Self-custody for digital assets
Self-custody is a token distribution option that enables you to have sole responsibility over your digital assets and over the management of your private keys, without the need of a third party to act on your behalf.
If you have made the choice to control your digital assets yourself, you should be aware that there are different kinds of self-custody solutions and that those solutions vary in their security and ease of use. Before you decide on a specific self-custody solution, you should spend some time learning about the various options available and how they differ.
This guide provides a brief introduction to the concept of cold storage as part of your custody strategy and the most common types of cold storage currently available.
For additional information about cold storage and other custody options, you should do your own research and be sure that you understand the ramifications of your choices thoroughly before proceeding.
Cold storage means that you are keeping private keys stored offline in a device that is not connected to the Internet. Cold storage is a popular solution for self-custody of digital assets because it makes it more difficult for your keys to be compromised if there is a software security breach or if your cold storage solution is lost or stolen.
For more information about approaches to cold storage and best practices for securing your private keys, see the following additional resources:
Common cold storage options
The most common types of cold storage include the following:
A hardware wallet is a physical device that holds your digital assets. Private keys are stored in a secure part of the device that does not come into contact with the Internet. The partitioned storage on the physical device reduces the risks that are associated with devices connected to the Internet. Because you are relying on a physical device, however, losing the device also means losing access to your digital assets.
In most cases, you can recover from the loss of a hardware wallet because the assets stored on hardware wallets are secured using a secret seed phrase. If you copy and secure the seed phrase—for example, by storing it in the form of a paper wallet—you can initialize a new device with the seed phrase and regain access to your digital assets.
For more information, see crypto wallets, explained.
An air-gapped computer is isolated from insecure networks that interact with the Internet or unsecured local area networks in your home.
Converting a standard personal computer or similar device into an air-gapped computer might require you to physically remove network cards, disable certain software, or be prepared to completely wipe the machine before connecting it to the Internet again.
Depending on how secure you want your air-gapped computer to be, one option is to use a bootable image that provides a minimal operating system to collect your digital assets then remove any artifacts from that process and reboot the computer normally after completing any transaction. For more information, see extreme security measures for the extra paranoid and the ultimate defense: what is an air gapped computer?.
A paper wallet is a piece of printed paper that contains your important key information (in some cases, even a QR code) and is used for facilitating digital asset transactions. Paper wallets are often not recommended because they are susceptible to degradation and could be insecure or lost or stolen easily.
As a backup to a hardware wallet, however, you might want to create a paper wallet and store it in a secure location such as a safe deposit box.
For more information, see paper wallets.
Keeping assets safe
It is ultimately your responsibility to research the cold storage and custody solutions available to you.
Regardless of the type of self-custody solution you select, it is also your responsibility to keep your digital assets safe.
With this in mind, you should take note of the following general recommendations:
Do not use a work computer to configure a digital asset storage solution. Your private personal data could be lost or compromised while hosted on a work computer, especially if that computer is routinely connected to the Internet.
Do not leave your cold storage wallet or any private information in a public place where it could be compromised.
Do not lose your private key or your seed phrase. If lost, you will be permanently unable to access your digital assets.