Ficha - A home for serious bitcoin

Q: Is self-custody always better?

Not universally. Self-custody maximizes control, but it also concentrates operational responsibility. Custody services trade key management for administration and process. The right choice depends on your ability and your time horizon.

Q: What is full-reserve custody?

Full reserve means client bitcoin is held 1:1 and is not lent, pledged, or used as collateral. Custody is safekeeping, not a yield product.

Q: What is the most common failure in custody relationships?

Access becoming conditional: delays, changing requirements, or withdrawal restrictions. Predictable, on-chain withdrawals are the practical test.

Q: How should I think about using both self-custody and a custodian?

Many serious holders use a hybrid: some bitcoin in self-custody for direct control, and some with a trusted custodian for administration, continuity, or succession needs.

Ficha

What is bitcoin custody

Custody is control over the private keys that authorize bitcoin transactions. Whoever holds the keys can move the bitcoin. There is no appeals process, no customer service, no central authority to reverse a mistake.

This is different from most financial assets. Stocks, bonds, and bank accounts have intermediaries, regulations, and recovery mechanisms. Bitcoin has none. The network doesn't know or care who "should" own a given bitcoin. It only knows which keys can sign for it.

Custody is not storage. Storage is where keys are kept. Custody is who controls them, under what conditions, with what safeguards. A custody solution answers:

Who can authorize a transaction?
What happens if someone loses access?
What happens when you die?
How is the key protected from theft, coercion, or failure?

Good custody is not about technology alone. It's about designing systems that remain secure and accessible over time.

Key terms

Private key: A secret number that authorizes spending bitcoin.
Seed phrase: A list of words that can restore a wallet. Treat it as a master key.
Hardware wallet: A device that signs transactions without exposing keys to a general-purpose computer.
Multisig wallet: A wallet requiring multiple keys to authorize a transaction (e.g., 2-of-3). See multi-signature.

Self-custody vs custodial solutions

Two fundamental approaches: holding the keys yourself, or delegating that responsibility.

In practice there's a spectrum: from single-key self-custody, to multisig self-custody, to collaborative custody (where you hold one key and a provider holds another), to fully custodial accounts.

Approach	Control	Main Advantage	Main Risk
Self-custody (single-key)	Full	Sovereignty, no counterparty risk	Key loss, theft, inheritance complexity
Self-custody (multisig)	Full	Redundancy, no single point of failure	Configuration complexity
Collaborative custody	Shared	Recovery support, reduced unilateral risk	Partner selection, privacy
Custodial	Delegated	Operational simplicity, succession support	Counterparty risk, withdrawal dependence

Self-custody

You control your own private keys (hardware wallet, multi-signature setup, or some combination). No one can move your bitcoin without your authorization.

The advantage is sovereignty. No institution to depend on, no counterparty risk. The disadvantage is responsibility. You must protect keys from loss, theft, and your own mistakes. You must plan for incapacity and death.

Self-custody works well for people who are technically comfortable, have robust procedures, and have made inheritance arrangements. It works less well for people who travel frequently, have complex estate situations, or don't want the operational burden.

Custodial solutions

You entrust bitcoin to an institution that holds keys on your behalf. You have a claim on bitcoin, but you don't control the private keys directly.

The advantage is operational simplicity. The custodian handles security, backups, and (ideally) continuity planning.

The disadvantage is trust. You're relying on the custodian to actually hold the bitcoin they say they hold, remain solvent and operational, honor withdrawal requests, and maintain adequate security. This is counterparty risk.

These aren't trivial assumptions. The history of bitcoin includes many custodial failures: outright fraud, operational incompetence, and business models that put client assets at risk.

The choice depends on your situation

Neither approach is universally better. The practical question is which failure mode you're choosing.

Self-custody concentrates risk in your own processes. Custodial solutions concentrate risk in incentives and access: whether the institution is fully reserved, competent, and willing to honor withdrawals.

Many serious holders use both: some bitcoin in self-custody for sovereignty, some with a trusted custodian for operational simplicity or succession planning.

How custody fails

Understanding custody means understanding how it breaks. Failures are rarely surprising to people paying attention. The same patterns repeat.

In self-custody

Most failures are mundane:

Lost keys. Seed phrase written on paper that gets thrown away, damaged, or forgotten.
Stolen keys. Phishing, malware, or physical theft of backups.
No inheritance plan. Keys that die with their owner, leaving heirs unable to access bitcoin.
Complexity failures. Sophisticated setups the owner can no longer reconstruct or operate.

In custodial solutions

Failures follow predictable patterns:

Business model risk. Custodians that need client assets to generate yield, run trading desks, or fund operations. When those activities fail, custody fails with them.
Fractional reserves. Custodians holding less bitcoin than they owe clients, sometimes intentionally, sometimes through poor accounting.
Operational incompetence. Security breaches, key mismanagement, or mistakes resulting in lost bitcoin.
Withdrawal restrictions. Custodians that become unable or unwilling to honor requests (due to liquidity issues, regulatory pressure, or arbitrary policy changes).

The common thread: client access becomes conditional on things the client didn't agree to. Your ability to withdraw depends on the custodian's financial health, operational state, or policy decisions.

→ Read: What Breaks Custody

Full reserve and why it matters

Full reserve is a simple principle: if a custodian says they hold your bitcoin, they actually hold your bitcoin. One-to-one. Not invested, not lent out, not used as collateral.

This sounds obvious, but it's not the default in the broader financial industry, and it hasn't been universal in bitcoin either.

