If 2022 taught that something is that we should
be careful about how we store our crypto. That We shouldn't entrust all our funds to centralized
entities and that controlling our private keys is The only way to get rid of the counterparty
risk. But critics say that self-custody is Too complicated and cumbersome for most crypto
users. If not done it correctly, managing your Private keys could be even riskier than trusting a
third-party custodian. So what is the best way to Keep your crypto safe? Is self-custody really the
most reliable option? In this video, we discuss The nuances of crypto storage with James Check,
lead on-chain analyst at Glassnode. I'm Giovanni, On this show we challenge the ideas that are
shaping the world of crypto. In each episode, we Challenge a crypto narrative, a price outlook, or
a potentially disruptive technology. Only the most Solid ideas will make it to the other side. This
video is presented by our sponsor, Web3 Antivirus, A security solution that helps protect users from
online threats and scams on the decentralized web. Okay, James, so let's start from the basics. So What is self-custody according
to you and why it is important? Sure. I mean, the concept of self-custody is
essentially taking ownership of these bare Assets. Now, when people who are brand new to
the digital asset space kind of asked me this Question, I think the best analog is like holding
physical cash, it's like holding physical gold. And the reason why it's important is that
it's really one of the key innovations of Bitcoin being a bare asset, a bare, hard asset
that you can actually hold outside the system. And as we've seen over the course of 2022,
there were several instances where we had Centralized entities who are the custodians
who overleveraged, lent out customer assets, Or just otherwise gambled them away. So in all
of those instances, if you're not holding your Own assets, then you are essentially liable.
They are a liability on someone else's balance Sheet. And you know, these people, many of
them ended up with zero. So in many ways, It's one of these few, the first time we've had a
digital asset that you can hold in your own keys In a bare format. And really it overcomes one of
the largest problems with gold, which was that It is naturally centralized by design because
gold coins are just really hard to move around. A few days ago we saw that a Bitcoin core
developer was the victim of a hack in which He lost control of his Bitcoin. So he was
doing self-custody and he had $3.5 million Worth of bitcoin stolen in a hack. So we don't
exactly know for sure what happened, or what Are the details of this, but what I want
to focus on is the reaction that this Event sparked specifically on crypto Twitter.
Basically, a lot of people were saying that if A Bitcoin core developer couldn't handle
self-custody wasn't able to self-custody, Then how would an average user do it?
People say that this is too complicated And risky for the average user. So what is
your comment on those types of reactions?
Yeah, I mean, I completely disagree that
having a core developer losing their coins, As unfortunate as it is, at the end of the day,
I'm also an average person and I've managed to Do self-custody. If you have gold in your
vault, if you have cash in your wallet, It's the same concept. You need to exercise
a level of responsibility. So understanding What those attack vectors are and in many
instances, you know, 24 words or 12 words, Which is your ultimate seed phrase, that is
essentially no different from saving your Password for a password manager. Right. Or a
password for your bank account. So it's the Exact same concept. Yes, there are risks, but at
the same time, we as humans, our job and what we Do is assess risks. There are no solutions,
only trade-offs. And the trade-off is you're Removing that liability on third parties. But you
have to look after a 12 or 24-word seed phrase. OG Bitcoiner Udi Wertheimer makes a case
specifically against seed phrases. He says That this list of words is very difficult to
keep safe for years and learn how to do is Also very difficult. He recommends
using custody solutions that don't Require handling the seed phrase yourself.
What do you think about these statements? I think that the example he's probably alluding
to is things like collaborative custody, like, You know, Unchained and some of these companies
who give you a two or three or a three or five, Whatever your setup is, they can provide you
with a collaborative custody solution. They're Absolutely a fantastic solution. I'm glad
that they exist. But if your weakest link Is somebody getting into your email account to do
the social recovery for you, right? They can do Reset passwords. They get the link, suddenly they
get your funds. So it's one of those things where Collaborative custody is important. It solves
a certain problem, but you open up a different Attack vector, which is what happens if you lose
the password to your email account. So at the end Of the day, all of this actually boils down to
what is the weakest link in your security setup? And there is no correct answer. It is a process
that people need to go through. It's a personal Decision. At an individual level. It's the same
as all privacy, all security online. What is your Weakest link? If somebody can get into your master
email account and reset all of your bank passwords And access your social recovery, then you may as
well have had 12 words written down a book in the Back of your cupboard. So, you know, at the end of
the day, identifying what is the weakest link is Not a difficult process. It's just a process
people actually need to do the work for. And It's no different to whether you're doing social
recovery or a pure self-custody type set up at The end of the day comes down to education and
spending the required hours to look after the Wealth that you're putting into this wallet. If
you're not willing to put more than 5 minutes into It, then don't put more than $5 into it. If you're
willing to do 100 hours now, you can start talking About doing your significant sums of savings.
So again, everything scales with the use case.
