Busting Myths About Cryptocurrency Custody

February 21, 2019, 3:32 PM UTC
Bitcoin Continues To See Unprecedented Growth
LONDON, ENGLAND - DECEMBER 12: A visual representation of the cryptocurrency Bitcoin on December 07, 2017 in London, England. Cryptocurrencies including Bitcoin, Ethereum, Litecoin, Dash and Ripple have seen unprecedented growth in 2017, despite remaining extremely volatile. While digital currencies across the board have divided opinion between financial institutions, and now have a market cap of nearly 500 Billion USD, the crypto sector continues to grow, as it continues to see wider mainstream adoption. The price of one Bitcoin passed 15,000 USD across many exchanges this week and continues to grow. (Photo by Jordan Mansfield/Getty Images)
Jordan Mansfield—Getty Images

I’ve noticed some inaccuracies popping up lately regarding how people are thinking about cryptocurrency custody and storage solutions. The discussion usually centers on “hot” versus “cold”—meaning, online versus offline—storage of private keys, which are the private codes that allow you to transfer crypto assets. Let’s address these misconceptions, one by one.

Misconception #1: you can’t trade crypto using funds in cold storage

This is inaccurate. Platforms like Coinbase Custody (full disclosure: this is my company’s product) let you trade over-the-counter (OTC) using delayed settlement. This means that you can trade while your funds are safely stored offline, and they’re only transferred once the trade is executed.

Misconception #2: you can’t “stake” (or earn interest on) funds in cold storage

This is also not accurate. Many different models for staking—an alternative to energy-intensive “mining” for securing blockchains—are being developed. For instance with Tezos, one major cryptocurrency project, you can delegate your funds in cold storage to a “baker” and earn interest. The baker, which acts as the staking equivalent of a miner in the Bitcoin example, keeps a smaller percentage of funds online—and those don’t need to be customer funds. In other words, customer funds are kept safely offline but are still fully able to participate in the network, earning a yield for the customer.

Other staking models that require hot funds may emerge, but many that are being developed utilize delegation, smart contracts with whitelisted withdrawal addresses, and other features to mitigate the need for a hot wallet. Examples of these include Cosmos and Decred. While these last two projects are still very much in their development phases, the technology shows promise, and I’m looking forward to seeing where they go. The delegated approach is a good idea, generally, as it will help improve the security of staking. (By the way, if you are an asset issuer developing a staking model, my team would love to chat with you; please visit

Misconception #3: cold storage means relying on a single authorized user who could lose funds

The number of key holders and hot versus cold storage are unrelated concepts; you could have a single key holder whether funds are hot or cold. A well-designed crypto custody solution doesn’t rely on any single person. Instead, it utilizes multiple keys to achieve consensus and redundancy. The larger the transaction, the more parties need to consent. This is really just scratching the surface of a well-designed custody solution. A well-tested disaster recovery program should contemplate natural disasters, malicious insiders, supply chain attacks, etc.

Misconception #4: Hardware security modules, or HSMs, are just as good as cold storage

HSMs are a great tool in security. I’m a big fan of them, and Coinbase uses them in parts of our architecture. When used correctly, they can come close to, but not match, the security offered by cold storage. “Air gapping” your private keys in cold storage means fully disconnecting them from the internet, such that a remote attacker can’t access them without some physical attack as well. This additional manual step introduces a nice guarantee that it is not just software protecting your money. In theory, any software can be hacked, even if it is unlikely.

Hot vs. cold tradeoffs

Both hot and cold storage play an important role in this industry, and we intend to continue offering both solutions to customers. They each have different tradeoffs, and one is not inherently better than another.

Hot storage is best when customers need real-time access to funds, measured in minutes or seconds. In exchange for this, there is some additional security risk, which can be mitigated, in keeping funds live on the Internet.

Cold storage is best when security is paramount, typically when storing larger amounts. As I mentioned above, you can still trade and stake funds in cold storage, but the price you pay is that the time it takes to withdraw funds is typically measured in hours. Depending on how difficult you want to make the withdrawal of funds that may be a pro, not a con.

The middle path

One of the questions I like to think about in security is “How many things can go wrong before funds are at risk?” In an ideal system, there are multiple layers of security, so almost everything can go wrong yet the funds remain safe. With hot storage there are a lot of details that you need to get right to keep the funds safe. Is it possible to get all those details right? Yes, and I’m comfortable using hot storage for reasonable amounts. (Insurance can add an extra layer of protection.) Do I want to bet my entire business on all those details being right indefinitely? Probably not.

For these reasons, I think customers will want the choice of having both cold and hot storage of crypto funds for some time to come. Customers should use the right tool for the right job. The crypto space keeps evolving quickly, and architectures will continue to evolve along with it. We’re excited to continue building a strong foundation on which to build a more open financial system.