Crypto is on a new tear again. With 40% of U.S. adults supposedly now owning some crypto, are we moving from early adoption of a couple of years ago into early majority in terms of the technology adoption curve?
Wherever we are in the larger scale hype cycle, I’ve had too many conversations recently indicating poor info out there. A lot comes from the influencer class on YouTube who often breathlessly extol the virtues of how if you don’t do or don’t do this or that your financial future will lay in tatters. If you were to somehow measure the emotional tenor of some of these folks, it’s similar to if you watch the manically effusive presentations of the gamers playing everything from Minecraft to other kids’ games. Most of them probably mean well and many provide great value, but there’s things they’re leaving out. And one major issue is the irony that having more control of your assets could incur more risk than one otherwise might.
The last thing the world needs is another “Intro to Crypto.” And this isn’t that. But I do want to go over some issues considering use of self-sovereign wallets vs. custodial type accounts. For those just starting to get exposure to crypto as an asset class, with Custodial wallets/accounts, a third party holds your crypto, manages any account keys and executes transactions on your behalf. (Such as Coinbase, Kraken, etc.) They’re like your traditional bank or brokerage. Alternatively, (or additionally), with Self-sovereign wallets you fully control your assets using private keys in your wallet and what it holds with no intermediaries involved. Whether you’re transferring funds, trading on decentralized exchanges, purchasing things, connecting and transacting with other applications, or whatever, you have to do everything in terms of managing transactions and you own all associated risks; of which there are several. My goal isn’t to dissuade you from this category. It’s just to shine a brighter light on some of the downside risk and offer some risk mitigation strategies.
“Not Your Keys, Not Your Crypto!”
This is the rallying cry of the self-sovereign crypto crowd! If you don’t control the private keys to your wallet, (which is really more of a keychain), you don’t truly own it. The government or bank controls how you transact, and when, and how, and other bad things can befall you. Also, banks fail sometimes. All of this may be true enough, though most us don’t worry much about these edge cases.
Custodial wallets – which generally means an account at a brokerage/exchange – while convenient, put the control of your assets in the hands of third parties. For the self-sovereign crowd, the idea of using a custodial solution defeats the purpose of crypto’s promise of decentralization and personal control. For others, this is fine. Preferred as safer even. Though yes, there’s been some obvious crypto exchange failures and malfeasance with serious loss as there was no insurance there. (See: Top 10 Crypto Fails of All Time.) While those are risks of a certain sort, if going the self managed route, there’s issues it seems some folks aren’t really paying proper heed, even if there’s a surface level awareness.
Complete Responsibility for Keys
This part you’ve likely heard about. And yet, we still see plenty of news stories where it’s clearly not been taken to heart. Managing your own keys means 100% responsibility for your assets. There’s no customer service to call if you lose access or make a mistake. No one can fix anything, even if they wanted to. Whether human error, technical failure, or disaster, loss of private keys is a common risk. Without keys, your assets are permanently inaccessible. The empowerment of self-sovereignty comes with the burden of ensuring security, maintaining backups, and protecting against loss or theft. If you’re injured or worse, you would have had to make sure your family or estate has some means to recover your funds. Then there’s the idea of the “naked man” recovery. The idea is that if you lose everything; devices, passwords, backups, you could still recover access. Consider your typical bank and brokerage accounts. It might be a hassle, but if you lost access to everything, you could go to your bank and after id checks and so on eventually get you access to your funds. Not so for self-sovereign crypto. There are recovery tools we’ll get to. But true resilience, (starting from zero), with self sovereign tools is challenging. And you’ll have to be physically and mentally capable to act on your own behalf. If not, your funds are likely locked in limbo forever. You might not care about this. But your spouse and kids might not be as impressed with your “foolproof” security.
Mitigation Methods for Protecting Your Keys
There’s ways you can protect your keys to maintain security, and recovery. But it’s not always so simple.
- Hardware Wallets: They store private keys offline, reducing exposure to online hacks. But this no panacea. Ever lose a USB stick? So you still need to backup your seed phrases elsewhere. This is kind of like having super high quality locks on your house, but still burying a key in a piece of PVC pipe someplace in your back yard.
- Key backups: Maintain multiple secure backups of private keys in different locations. This is another irony as this increases risk with multiple points of failure; albeit for less assets assuming you’ve somewhat split them. Yes, creating backups is obvious. But let’s drive it home because this is somewhat different from a lot of your other backups. This is one place in people’s live they’d better never lose something. According to Global Security Mag, “Around 60% of Americans consider password loss as stressful as a personal injury or an illness, financial problems, or dismissal from work.” And iProov says, “Every day, almost a third of consumers go through the hassle of having to request a password reminder from at least one website.” But people – for the most part – don’t have access keys like this which, if lost, are truly unrecoverable by any means. Those who want to engage with these kinds of assets will need to find a new gear… a new attitude, and new methods for securing such things.
