Self-custody means one thing: you hold the keys, and nobody else can move your funds without you. That's it. No custodian, no withdrawal queue, no support ticket between you and your money.
The conversation around self-custody never really went away, but it gets louder every few years — usually after an exchange collapses or a custodian freezes withdrawals. We've been here before, and we'll be here again. The macro environment doesn't help: tightening regulation, opaque balance sheets, and a steady drumbeat of "we are pausing withdrawals" announcements have a way of focusing the mind.
This article isn't going to tell you that self-custody is right for everyone, every coin, every dollar. It's going to lay out what the options actually are, what fails when things fail, and what the honest trade-offs look like.
The three custody models
There are essentially three ways your crypto can be held, and the differences matter more than the marketing usually admits.
Full custody. An exchange or platform holds the private keys. You have an account balance, not coins. When you "send" or "withdraw," you're really asking them to do it for you. Easy onboarding, password recovery, fiat ramps — but you're trusting a third party with your funds, their operational competence, and their solvency.
Partial custody. A service holds the keys but commits, technically or contractually, to letting you withdraw on demand. Some neobanks, some staking services, and some "earn" products work this way. Slightly better than full custody in good times, but in a crisis the distinction often evaporates: if the platform halts withdrawals, "on demand" becomes "eventually, maybe."
Full self-custody. You hold the keys yourself, usually via a seed phrase you alone control. No counterparty stands between you and the chain. You can transact whenever you want, but you are also fully responsible for backups, device security, and not losing the seed.
Each model trades a different kind of risk for a different kind of convenience.
What actually fails when custodians fail
The phrase "not your keys, not your coins" gets repeated until it sounds like a slogan. It isn't a slogan; it's a description of a specific failure mode that has played out, on the record, more than once.
Commingled funds. Most exchanges pool customer assets into shared wallets. If reserves don't match liabilities — for any reason — there is no individually segregated balance for you to claim. Everyone is a general creditor of the same pile.
Rehypothecation and internal lending. Some custodians lend out customer assets to generate yield or to fund their own positions. When those bets sour, the assets that were supposed to back your balance simply aren't there anymore.
Regulatory and legal freezes. A platform can be perfectly solvent and still be ordered to halt withdrawals by a regulator, court, or law-enforcement action. Your access depends on a jurisdiction's good mood.
Internal fraud and operational failure. Lost keys, insider theft, sloppy operational security, mismanaged hot wallets.
The historical record is unambiguous. Mt. Gox, then the largest Bitcoin exchange in the world, collapsed in 2014 after roughly 850,000 BTC went missing from its custody; creditors are still being made whole more than a decade later. FTX, valued at $32 billion in early 2022, collapsed that November when customer funds turned out to have been used to backstop an affiliated trading firm. Different decades, different jurisdictions, same structural failure: customers held IOUs, not coins.
What self-custody actually is, mechanically
Self-custody sounds abstract until you see the moving parts. It really is just three things.
A seed phrase. Typically 12 or 24 randomly generated words. This seed is the master secret — it deterministically derives every private key your wallet will ever use. Anyone who has the seed can spend the funds. Nobody who lacks it can, including the wallet's developer.
Derived private keys. From the seed, your wallet derives the actual signing keys for each blockchain and account. You don't usually touch these directly; the wallet manages them for you.
Signed transactions. When you want to send funds, your wallet uses the private key to produce a cryptographic signature, then broadcasts the signed transaction to the network. The chain accepts it because the signature is valid. No human approval anywhere in the path.
That's the whole stack. There is no customer service to call, because there is no service involved.
The honest trade-off
If we stopped here, the recommendation would be obvious: hold your own keys, end of story. But that would be dishonest, because self-custody moves the failure mode rather than eliminating it.
When you self-custody, you become the single point of failure. Lose the seed phrase and the funds are gone — no support team can recover them, by design. Forget a wallet password without a backup and you can be locked out of your own coins. A malware infection on the device that holds the seed can drain a wallet before you notice. A drive failure plus a missing paper backup is a catastrophic loss event. The technology removed the custodian; it didn't remove the responsibility.
This is exactly the failure mode SSP is built to address. Rather than concentrate everything on one secret on one device, SSP uses a 2-of-2 multisignature design: signing a transaction requires both your desktop wallet and your mobile device to cooperate. A single compromised seed, a single stolen laptop, or a single phishing attempt isn't enough to move your funds. The aim isn't to make self-custody perfectly safe — nothing is — but to remove the "one mistake, total loss" cliff that traditional single-key wallets put you on.
Where to go from here
If you've decided self-custody is worth trying, the next step is a practical one: a wallet you can actually use. See Setting up your first SSP wallet for a walk-through.
If you want to understand why the 2-of-2 design changes the math on single-device failure, read What is 2-of-2 multisig? next. Self-custody is a decision; the wallet you choose decides how forgiving that decision is.
