Should I have a cold wallet?
With the recent meltdown of handful of custodial wallets, should you consider a cold wallet?
With last week’s FTX meltdown, which brought down other firms in its wake, you might be wondering if we should all be putting our crypto into cold wallets. tl;dr my answer is still no, I do not think it makes sense to have a cold wallet for most casual investors.
Brief vocab refresh
wallet: a method of storing the keys (aka passwords) to your crypto.
cold wallet: a method for storing keys to your crypto in a place disconnected from the internet. Could be a USB drive, special hardware made for key storage, or a Post-It buried in your backyard.
hot wallet: the inverse of a cold wallet– it’s connected to the internet. Could be an app on your phone or a custodial wallet (defined below). Most custodial wallets are hot wallets.
custodial wallet: a method for storing keys with a third party. You give them the keys and they store them securely and allow you to access your crypto, typically over the web. Similar to a safety deposit box at a bank– I’ll give you my stuff, you keep it safe.
crypto bank: custodial wallet (most crypto banks are also crypto exchanges, defined below)
crypto exchange: a place to buy and sell crypto (most crypto exchanges are also crypto banks)
crypto hedge fund: a fund that raises money to invest in crypto and crypto technologies (overlap between hedge funds and banks/exchanges is rare. FTX is in big trouble because they had that overlap and used customer bank funds to invest in FTX’s hedge fund, without customer’s consent)
Pros and cons
Pros of a cold wallet: most secure
Cons of a cold wallet: easy to lose your keys (there are lots of hard-to-read stories about people losing their keys. This guy lost half a billion dollars and is trying to excavate a dump). More steps if you want to buy/sell. Hard to track performance over time.
Pros of a custodial wallet: easy to keep track of your keys, easy to buy/sell, easy to track performance over time
Cons of a custodial wallet: susceptible to hacks, government seizure, and a few new “cons” I had not considered until ~1 week ago:
deranged CEO might steal your money and
investgamble itderanged CEO’s business model might be built on lies/amphetamines, bank becomes insolvent
system-wide liquidity problems prohibiting withdrawals
New considerations for choosing a wallet, post-FTX
Before, my calculus in choosing crypto storage was to select the most reputable custodial wallet, max out the security options (e.g. enable 2FA), and don’t put more money in there than I am willing to lose. All of those recommendations hold but I’m adding a few more:
1:1 deposits Confirm the bank holds the deposits 1:1, i.e. make sure they are not levered. Regular banks are levered, i.e. if customers deposit $100 they lend out $90 and only hold $10. This is okay if a central bank can rescue them during a run on the bank, but without a central bank, holding deposits 1:1 is crucial. Note that FTX claimed they held deposits 1:1– see also the third bullet point.
How do they make money? Understand how the bank makes its money. This can be broad strokes– do they charge a subscription fee? Do they make money off of trading fees and are their trading fees commiserate with their peers? If everything is free and their trading fees are free/cheap I would not keep my money with them.
Avoid companies run exclusively by children This sounds harsh/obvious, depending on your POV, but I think it’s an important lesson: young adults might have been good at making social media platforms but we cannot follow them blindly into financial ventures. Having a few wunderkinder is fine but the C-suite cannot be exclusively wunderkinder.
Choose a bank headquartered in the US If whatever they’re doing is too avante-garde for the US you don’t want to park your money there.
What I chose in March ’22
Several months ago I decided to use a custodial wallet and honestly, I’m just lucky that I didn’t choose FTX. Instead, I chose Coinbase. I’d like to say it was due to careful consideration of Coinbase’s credentials and security protocols, but mostly I went on the recommendation of people I know IRL who have been active in the crypto space for several years.
Bottom line
Absent regulation, if you don’t have the expertise to evaluate a bank’s credentials or security protocols (I do not), reputation/personal recommendation is probably the best way to select a bank, with the addition of my new post-FTX protocols listed above.