Crypto Custody Solutions

Why Custody Is the Foundation of Crypto Security

In traditional finance, custody of assets — stocks, bonds, cash — is handled by regulated entities such as broker-dealers and banks, with extensive legal protections including SIPC insurance, FDIC coverage, and fiduciary obligations. In crypto, custody defaults to self-custody: whoever holds the private key controls the asset. This simplicity is powerful but creates enormous operational and security challenges, especially as asset values scale.

The phrase "not your keys, not your coins" captures the fundamental custody principle: if a third party holds your private keys, you are trusting them not to misuse, lose, or be hacked out of those keys. The collapses of FTX, Celsius, and Voyager demonstrated catastrophically what happens when custody trust is misplaced. Conversely, self-custody at institutional scale — managing keys for billions of dollars of assets across complex operational environments — requires sophisticated technological infrastructure that most organisations cannot build internally.

Crypto custody solutions span a spectrum from full self-custody to fully outsourced qualified custodians, with a range of hybrid models in between. Choosing the right model depends on asset scale, regulatory requirements, operational capacity, and risk tolerance.

Hot Wallets vs Cold Storage: The Fundamental Trade-off

A hot wallet is a private key held on an internet-connected device or server. Hot wallets enable fast, automated transaction signing — essential for exchange operations, DeFi protocol operations, and any use case requiring near-instant asset movement. The trade-off is security: any internet-connected key is exposed to remote attack vectors including server compromise, API key theft, and insider threats.

A cold wallet is a private key stored on hardware that is physically isolated from the internet — a hardware security module (HSM), an air-gapped computer, or a hardware wallet device. Cold storage maximises security at the cost of operational friction: signing a transaction from cold storage requires physical access to the device, making it unsuitable for high-frequency operations. Most institutional custody frameworks store the vast majority of assets (typically 95–99%) in cold storage, with a small operational float in hot wallets for daily liquidity needs.

The optimal architecture is tiered: a hot wallet layer for daily operations, a warm wallet layer (internet-connected but with multi-approval requirements) for larger periodic transfers, and cold storage for long-term holdings. Each layer has defined transfer policies that require escalating approval thresholds before funds can move between tiers.

Multisignature (Multisig) Custody

Multisignature schemes require multiple private keys to authorise a transaction, distributing the single point of failure inherent in single-key custody. A 2-of-3 multisig wallet, for example, requires any two of three designated private keys to sign a transaction — meaning one compromised key cannot move funds, and one lost key does not cause permanent asset loss.

Bitcoin's native scripting supports multisig elegantly. Ethereum's multisig is typically implemented through smart contracts such as Gnosis Safe (now Safe{Wallet}), the most widely deployed institutional Ethereum wallet. Safe supports M-of-N configurations with on-chain transaction queuing, role-based signer management, and module extensions for automated transaction policies.

Multisig is highly transparent — all signers and thresholds are visible on-chain — but requires coordination between key holders, which can create operational bottlenecks when rapid transaction execution is needed. The geographic distribution of key holders (different signers in different jurisdictions and physical locations) is standard practice for large institutional multisig deployments, protecting against single-jurisdiction legal seizure or physical coercion.

Multi-Party Computation (MPC) Wallets

Multi-party computation (MPC) is a cryptographic technique that distributes key material across multiple parties in a way that no single party ever possesses the complete private key. Transactions are signed through a secure computation protocol where the distributed key shares collaborate to produce a valid signature without ever assembling the full key in one place.

MPC wallets, implemented by platforms like Fireblocks, Qredo, and Zengo, provide security comparable to multisig but with significant operational advantages: MPC signing appears as a single-signature transaction on the blockchain (lower fees, simpler on-chain footprint), requires no smart contract deployment, and supports a wider range of blockchains including those without native multisig support.