So when you talk about these weak links, What do you mean exactly? Can
you give us a practical example? So let's say you have a password manager and you
put your 12 words inside your password manager and Then you post your password manager's password to
your Dropbox. Somebody getting into your Dropbox Is the weakest link because that is the pathway
by which they will access. You kind of look at It as like a flow chart. If your seed phrase is
locked in a vault and that's the only place that It exists, then somebody breaking into your house
and stealing that 12 words, that is your weakest Link. So it's about identifying if the attack
vector is that you're going to lose your 24 words, What are the multiple pathways that somebody
could use to actually get to those 24 words and Essentially identifying what is the weakest part
of that puzzle that will essentially give them up. Another point Made by Wertheimer is that different types of
crypto use require a different type of custody. So he makes the point that, yeah, holding your
coins in a hardware wallet is a good solution if You are storing your wealth for the future, for
future generations, or for anyway for the long Term. But if you use your crypto for swapping
NFTs ten times per day or for on-chain trading, Then holding your crypto on such a hardware
wallet is not the most user-friendly, comfortable Solution. Don't you think that it depends also
on the usage that you are making of that crypto? Of course, and it's about having the
right tool for the right job. You know, In my personal setup, I have cold
storage, I have warm storage, Which is coins that I have on my mobile,
but I cannot just send with my mobile. You still need a hardware device to actually send
them. You've got cold storage that's completely Separated from the Internet at all times and
is very secure. And then I have a hot wallet, Which is if I need 100 bucks, 200 bucks to just
move around or do an intermediary transaction, Then you have a hot wallet that's just a wallet
on your phone, right? It comes down to the right Tool for the right job. And with all of these
things, you have different levels of security. Wertheimer points out that third-party
custodians are not always bad. For example, He makes the example of Michael Saylor. So
Michael Saylor stores his crypto, apparently, In a third-party custodian.
And he said that if he does it, Then why wouldn't the average user do it?
And then he also says you can put part of Your holdings on different third-party
custodians, on different, for example, Exchanges, in order to minimize the risk. What do
you think about this solution as an alternative? Yeah, I mean, you know, I'm going to disagree with
Udi on this one because if you think about it, So let's just take the Michael Saylor approach.
I'm quite positive that the custodial setup that Michael Saylor and Michael and MicroStrategy
have, If the bill from Coinbase or whoever their
Custodian is, if the bill came to you and I, it
would send us broke, right? The amount of money That he would be paying in order to obtain that
level of custody and that whole solution, it's not Feasible for the average person. So really what
you're saying there is that people just deposit Across all these exchanges. Okay, So what is the
weakest link? Well, the weakest link is you now Have let's just say, for example, five exchanges.
You've split your deposits one-fifth in each. Now You have to manage five different passwords and
five different two-factor authentication methods. So when you actually peel back that onion, the
solution that Udi is proposing is far worse Because you have more passwords, more two-factor,
and you still have third-party custodial risk. Yeah, that makes sense. Although having
to remember those passwords is not as Critical as when you remember you have
to remember your seed phrase because I Think there are retrieval systems in
case of exchanges and third parties, While there are no retrieval systems
in the case you lose your seed phrase. Of course, but it comes down to trade-offs, It comes down to hardware. You know, there are
mitigation solutions even within that framework To make it really, really difficult
for you to lose your coins. When that accident happened, you pointed
out on Twitter how you would recommend An average user to approach self-custody.
So can you guide us through this process? As I mentioned, it is a learning journey, right?
When you start with your first by just downloading An app, you know, in terms of Bitcoin wallets
like a Nunchuck or a Green Wallet or any of These self-custodial wallets, they give you the
12 words. They're very, very simple to set up. And you can start storing coins there, right?
Very, very simple. All supported by exchanges, Really, even in the modern era, are pretty
hard to get wrong. So you can start with A mobile wallet, right? Everyone's
going to mobile phone. Fairly simple. As you start to build up your holdings, you've
got some kind of meaningful wealth, you know, A couple of thousand dollars. It's starting to
get meaningful. Well, investing in a $120 Ledger Or a cold card or something to just give you
that extra security is really the next logical Step. Now the Ledger and Trezors are super,
super easy from a user interface perspective. You know, people who have multiple coins,
and these things offer you a really clean User interface. Again, once they're set up and
you've done the initial setup with the 12 words, So you're used to this, the transfer across
to a hardware wallet is a pretty, pretty basic Next step, right? You're not scaring yourself by
going all the way to a multisig with six devices. You're just starting with 12 words, a
mobile app, hardware wallet. And then Once you get beyond that, the next step is really
to start thinking about, you know, if you've got A meaningful amount of wealth, you can start to
think about do you have multiple hardware devices?
Do you move to something like a cold card that
gives you more options in terms of passphrases? You know, do you actually have multiple
signing devices? Is that actually keeping It simple or are you making it too complex for
yourself? So experiment, find the software, Find the wallet, try different things,
try different hardware vendors. You know, I've been in this industry for almost six years
now, and I've used most hardware wallets, right? You buy one version of each one and you just play
around with it, see what works, and eventually, You settle on, I like this. This makes sense.
I understand it. Here's my process. And again, It scales with your holdings. $100,
who cares? $100 grand. Different story. Awesome. Yeah, I think that was
a great overview of the different Approaches that people can use for this,
and hopefully, people watching will be Able to think about it and choose their
own personal solution for self-custody. So yeah, thanks a lot, James, for
coming on our show, and Happy New Year! Thank you. Happy New Year.
Coinbase is a popular cryptocurrency exchange. It makes it easy to buy, sell, and exchange cryptocurrencies like Bitcoin. Coinbase also has a brokerage service that makes it easy to buy Bitcoin as easily as buying stocks through an online broker. However, Coinbase can be expensive due to the fees it charges and its poor customer service.