Skip to main content
Custody: self vs exchange

Self-Custody Tool Comparison

Pomegra Learn

Self-Custody Tool Comparison

Choosing a self-custody tool is one of the most consequential decisions you'll make in cryptocurrency. The tool you select determines not just how convenient your custody is, but how secure your assets are, how easy recovery is if something goes wrong, and what happens if you die or become incapacitated.

Unlike exchange accounts, where the platform handles most operational details, self-custody puts you in control—and in control of your own recovery. This article compares the major categories of self-custody tools and walks through the specific tradeoffs each one creates.

Categories of Self-Custody Tools

Self-custody tools fall into distinct categories, and the choice between categories matters more than the choice between specific products within a category.

1. Hardware Wallets (Cold Storage)

Hardware wallets are purpose-built devices that store your private keys offline and sign transactions without exposing your keys to an internet-connected computer.

How they work: You generate your seed phrase on the device, it stores the seed phrase in tamper-resistant hardware, and when you want to send cryptocurrency, you connect the device to a computer, the computer shows you what transaction you're signing, the device signs it in isolation, and the signed transaction goes back to the computer for broadcast to the blockchain.

Major hardware wallet providers:

  • Ledger (Ledger Nano S Plus, Ledger Nano X): Market leader, supports 5,000+ tokens, strong security practices, user-friendly. Nano X supports Bluetooth for mobile transactions.
  • Trezor (Model T, Model One): Strong security reputation, open-source firmware, good documentation. Model T has touchscreen; Model One is more basic.
  • SeedSigner (DIY hardware wallet): Open-source, uses Raspberry Pi hardware, requires technical assembly, no proprietary firmware. Excellent for those who distrust closed-source hardware.
  • ColdCard (Mk4): Highly technical, air-gapped (can work completely offline), excellent for multisig, niche but trusted by sophisticated users.

Advantages:

  • Private keys never touch an internet-connected device
  • Relatively inexpensive ($50–200 for major brands)
  • Durable—devices last years with proper care
  • Support for most major cryptocurrencies
  • Seed phrase recovery works across most hardware wallet brands
  • Strong industry track record with few major breaches

Disadvantages:

  • If you lose the device and don't have your seed phrase backed up separately, your cryptocurrency is unrecoverable
  • Requires connection to a computer for transactions (less convenient for frequent trading)
  • Potential supply chain risk (tampered devices before purchase)
  • Firmware updates require care and attention
  • For multisig, you need multiple devices and careful coordination
  • Seed phrase backup remains a critical vulnerability

Ideal for: Long-term holders, large amounts, security-conscious individuals, anyone willing to invest time in proper backup.

Recovery profile: If the device breaks, your seed phrase recovers everything on any compatible hardware wallet. If you lose the device and don't have the seed phrase, everything is gone.

2. Software Wallets (Hot Storage)

Software wallets run on devices you already own (computers, phones) and store your private keys in encrypted form on that device.

Major software wallet options:

  • Electrum (desktop): Bitcoin-only, lightweight, power-user friendly, excellent multisig support, long development history.
  • Blue Wallet (mobile): Mobile-focused, supports Bitcoin and Lightning Network, simple interface, self-custodial or custodial options.
  • MetaMask (browser extension, mobile): Ethereum-focused, extremely popular, enables NFT and DeFi interaction, significant attack surface due to browser extension.
  • Exodus (desktop, mobile): Multichain, user-friendly, supports hundreds of coins, closed-source, strong support.
  • Monero Wallet (if using Monero): Community-maintained, focus on privacy, chain pruning, hardware wallet support.

Advantages:

  • No hardware device required (lower cost)
  • Convenient access from devices you already own
  • Fast transactions and trading (can approve instantly)
  • Good for smaller amounts or frequent transactions
  • Wide support for alternative coins and tokens

Disadvantages:

  • Private keys stored on device vulnerable to malware, device theft, software bugs
  • Requires your computer or phone to be reasonably clean and secure
  • Seed phrase recovery only works if you backed it up separately
  • Less isolation from other applications on the device
  • Device compromise exposes all your funds
  • Requires regular software updates for security patches

Ideal for: Smaller amounts, active traders, people who need frequent access, supplementary storage alongside hardware wallets.

Recovery profile: Seed phrase recovers everything if backed up. If device is infected or lost and seed phrase isn't backed up, recovery is difficult or impossible.

3. Multisig Wallets (Distributed Control)

Multisig wallets require multiple signatures to authorize transactions. A typical setup is 2-of-3 (two out of three keys needed to spend) or 3-of-5 (three out of five keys).