- Password manager/Encrypted storage: This works as long as your password manager doesn’t get hacked. (Which has happened.) Another benefit is some services offer emergency access to others. Though this is another possible attack vector, use of time locks can mitigate this.
- Key Recovery Mechanisms: Consider services that offer key recovery mechanisms, such as social recovery wallets. Note that even if you have the software password to your wallet, not all wallets will show you your keys ever again after being first set up, including some of the most popular options.
- Document Your Methods: Document key access methods and store instructions in a secure location. This is easier said than done. It’s increasingly the case that even banks don’t have safe deposit boxes. There may be private vaults providing services. A fireproof box or safe at home can work, but even these can be stolen. Simple home hiding places can work, but still be at risk of discovery, fire, theft. You’ll have to work this out while you face the usual security dilemma; secure, but accessible.
Non-Repudiation Risks
Non-repudiation in banking ensures that a party in a transaction cannot deny having authorized it. With a crypto transaction, it also means the transaction can’t be undone. Technically, yes, it’s possible an internal transfer within a custodians’ accounts could theoretically be reversible; though not a transaction with an external entity. However, for the most part blockchain transactions are immutable and irreversible. There’s no undo button. There is another technical exception here. There may be some rare exceptions via forks or rollbacks. But for most practical purposes, done is done here. While this ensures trustless systems can work, it also means errors cannot be rectified. Trading tools often warn you repeatedly to be sure about the address and network to which you are sending funds. With errors, it’s not just that there’s no customer service to call or a policy you can fight. There’s just no mechanism whatsoever to fix some mistakes.
Mitigation Methods for Non-Repudiation Risks
- Double-triple-check recipient or contract addresses and transaction details before sending. This includes making sure your software is set for the correct blockchain network during the transfer.
- Start with small test transactions before sending large amounts. Even if you maybe spend a bit more to pay for the transaction cost alone of a $10 transfer, it’s likely worth it to have confidence in the $10,000… $100,000+ transaction you’re about to initiate.
- Use multi-signature wallets for an added verification layer. And again, some irony. Multi-sig wallets, (requring multiple confirmations of a transaction from different parties), depend on at least two people managing their passwords and keys properly. Loss of a login by one might mean nothing gets stolen, but funds are now locked up in what is now very cruelly named a “smart” contract. (I’m waiting to hear about a lawsuit by someone against another who lost their credentials or refuses to sign a transaction.) Compare this with traditional banking. With a co-signer on an account, if a co-signer gets hit by a bus, becomes mentally incompetent, whatever… the account owner still has recourse. They can get lawyers, documentation, other things to eventually regain access. With a smart contract, as they say, code is law. It doesn’t really matter if the smart contract is not even legally a contract. (The name “Smart Contract” is an industry invention, not a legal truth.) Whether a smart contract is ‘real world’ law or not, (and in what jurisdiction), hardly matters. If you lose access, you’re done.
Risks from Being Hacked
Self-sovereign management exposes individuals to risks beyond basic identity theft as losses can be direct and immediate. Hackers target keys through phishing scams, malware, and other tactics; just as with other assets. Unlike traditional bank or brokerage, where breaches might result in algorithms catching atypical behavior, or limits to loss, self-sovereign systems have no such protection. To my knowledge, even though exchanges have been hacked or done shady things, no actual mainstream core blockchain itself has ever been hacked. So when properly used it’s true that – for all effective purposes blockchain transactions are amazingly secure. But everything else? Plenty of smart folks have clicked on the wrong file attachment at just the the wrong time. While some blockchain transactions can be even more traceable than various forms of traditional financial transactions, it won’t mean you can do anything about it. And even though things like crypto tumblers/mixers to hide traceability may be illegal in many jurisdictions, talented criminals find ways.
Mitigation Methods for Hacks
- The usual phishing avoidance of not clicking on unknown links or downloading unverified software.
- Enable two-factor authentication (2FA) where possible. (Or beyond 2FA.)
- Use dedicated devices or secure operating systems for crypto transactions.
- Split assets to multiple wallets and devices. This has pros and cons. You avoid a single point of failure, but increase attack surface area and need to manage more private passwords and keys.
Inheritance Issues
Unlike traditional accounts where assets can be transferred to heirs with relative ease, self-sovereign crypto has complexities. Without proper planning, heirs will not have access to private keys, leading to permanent loss of assets.
Mitigation Methods for Inheritance Issues
- Create a detailed inheritance plan that includes key storage locations and instructions.