What full reserve excludes

A genuine full-reserve custodian does not:

Lend client bitcoin to borrowers in exchange for yield
Pledge client bitcoin to secure the institution's own obligations
Rehypothecate client bitcoin for any purpose
Invest client bitcoin in any financial product

These activities aren't inherently illegitimate. A lending platform or yield product can be reasonable if clearly disclosed. But those are finance products, not custody. The categories should not be mixed.

Why it matters for bitcoin specifically

Bitcoin has a real alternative to custodial services: self-custody. This raises the bar.

If you're giving up self-custody, you should get something in return: operational simplicity, professional administration, estate planning support. What you should not get is hidden financial exposure.

Full reserve keeps the custody relationship clean. The custodian's job is safekeeping. Your bitcoin sits there until you move it.

→ Read: Full-Reserve Custody

Security fundamentals

Security in bitcoin custody is not about impressive technology or complex procedures. It's about eliminating categories of failure.

Cold storage

Cold storage means keeping keys on devices not connected to the internet. This eliminates the largest category of attack: remote hacking.

A competent custody operation keeps the vast majority in cold storage, with only operational minimum in online systems.

Multi-signature

Multi-signature arrangements require multiple keys to authorize a transaction. A 2-of-3 setup requires any two of three keys.

This eliminates single points of failure. No single key compromise results in loss. No single person can act unilaterally. Keys can be distributed across locations, people, and institutions.

→ Read: Bitcoin Multisig Guide

Geographic distribution

Spreading key material across multiple physical locations protects against regional disasters, facility compromises, and jurisdictional risks.

Two "backup" systems in the same data center aren't truly redundant. Real resilience requires actual geographic separation.

Operational discipline

The most common failures are human, not technical. Someone clicks a phishing link. Someone shares a password. Someone bypasses a procedure.

Strong operational security means defined procedures for sensitive operations, separation of duties, least-privilege access, background verification, and regular testing.

What good security doesn't look like

Security theater is common: "military-grade encryption" (all modern encryption is adequate), detailed public descriptions of security measures (which help attackers), long lists of certifications with no operational substance, insurance as substitute for prevention.

Real security is boring. Consistent execution of sound practices, not impressive marketing.

→ Learn about our security standards

How to evaluate a custody provider

If you're considering a custodial solution, focus on these areas.

Business model

How does the custodian make money? This matters more than almost anything else.

A custodian earning from custody fees has aligned interests: they profit when you hold quietly and your bitcoin remains safe.

A custodian that needs you to trade, borrow, or use other products has different incentives. They profit from your activity, which may not be in your interest.

Ask: Can this business survive with clients who simply hold bitcoin and do nothing else?

Reserve model

Does the custodian maintain full reserves? Are client assets segregated? Can they be used for any purpose?

Clear answers matter. If a custodian can't simply say "we hold 1:1 reserves and do not use client bitcoin for any purpose," investigate further.

Ask what evidence they provide (audits, attestations, proof-of-reserves) and what those reports do and do not prove.

Withdrawal policy

How the custodian treats withdrawals reveals their operations and incentives.

A healthy custodian treats withdrawals as routine. The policy is clear, the process predictable, no friction designed to discourage exits.

Warning signs: vague or changing policies, increasing verification requirements, unexplained delays, any indication the custodian is uncomfortable with you leaving.

Communication style

Marketing hyperbole and constant reassurance are not good signs.

Look for clear documentation, straightforward answers, transparency about limitations, and honest acknowledgment of what they do and don't do.

Track record

How has the custodian behaved over time? Have they honored withdrawals reliably? Been transparent about incidents? History of changing terms?

One impressive document matters less than years of consistent behavior.

Scope of services

What else does the custodian do? A focused custody provider is generally more trustworthy than a platform offering custody alongside trading, lending, staking, and a dozen other products.

Complexity creates risk. Every additional service is another potential failure mode.

Custody as a long-term relationship

If you're holding bitcoin for years or decades, custody isn't a one-time decision. It's an ongoing relationship.

Watch for drift

Institutions change. A custodian focused on custody might expand into riskier activities. Policies shift. Incentives change.

Review periodically: does this custodian still operate the way they did when you chose them? Have they added products or changed policies that alter the relationship?

Maintain optionality

Your ability to withdraw should always be real. Test it occasionally. Ensure you know how the process works. Don't let all your bitcoin become locked in a system you haven't verified.

This is true even if you have no intention of leaving. The option to exit is what keeps the relationship honest.

Plan for succession

What happens to your bitcoin when you die?

In self-custody, succession means ensuring heirs can access and use your keys (documentation, education, careful planning).

In custodial arrangements, succession means understanding the custodian's policies for transferring accounts, beneficiary designation requirements, and how they handle inheritance.

The relationship that matters

At its best, custody fades into the background. You hold bitcoin for years because the basics stay true: policies stay stable, withdrawals work predictably, recovery and succession are not improvised.

That invisibility is the product of good design: clear policies, sound security, aligned incentives, and an institution built to remain reliable over time.

Whether you hold your own keys or delegate to a custodian, the goal is the same: bitcoin that remains secure and accessible, through whatever comes next.

→ Learn about succession planning → Our continuity standards

Further sources

Bitcoin: A Peer-to-Peer Electronic Cash System (whitepaper). Foundational design including final settlement and key-based control.
Bitcoin Developer Guide: Wallets. How wallets generate keys, sign transactions, and manage recovery.
SEC Investor Bulletin: Crypto Asset Custody Basics for Retail Investors. Regulator primer on custody risks.
Interagency Statement: Crypto-Asset Safekeeping by Banking Organizations (FDIC/OCC/Fed). Risk management for safekeeping services.

Bitcoin Custody: How to Protect Bitcoin for the Long Term