Multisig platforms:

  • Unchained Capital: Provides 2-of-3 multisig with one key held by Unchained, one by you, one in escrow. Expensive ($5,000+) but includes comprehensive support.
  • Casa: 2-of-3 multisig with key management support, mobile app interface, $20–100/month depending on holdings.
  • DIY Multisig (with Electrum or Sparrow Wallet): Open-source approach, no fees, requires significant technical knowledge and careful coordination.
  • Multi-Signature Bitcoin Vaults: Newer solutions using timelocks and other script features to add recovery flexibility.

How multisig works: Each party generates their own private key (possibly on a hardware wallet). To send funds, you create a transaction, have two parties sign it, and broadcast it. If one key is lost or compromised, the other signers can still control the funds.

Advantages:

  • Single key compromise doesn't lead to total loss (requires multiple keys)
  • Can design custom recovery protocols (e.g., "3-of-5 with one key held by a trusted family member")
  • Practical for estates, business operations, and high-value holdings
  • Reduces reliance on single backup strategy
  • Forces operational discipline and documentation

Disadvantages:

  • More complex to set up and manage
  • Requires coordination between multiple parties
  • Higher fees (multisig transactions are larger and cost more to broadcast)
  • Not all wallet software supports multisig equally
  • Adds operational overhead—every transaction requires multiple signers
  • If you don't properly document how to recover, heirs won't be able to access funds

Ideal for: High-value holdings, businesses, estates, situations where you want to distribute control.

Recovery profile: Depends on design. Well-designed multisig is extremely resilient—one lost key doesn't prevent recovery. Poorly designed multisig (where recovery instructions aren't documented) can make recovery impossible.

4. Air-Gapped Wallets (Maximum Isolation)

Air-gapped wallets are completely disconnected from the internet. You create transactions on an offline device, sign them on the air-gapped device, and bring the signed transaction back to an internet-connected device for broadcast.

How it works:

  • Device A (internet-connected) creates an unsigned transaction
  • Device B (air-gapped, offline) signs the transaction (scanning a QR code or using a USB drive)
  • Device A broadcasts the signed transaction

Examples: ColdCard running in air-gapped mode, Trezor T in offline mode, DIY setups with Raspberry Pi and OpenDime hardware.

Advantages:

  • Maximum security—private keys never touch internet-connected hardware
  • Extremely resistant to remote malware attacks
  • Works well with multisig
  • Excellent for high-value holdings
  • Clear, verifiable security model

Disadvantages:

  • Significant operational friction—every transaction requires two devices and coordination
  • Requires two separate devices (hardware wallet + internet device)
  • High barrier to entry technically and financially
  • Impractical for frequent transactions
  • Requires discipline about maintaining air-gap (USB contamination, malware transfer risks)

Ideal for: Very high-value holdings, long-term storage, security-critical applications, enterprises.

Recovery profile: Excellent if properly documented. The seed phrase fully recovers the holdings even if both devices are destroyed, as long as you have the seed phrase safely backed up.

Detailed Feature Comparison

FeatureHardware WalletSoftware WalletMultisigAir-Gapped
Setup DifficultyLowVery LowHighVery High
Ongoing MaintenanceLowMediumMedium-HighMedium
Transaction SpeedSlow (5-30 min)InstantInstant or SlowSlow (requires offline process)
Security vs. MalwareExcellentPoorGoodExcellent
Recovery DifficultyLow (if seed backed up)Low (if seed backed up)Medium (needs documentation)Low (if seed backed up)
Cost$50–200Free$0–2400/year$50–300+
ScalabilityGood for 1–5 major holdingsGood for testingGood for 5–50 keysGood for significant holdings
Regulatory RecognitionLimitedLimitedGrowingGrowing

Choosing Based on Holdings Size and Use Case

Under $1,000:

  • Use a software wallet (mobile-friendly, free, sufficient security for this amount)
  • Or: Start with a hardware wallet if you plan to add significantly
  • Backup: Seed phrase written on paper, stored securely

$1,000–$10,000:

  • Hardware wallet recommended (Ledger Nano S Plus or Trezor Model One)
  • Backup: Seed phrase written on paper, stored in two geographically separate locations
  • Consider: Software wallet for frequent access, hardware wallet for long-term storage

$10,000–$100,000:

  • Hardware wallet (primary cold storage)
  • Consider multisig for enhanced recovery (2-of-3 with one key held by family member or attorney)
  • Backup: Seed phrase + multisig configuration documented and stored separately
  • Insurance: Homeowner's or business insurance covering cryptocurrency loss

$100,000+:

  • Multisig strongly recommended (3-of-5 or similar)
  • Air-gapped signing device for transactions
  • Professional custody service (like Unchained) may be appropriate
  • Regular backup audits and recovery testing
  • Estate planning documents directing heirs to recovery procedure

Backup and Recovery Strategies by Tool Type

Hardware Wallet Backup

Single hardware wallet:

  1. Generate seed phrase on device
  2. Write seed phrase on paper (preferably using a steel backup product like The Billfodl)
  3. Store one copy in home safe
  4. Store second copy at bank safe deposit box or with trusted family member

Recovery test: Order a replacement hardware wallet, import your seed phrase, verify you see the same addresses and balances.