- Use multi-signature wallets with trusted parties as co-signers for inheritance.
- Store access details with a secure legal or estate planning service.
You can see what these have in common. All depend on trust relationships; just more personal than institutional.
Coercion Risks
One supposed advantage of self-sovereign finance is that no one can take it from you. No bank can stop your transactions. No government that can freeze your account. But there’s also nothing stopping a bad guy from holding you and your family at gunpoint and forcing you to offer up everything. Today, if someone wants to steal from a bank or brokerage, it’s challenging. If you went into any Citibank or Bank of America or Wells Fargo and said, “I need all my money today in cash,” or some other large immediate transfer, they’re more likely to call the police on your behalf than do the transfer. But a couple of guys in your living room with a pipe over your kids’ head? You’ve got a problem that’s all yours.
Mitigation Methods for Coercion Risks
You might still get killed, but if you have large amounts of crypto, you could store them in some form of smart contract that has time lock limits of some sort, possibly using multiple signatures or alerts to others. You would honestly tell the bad guy what you’ve set up. Chances are pretty good it would not be safe to hold you as a prisoner for a month or more while others have been notified a transfer has been initiated. Maybe you leave a few thousand free. This way, they may just break your arm in anger or something, but not outright kill you. The point is, if you hold all the keys and someone knows you have crypto, all the digital smugness in the world isn’t likely to help you when you’re staring down the barrel of a gun. So you may have assets that are digitally highly secure by sophisticated methods, but be susceptible to the so-called $5 wrench attack.
Physical Risks
Hardware wallets and physical backups, while secure, are not immune to risks like theft, fire, or flood. Protection here requires redundancy and careful planning, often adding complexity.
Mitigation Methods for Physical Risks
- Store backups in fireproof and waterproof safes.
- Use geographically distributed storage for redundancy.
- Regularly check the integrity of hardware wallets and backups.
Lack of Third Parties Means Lack of Third Parties
One appeal of self-sovereign management lies in cutting out middlemen, whether banks, brokers, or centralized exchanges. Or replacing intermediaries with smart contracts that are ostensibly transparent and trustworthy. However, it’s worth considering that sometimes, intermediaries provide valuable services, such as dispute resolution, insurance, and fraud prevention. Their absence in self-sovereign systems can leave users vulnerable in situations where human judgment or assistance is required.
Mitigation Methods
- Use decentralized arbitration platforms for dispute resolution. (This only works if the parties are known and will work with such services. See: Decentralized Justice: A Comparative Analysis of Blockchain Online Dispute Resolution Projects.)
- Opt for crypto insurance products to mitigate potential losses. This is a relatively new category and likely only useful for significant assets. (You’ll probably want to read the fine print here.)
- Evaluate the reliability of smart contracts through audits and peer reviews.
Wallet Recovery Methods
Wallet recovery is critical for self-sovereign asset management, as losing access to a wallet often means losing access to funds forever. Various methods can help ensure recoverability. This is similar to sorting out how to find a password for any typical software you use.
- Seed Phrase Backups: Store seed phrases securely in multiple physical locations, such as safes or safety deposit boxes. If you have your keys you can re-build a wallet.
- Social Recovery Wallets: Leverage wallets that allow trusted contacts to help recover access.
- Shamir’s Secret Sharing: Split the private key into multiple parts and distribute them to trusted parties, requiring a quorum to recover access.
- Encrypted Digital Backups: Store encrypted backups of private keys in secure cloud storage or password-protected drives, the same as you might for any other credentials.
- Recovery Services: Use third-party recovery services that specialize in crypto wallet recovery. These are sometimes firms that just help you guess through your likely options. Not sure if any use hypnotism, but maybe worth a try as well.
Final Thoughts
Self-sovereignty in crypto promises unparalleled control and autonomy, but it comes with significant trade-offs. For the intermediate to advanced retail investor, balancing the benefits of decentralization with the practical risks of personal asset management is a nuanced challenge. While “not your keys, not your crypto” remains a powerful principle, the realities of implementing self-sovereign practices demand careful consideration and planning. The value of holding or trading crypto asset class tokens, objects, and so on seems to be on the edge of getting to more mainstream. The many values of tokenized assets and what this will mean for the future is being covered in blogs, videos, papers, books and more. My goal here is just to drive home a few – perhaps harsh – realities for those who have just been dabbling a bit. If you haven’t thought seriously about these issues and are diving in more deeply into this asset space, then you’re behaving similarly to driving without insurance. Or worse. All of this is fixable. But depending on how you want to go, we’ll need some significant effort to form some new behaviors that mostly haven’t been necessary for traditional assets.