The trade-off is that MPC security relies on the correctness of the MPC protocol implementation — a subtle cryptographic bug could compromise security in ways that are harder to audit than a transparent on-chain multisig smart contract. Reputable MPC providers undergo extensive third-party cryptographic audits, but the opacity relative to on-chain multisig is a genuine consideration for security-conscious institutions.

Qualified Institutional Custodians

Coinbase Prime is the institutional custody and brokerage arm of Coinbase, holding assets for major ETF issuers including BlackRock's IBIT and Fidelity's FBTC. Coinbase Trust Company is a New York State-chartered limited purpose trust company — a "qualified custodian" under US securities law — which is the regulatory status required to custody assets for registered investment advisers and hedge funds subject to the Investment Advisers Act.

BitGo, acquired by Galaxy Digital in 2023, pioneered institutional crypto custody and remains a major independent custodian. BitGo Trust Company is also a qualified custodian, holds SOC 2 Type II certification, and provides insurance coverage of up to $250 million per wallet through Lloyd's of London syndicates. BitGo's technology is used by hundreds of exchanges and institutional firms as a white-label custody layer.

Anchorage Digital holds the first and only US federal bank charter for a crypto-native institution (OCC charter, granted in 2021), enabling it to serve clients with the broadest regulatory coverage. Anchorage's custody platform is particularly strong in DeFi participation — their "connected custody" model allows institutions to stake, vote in governance, and interact with DeFi protocols while maintaining qualified custodian status on their assets.

Fireblocks operates as an infrastructure provider rather than a custodian itself — it provides the MPC technology layer and transaction workflow platform that many exchanges, banks, and fintech companies use to build their own custody operations. Fireblocks reports securing trillions of dollars in crypto transaction value and is used by hundreds of financial institutions globally.

Custody Insurance

Crypto custody insurance covers loss of assets due to theft, hacking, or internal fraud — not market price movements. Major custodians carry "crime" or "specie" insurance policies typically placed through Lloyd's of London syndicates or specialised insurers. Coverage limits range from tens of millions for smaller custodians to $250 million or more for the largest institutional platforms.

Crucially, most custody insurance covers cold storage assets only or has specific exclusions for hot wallet losses, which are considered higher-risk by insurers. The insurance market for crypto custody has grown but remains capacity-constrained relative to the total value of assets in custody, meaning no single custodian can be fully insured for the entirety of assets held.

For institutional investors evaluating custodians, the insurance question requires understanding the specific policy terms: what events are covered, what are the exclusions, what is the per-loss limit vs aggregate annual limit, and what documentation is required for a claim. Insurance certificates from custodians should be reviewed by a qualified risk professional rather than accepted at face value.

Choosing a Custody Model

For retail investors holding up to $50,000 in crypto, a quality hardware wallet (Ledger, Trezor, Coldcard) with proper seed phrase backup provides adequate self-custody. For amounts in the hundreds of thousands, a combination of hardware wallet cold storage and a well-audited multisig smart contract (Safe{Wallet}) adds redundancy. For institutional investors with millions or more in assets, or for entities subject to securities regulations requiring qualified custodian status, a regulated institutional custodian is both the practical and likely the legally required choice.

The trend in 2026 is toward "collaborative custody" — models where the client retains meaningful control (holding one of the MPC shares or multisig keys) while the custodian provides operational infrastructure and redundancy. This model, offered by Coinbase Prime, BitGo, and others, preserves the "not your keys" principle to a degree while offloading operational complexity to specialist providers.

Conclusion

Crypto custody is not a binary choice between self-custody and trusting an exchange — it is a spectrum of architectures, each with distinct security, regulatory, operational, and cost profiles. Understanding the differences between hot and cold storage, multisig and MPC, and the qualified custodian landscape is essential for any individual or institution managing significant crypto assets. As institutional adoption deepens through spot ETFs and corporate treasury allocations, the quality and diversity of custody infrastructure available has improved markedly — making secure, institutionally-grade crypto custody more accessible than at any prior point in the industry's history.