In this guide
- Start with the non-negotiables
- Reserves and asset use
- Segregation and failure scenarios
- Withdrawal policy and exitability
- Security architecture
- Transparency and evidence
- Business model and incentives
- A printable checklist
Start with the non-negotiables
Before evaluating details, define what you require.
For most serious holders:
- You can withdraw on-chain to an address you control.
- Client bitcoin is held 1:1 and is not used for lending, collateral, or yield.
- Terms are clear, stable, and understandable before you deposit.
If any of these are not true, the relationship is not custody in the strict sense. It is a different financial product.
Reserves and asset use
Ask directly:
- Do you hold 1:1 reserves for client bitcoin?
- Can client bitcoin be used for any purpose (lending, rehypothecation, collateral, internal financing)?
- Are there circumstances where bitcoin becomes encumbered (pledged, pooled, or subject to claims)?
Clear answers matter. A custody provider should state plainly that client bitcoin is held fully reserved and not deployed.
→ Read: Full-Reserve Custody → Read: Why We Don't Offer Yield
Segregation and failure scenarios
Segregated custody can mean different things. Ask for plain-language descriptions.
- Is ownership tracked as an internal balance, or are assets clearly attributable to clients?
- What happens to client assets if the provider enters bankruptcy?
- Are client assets treated as client property or as part of the provider's estate?
- What jurisdiction governs the custody agreement?
If the provider cannot describe failure scenarios clearly, you do not know what you are buying.
Withdrawal policy and exitability
Withdrawals are the trust test. Evaluate the policy before you deposit:
- On-chain settlement: do withdrawals settle on the bitcoin blockchain?
- Address control: can you withdraw to your own wallet?
- Timing: what is the stated processing window, and what conditions can extend it?
- Limits: daily limits, minimum balances, or other constraints?
- Verification: what requirements exist (KYC/KYB, whitelisted addresses), and can they change?
Then test it. A provider with healthy operations treats withdrawals as routine.
→ Read: Bitcoin Withdrawals Guide → Read: Exitability, Withdrawals, and Finality
Security architecture
Security is the elimination of failure modes, not marketing claims.
Ask how the provider protects against:
- Remote compromise (key isolation, hot wallet exposure and controls)
- Insider risk (separation of duties, approvals, least privilege)
- Key loss (redundancy, geographic distribution, recovery procedures)
- Operational drift (procedure testing, periodic reviews, incident response)
Also ask what the provider does not disclose publicly, and why. Good security avoids turning sensitive detail into public instruction.
→ Read: Bitcoin Security Guide → Read: Disclosures That Matter
Transparency and evidence
Ask what evidence exists and what it actually covers:
| Evidence Type | What It Covers | Limitations |
|---|---|---|
| SOC 2 Type I | Controls design at a point in time | Does not test operating effectiveness |
| SOC 2 Type II | Controls operating over a period | Scope may exclude key areas |
| Proof of reserves | Assets held at a snapshot | Does not prove liabilities or solvency |
| Attestations | Specific claims at a point in time | Narrow scope, not a full audit |
Then ask follow-through questions:
- Does the evidence cover controls (how they operate) or assets and liabilities (what they owe and hold)?
- Is it point-in-time or does it cover behavior across a period?
- What is explicitly out of scope?
The goal is not one decisive artifact. It is a consistent pattern of verifiable behavior over time, paired with a withdrawal process you can test.
Business model and incentives
The business model determines incentives.
- How does the provider make money? Custody fees, trading, spreads, or yield?
- Can the business survive if clients do nothing but hold for years?
- What other products exist, and do they create pressure to deploy client assets?
Complexity creates risk. A focused custody provider is often safer than a platform offering custody alongside trading, lending, and constant feature expansion.
→ Read: What Breaks Custody → Read: Understanding Bitcoin Banks
A printable checklist
Custody model
- Provider states 1:1 reserves for client bitcoin
- Provider states client bitcoin is not lent, pledged, or rehypothecated
- Assets are segregated in a way the provider can explain plainly
- Failure scenarios (insolvency, operational disruption) are addressed in writing
Withdrawals
- Withdrawals settle on-chain to addresses you control
- Policies include clear timing, limits, fees, and verification steps
- No language granting broad discretionary withdrawal suspension
- You can test a withdrawal periodically without friction
Security and controls
- Hot wallet exposure is limited and controlled
- Multi-person approvals and separation of duties exist
- Procedures are tested and reviewed regularly
- Recovery and continuity processes are defined
Transparency and evidence
- Provider offers meaningful evidence and explains scope
- Provider can explain what proof-of-reserves does and does not prove
- Communication is clear and factual, not marketing-heavy
Incentives
- Provider's revenue does not depend on client trading activity
- Provider does not need to deploy client assets to survive
- Product scope is focused
If you cannot get clear answers, assume you are accepting additional risk. Size accordingly and keep your exit path real.
Further sources
- SEC Investor Bulletin: Crypto Asset Custody Basics for Retail Investors. Checklist-style primer on custody risks.
- Interagency Statement: Crypto-Asset Safekeeping by Banking Organizations (FDIC/OCC/Fed). Risk-management expectations.
- AICPA: SOC 2 overview. Understanding SOC 2 Type I vs Type II.
- Bitcoin Core: Output script descriptors. Standard for representing wallet policy.
