Not Your Keys Not Your Coins: Why Self-Custody Matters
Understand the meaning of "not your keys, not your coins" and why self-custody is important. Learn the risks of exchange custody vs controlling your own keys.
Uvin Vindula — IAMUVIN
Published 2026-02-28 · Updated 2026-03-01
Not Your Keys Not Your Coins: Why Self-Custody Matters
Written by Uvin Vindula (IAMUVIN) — Last updated March 2026
Introduction
"Not your keys, not your coins" is perhaps the most important mantra in cryptocurrency. It means that if you do not control the private keys to your crypto, you do not truly own it. When you leave your cryptocurrency on an exchange, you are trusting that exchange to hold your funds safely — and history has shown that trust to be misplaced many, many times.
What Does It Mean?
In the traditional financial system, your bank holds your money. If the bank fails, government deposit insurance (like FDIC in the US) typically protects you. In crypto, there is no such insurance.
When you buy Bitcoin on an exchange, the exchange holds the private keys. You have an IOU from the exchange — a promise that they will give you your Bitcoin when you ask. But if the exchange is hacked, goes bankrupt, commits fraud, gets shut down by regulators, or simply decides to freeze your account, you may lose everything.
Self-custody means holding your own private keys — typically through a hardware wallet or a secure software wallet. When you self-custody, no third party can freeze, seize, or lose your funds. But the responsibility for security falls entirely on you.
Why Exchange Custody is Risky: The Evidence
Mt. Gox (2014)
The largest Bitcoin exchange at the time lost approximately 850,000 BTC (worth billions today) to hacking. Users waited over a decade for partial reimbursement.
QuadrigaCX (2019)
The founder of Canada's largest crypto exchange died (allegedly) with the only keys to the exchange's cold wallets, locking away approximately $190 million in user funds.
FTX (2022)
One of the world's largest exchanges collapsed when it was revealed that customer funds had been secretly used to prop up a related trading firm. Billions of dollars in customer deposits were lost. This was not a hack — it was alleged fraud by the exchange's own leadership.
Other Incidents
- Celsius Network: Froze withdrawals and filed for bankruptcy, trapping billions in customer funds
- Voyager Digital: Halted withdrawals and filed for bankruptcy
- BlockFi: Filed for bankruptcy after FTX contagion
- Countless smaller exchanges have exit-scammed, been hacked, or simply disappeared
The pattern is clear: exchanges fail with alarming regularity, and when they do, it is the users who lose.
The Case for Self-Custody
- No counterparty risk: Your funds do not depend on any company remaining solvent or honest
- Censorship resistance: No entity can freeze your funds or block your transactions
- Privacy: Self-custody wallets do not require KYC or personal information
- Full control: You decide when and how to access your funds, 24/7
- True ownership: You hold the actual asset, not a promise or IOU
The Responsibilities of Self-Custody
Self-custody is not without its own risks and challenges:
- Seed phrase security: Lose it and your funds are gone forever. Get it stolen and your funds are stolen. See our seed phrase security guide.
- No recovery: There is no "forgot password" option. No customer support can help you.
- Technical knowledge: You need to understand how wallets work, how to verify transactions, and how to avoid phishing.
- Physical security: You must protect your hardware wallet and seed phrase backups from theft, fire, and natural disasters.
Self-Custody Options
Hardware Wallets (Recommended for Significant Holdings)
Devices like Ledger and Trezor store your keys offline. This is the gold standard for self-custody security. See our hardware wallet comparison guide.
Software Wallets
Applications like MetaMask, Rabby, or Exodus run on your computer or phone. They give you control of your keys but are more vulnerable to malware and phishing than hardware wallets.
Multi-Signature Wallets
Wallets that require multiple keys to authorize a transaction (e.g., 2-of-3). This adds security and redundancy but also complexity. Solutions like Safe (formerly Gnosis Safe) are popular for teams and individuals with large holdings.
A Balanced Approach
Self-custody purists argue that you should never leave any crypto on an exchange. In practice, many people find a balanced approach works best:
- Long-term holdings: Self-custody on a hardware wallet
- Active trading funds: On a reputable exchange (only what you can afford to lose)
- DeFi interaction funds: In a software wallet with limited funds
The key principle: never leave more on an exchange than you are actively trading with or can afford to lose entirely.
How to Move to Self-Custody
- Get a hardware wallet from the official manufacturer website
- Set it up properly — generate seed phrase, write it down, secure it
- Test with a small amount — send a small transaction to your hardware wallet and verify you can receive it
- Test recovery — reset the device and restore from your seed phrase to confirm everything works
- Transfer your holdings gradually from the exchange to your hardware wallet
- Verify receipt using a block explorer
- Secure your seed phrase backups using the 3-2-1 method
Proof of Reserves
After FTX, many exchanges implemented "Proof of Reserves" — cryptographic verification that the exchange holds sufficient assets to cover user deposits. While better than nothing, Proof of Reserves has limitations:
- It shows assets at a snapshot in time, not continuously
- It may not show liabilities
- The methodology varies in rigor across exchanges
- It does not prevent fraud or mismanagement between audits
Proof of Reserves is a step forward but not a substitute for self-custody of funds you cannot afford to lose.
Sri Lanka Context
For crypto users in Sri Lanka, self-custody is particularly important. Local exchanges may have less regulatory oversight than those in major markets, and cross-border legal recourse in case of exchange failure is extremely difficult. The good news is that self-custody tools like hardware wallets work the same everywhere in the world — you get the same security whether you are in Colombo or California. Check our exchanges page for reputable on/off-ramp options and our tools page for wallet resources.
Conclusion
"Not your keys, not your coins" is not just a slogan — it is a lesson written in billions of dollars of losses from exchange failures, hacks, and fraud. Self-custody is not perfect, but it eliminates the single biggest risk in crypto: trusting someone else with your assets.
If you take one thing from this article, let it be this: move your long-term holdings to a hardware wallet. The time and cost to set up self-custody is minimal compared to the potential loss of leaving everything on an exchange.
By Uvin Vindula — IAMUVIN
Sri Lanka's leading Bitcoin educator. Author of "The Rise of Bitcoin".
Learn more →Related Articles
The Bitcoin Brief: LK
Weekly Bitcoin insights, market analysis, and Sri Lanka crypto news. Join 1,000+ readers.
Unsubscribe anytime · Educational content only