the line that matters for this lesson: in January 2023 a bankruptcy judge ruled that roughly 600,000 "Earn" account holders had legally handed their crypto to Celsius, per the terms of service nobody read. That made them unsecured creditors, last in line. Celsius exited bankruptcy in January 2024 distributing around $3B in a mix of crypto and equity in a new mining company.

  • The pattern in both: a friendly app, a yield number, and terms of service that quietly said the coins were now the company's.
  • "Earn" and "interest" mean you lent them your coins. Lending is not custody. You became a creditor the moment you clicked yes.
// 05 // 05 · read the asterisk

FTX "paid everyone back 119%." Read the asterisk.

FTX is the headline people point to when they say the system works. A Delaware court approved a reorganization plan in October 2024, the estate recovered on the order of $16.5B, and roughly 98% of creditors were set to receive about 119% of their allowed claim, including interest. Distributions started in early 2025. That sounds like a happy ending, and for some it was.

The catch nobody prints in the headline

Claims were valued in dollars at the November 2022 petition-date price. When FTX froze, bitcoin was near $16,000. It later ran past $100,000. So a customer who "held one bitcoin" on FTX got back the 2022 dollar value plus interest, not a bitcoin. They missed the entire run. Getting 119% of a number frozen at the bottom can mean recovering a fraction of what self-custody would have kept. "Made whole" in dollars is not "made whole" in coins.

And FTX was the exception, not the rule

FTX creditors did comparatively well because the estate clawed back enormous assets and crypto rallied into the recovery. That is luck and litigation, not a guarantee. Most people who lose money on a platform do not get a 119% court plan. They get 35%, or they get a decade of waiting, or they get nothing. Do not plan around being the lucky bankruptcy.

// 06 // 06 · self-custody loses money too

Now the honest other side. People lose self-custodied coins forever.

If I only showed you the exchange collapses, I would be selling you something. The same property that makes self-custody powerful, no company can freeze it, no one can reverse it, means no one can recover it for you either. A lost key is not a support ticket. It is a permanent hole in the supply.

WhoWhat happenedHow much
James HowellsThrew out a hard drive holding the private key while clearing his house in 2013. It sits in a Newport, Wales landfill. A UK court dismissed his final bid to dig in January 2025.8,000 BTC
~$700M+
Stefan ThomasHolds 7,002 BTC on an encrypted IronKey drive. He lost the paper with the password. The drive permanently self-encrypts after 10 wrong guesses. He has 2 tries left.7,002 BTC
hundreds of $M
QuadrigaCXCanada's biggest exchange said its founder died in 2018 as the only person with the cold-wallet keys, locking ~$190M. Investigators later found he had run it like a Ponzi. Both failures at once.~$190M CAD
custodial + lost keys
The scale of it

Blockchain-analytics firm Chainalysis estimates that between 2.3 and 3.7 million bitcoin are permanently lost, roughly 11 to 18 percent of the 21 million that will ever exist. Most of that was not stolen. It was self-custodied by people who lost a key, forgot a password, or died without leaving the seed to anyone. Self-custody without a backup plan is how a large chunk of all bitcoin left the economy for good.

Takeaway: the exchange can lose your coins to insolvency. You can lose them to a house-cleaning, a bad memory, or a heart attack with no plan. Self-custody is not "safe," it is a different job. The rest of this lesson is how to actually do that job.
// 07 // 07 · it's a dial, not a switch

Custody is a dial. Here are the four settings.

This is not exchange-or-nothing. There is a spectrum from "someone else holds everything" to "a quorum of keys you split up." As you move right you gain control and give up convenience, and you take on more of the responsibility yourself. Most people should hold different amounts at different settings.

Exchange Hot wallet Hardware Multisig ← more convenient · someone else's problem more control · your job entirely → counterparty risk: HIGH counterparty risk: NONE · you-risk: HIGH
fig.03 — the custody spectrum. No setting is "correct." A common split: trading size on an exchange, spending size in a hot wallet, savings on hardware, generational size in multisig.
setting 1
Exchange
They hold the keys. You log in. Great for buying, trading, and cashing out to a bank.
risk: their solvency
setting 2
Hot wallet
You hold the keys, on an internet-connected phone or browser (Phantom, etc). Yours, but exposed to malware and bad approvals.
risk: phishing, drainers
setting 3
Hardware
Keys generated and kept on an offline device. It signs without ever exposing the key. Best balance for most savings.
risk: lost seed, coercion
setting 4
Multisig
Several keys, a threshold to spend (say 2 of 3), stored in different places. No single point of failure. More setup.
risk: complexity, key sprawl
// 08 // 08 · what the device actually does

Hardware wallets: what they stop, and what they don't.

A hardware wallet is not a USB stick that "stores your coins." Remember, coins live on the chain. It is a small computer with one job: generate a key, keep it inside, and sign transactions without ever letting the key out. The key is created on the device and never leaves it, even when you plug it into an infected laptop.

When you send, your computer builds the unsigned transaction and hands it to the device. The device signs it internally and returns only the signature. The key never touches the internet-connected machine. Crucially, the device has its own screen: it shows you the real address and amount it is about to sign, so malware on your laptop cannot silently swap the destination. You verify on the device, not on the computer.

Protects against
Remote attacks
Malware and keyloggers on your computer, phishing sites that try to grab a key, and address-swapping malware, because you confirm the real details on the device screen.
Does NOT protect against
You, and physics
Approving a malicious transaction because you didn't read the screen, signing a token "approval" that drains a wallet later, a $5-wrench robbery, a tampered device from a shady reseller, or losing the seed with no backup.
The mistake that survives a hardware wallet

The most common 2024–2026 drain is not a cracked device. It is a real owner of a real hardware wallet who signed a malicious approval on a fake site, or approved a transaction without reading the device screen. The hardware did its job, it showed the truth, and the human clicked through. Buy the device sealed and directly from the maker, and treat every "approve" prompt as the moment that matters.

// 09 // 09 · the part everyone skips

Backup and inheritance. This is where the coins actually die.

Almost nobody loses coins to a cracked cipher. They lose them the boring way: the one backup was in the house that flooded, the seed was written on a sticky note that got tossed, or they died and no one else on earth knew the words. Self-custody without a durable, redundant backup is just a slower way to lose it.

Takeaway: the seed backup is not the boring part of self-custody. It is self-custody. Getting the key generation right and the backup wrong is how you end up in the Chainalysis lost-coin number.
// 10 // 10 · what to actually do

The move. Boring on purpose.

You do not have to go all-in on either side. The sane version is a split you set once and stop renegotiating:

The one line to remember

Every exchange in the receipts section looked completely safe the day before it wasn't. The users who kept their coins were not smarter about markets, they just held their own keys and had a backup. Don't trust, verify. Hold your keys, back up the seed, keep on a platform only what you can afford to watch freeze.

Next lesson

Back to the crypto track → First wallet to first swap, then DeFi past the buzzwords. Everything we work out building in the open gets written down here. No paywall, no email gate.

← Back to the education portal