Software Wallet Backup

Backup your seed phrase:

  1. Generate on device
  2. Write on paper and photograph (or print)
  3. Encrypt digital copy with password
  4. Store paper copies in separate physical locations
  5. Test recovery by importing on a clean device

Avoid: Storing seed phrase as plain text on cloud storage or email.

Multisig Backup

Documentation required:

  1. Each participant's seed phrase (independently backed up by each person)
  2. Multisig configuration (which keys, in what order, required signatures)
  3. Signed template showing where each signature must come from
  4. Step-by-step recovery instructions
  5. List of addresses to verify correct recovery

Recovery test: Have one person follow the written recovery procedure (without the other signers consulting) and verify they reach the same result.

Air-Gapped Backup

  1. Seed phrase backed up on air-gapped device itself
  2. Secondary paper backup of seed phrase
  3. Signed transaction samples showing proper QR code format
  4. Documentation of which USB drives are "clean" and which are "hot"
  5. Full recovery procedure documented

Recovery test: Completely erase the air-gapped device, restore from backup, and send a test transaction.

Advanced Features and Emerging Tools

Seed phrase passphrases: Most modern wallets support an additional passphrase protecting the seed phrase. This adds a second factor of protection (someone needs both the seed phrase and the passphrase to access funds). Requires very careful documentation, as losing the passphrase makes recovery impossible.

Hardware wallet firmware verification: Some wallets (ColdCard, Trezor T) allow you to cryptographically verify firmware before using it. This is advanced but important for high-value holdings.

Timelocks and recovery scripts: Bitcoin and some other blockchains support sophisticated scripts that lock funds for a period or require multiple signatures. Tools like Casa and Unchained use these for advanced recovery scenarios.

Threshold schemes: Some multisig services use mathematical threshold schemes (Shamir's Secret Sharing) instead of traditional multisig, allowing you to split a key into pieces where any N of M pieces can reconstruct it.

Inheritance planning: Several wallet providers (Unchained, Casa, others) now offer "digital inheritance" where you designate beneficiaries and document how to access funds after your death.

Security Considerations Across Tools

Private key generation location:

  • Hardware wallets generate keys in isolated hardware (good)
  • Software wallets generate in potentially compromised software (risky)
  • DIY air-gapped generation is most secure

Firmware and software updates:

  • Hardware wallets: Updates optional but recommended for security patches
  • Software wallets: Updates essential; skipping updates exposes you to known vulnerabilities
  • Multisig: Update all participating devices/software together to maintain compatibility

Seed phrase exposure:

  • Paper backups risk physical theft, fire, water damage
  • Digital backups risk hacking and unauthorized access
  • Optimal: One paper backup in secure physical location, zero digital copies
  • Never: Photography of seed phrase stored on cloud, email, or internet-connected devices

The Recovery Test You Should Run

Before you actually rely on a tool, test recovery:

  1. Write down your backup (seed phrase or multisig configuration)
  2. Set aside the original tool (don't touch it)
  3. On a clean device, import or recreate your wallet using only the backup
  4. Verify addresses match: Check that addresses you expect to see appear in the recovered wallet
  5. Send a test transaction: Move a small amount ($10–100) from the recovered wallet
  6. Verify receipt: Confirm the transaction appears on the blockchain

If any step fails, fix it before trusting the backup with significant amounts. Many people discover their backup was incomplete only after losing the original device.

Key Takeaways

  • Hardware wallets offer the best balance of security and usability for most people holding $1,000+
  • Software wallets are convenient but require a very clean device and are only safe for smaller amounts
  • Multisig provides superior recovery resilience and is worth the complexity for $10,000+
  • Air-gapped setups are overkill for most but essential for extremely high-value holdings
  • Backup is more important than the tool itself—a well-backed-up hardware wallet is more secure than a poorly backed-up multisig
  • Test your recovery before relying on it—don't discover your backup is broken after losing the original
  • The tool that's best is the one you'll actually use and maintain—consistency and discipline matter more than theoretical security

Your custody tool is only as good as your backup strategy and your commitment to maintaining it. Choose a tool that matches your security requirements, holdings size, and willingness to manage complexity, then invest equal effort in documenting and testing recovery.