Leggi questo articolo in Italiano Italiano

Blog
Insights and research
8 min read

Non custodial wallet: your crypto are safe!

By Gabriele Brambilla

After CeFi showed its dark side in 2022, the race to the non custodial wallet began. What are the risks?

Non custodial wallet: your crypto are safe!

Cryptocurrency wallet: custodial and non-custodial wallet

How do I keep my cryptos safe? You have certainly asked yourself this question at least once.

Today we are going to talk about non custodial wallets, key tools for securing your cryptocurrencies.

We will address the topic by focusing on security. Point by point, we will consider the aspects to pay attention to, so that you are actually protected from the main risks. We anticipate this: very little is needed.

The following applies to both bitcoin wallets and those dedicated to other coins and tokens. Before we begin, let us quickly review the concepts of custodial and non custodial.

For example, a custodial wallet is one provided by exchanges and CeFi. Users have the ability to buy and sell crypto to do with it as they wish, including transferring it via blockchain to another cryptocurrency wallet.

However, ownership of what is deposited on a custodial wallet lies with the custodian itself, not the user using it. Or rather: the custodial wallet leaves the private keys in the hands of the relevant CeFi. If the platform were to run into liquidity problems, or worse, go bankrupt, the poor customer would be in for a nasty headache.

The custodial wallet behaves somewhat like a bank account, differing, however, in one not insignificant detail: the absence of funds insurance.

The year 2022 has taught us that unpleasant situations (to say the least) can take place. Therefore, we must weigh the risks and benefits, deciding whether CeFi is worth resorting to.

The noncustodial wallet, on the other hand, leaves possession of the private keys to the user. At the same time, the responsibility of proper custodial will also rest on his or her shoulders.

So, on the one hand we have a wallet application that is easier to manage and owned by a company. However, the convenience leads to having to give up the ownership of private keys.
Conversely, on the other side we find a wallet that leaves everything in our hands, with all the benefits and responsibilities that come with it. It is precisely on this last point that the article you are reading comes to the rescue.

We are going to explore what are the most significant security aspects of noncustodial wallets, so that we can live peacefully our journey in the crypto world.

Index

Why choose a non custodial wallet

The year 2022 taught us that CeFi companies do not always operate in the right way.

Adopting risky investment strategies, going so far as to steal capital in some cases, several players ended up with huge budget holes. Think of FTX, Celsius, and BlockFi, which were forced to file for bankruptcy.

In this scenario, those who suffered heavily were the users: from a few euros to hundreds of thousands, so many people and companies lost all or part of what they held.

After a succession of extreme events, the fall of 2022 was the scene of a mass flight from CeFi, in favor of the “dear old” non custodial wallets. Worried by facts, rumors and speculation, users preferred to protect their funds from any risk. After all, we have often argued this ourselves: if there is even the slightest doubt about the XYZ platform, we withdraw!

Effectively, the noncustodial wallet protects us from the risks of bankruptcy, low liquidity, theft and exploits. Let us be on our guard, however, because other types of dangers take over, which should definitely not be overlooked.

According to several experts and insiders in the crypto world, the topic of “noncustodial wallets and security ” will be one of the most talked about topics this year. No wonder: there are many people with little experience who operate too lightly.

Starting from the beginning, let’s see what are the indispensable elements to be careful about when dealing with a non custodial wallet.

"Non custodial wallets shelter from the risks of custodial ones, while bringing new dangers"

Types of non custodial wallets

Noncustodial wallets fall into two categories: hot wallets and cold wallets.

Hot wallets are free and widespread. There are a large number of them, each of which supports one or more blockchains and has a variety of features.

They are offered as mobile applications, wallet software for PC/MAC and browser extensions.

Among the main names we mention MetaMask, employed probably by any crypto-user at least once in a lifetime. MetaMask is available both as a Chrome extension and as an Android and iOS wallet app.

Regardless of their form, hot wallets are always connected to the Internet and ready to interact with protocols and platforms. As a result, under certain circumstances, security can be compromised; after all, when we interface, we are dealing with online wallets.

Cold wallets are different precisely because they are not always connected to the Internet (hence the name cold, cold). They are therefore a type of offline cryptocurrency wallet, the exact opposite of the previous category.

The main exponents of this group are hardware wallets, special devices that hold private keys in a safe. An attacker will not be able to steal our funds unless he or she physically has the hardware wallet (and related access) at his or her disposal.

Ledger and Trezor are the main brands in the market. They look like USB sticks equipped with a small screen. In a few minutes you can learn to use them and they guarantee very high security standards.

Through our referrals you can purchase your Ledger.

This is it: we have gone over the basics and are ready to move on. If you then wish to go deeper, here is an article dedicated to how a cryptocurrency wallet works.

Seed Phrase wallet

The seed phrase is probably the most sensitive part. It is a phrase consisting of 12 or 24 words, usually in English, that can give complete access to deposited funds.

When we go to create a cryptocurrency wallet, we will come to a certain point in the setup where we will be told to write down the seed phrase. Then, there is usually a check where we will have to type in part or all of the phrase so that we can be sure that we have not made any transcription errors.

After establishing a password (which has another function, we will get to that) the setup will be completed and we can use the wallet.

Imagine, however, that we lose the computer or forget the password. How will we be able to recover the funds deposited on the wallet? Or, how can we access the wallet from another PC?

The crypto wallet does not have an account with credentials such as “username” and “password,” and that’s too bad: the funds would be at the mercy of any malicious person. This does not mean that you cannot recover what you have lost, or work from another device.

The seed phrase is a recovery phrase. Through it we will be able to access our wallet from any computer, without any limitations. Have we forgotten our password? Or have we purchased a new PC? The seed phrase will allow us to access the wallet.

The operation is simple. Let’s imagine we have a new computer on which we want to import our MetaMask wallet (random name, to bring an example).
After installing the application, we will follow the instructions and enter our seed phrase. In a few moments we will have access to the funds we had previously deposited.

We should guess what the danger is: if the seed phrase falls into the wrong hands, we may have to say goodbye to our cryptos. So too if we were to lose it and could not access the wallet: it would be impossible to recover what we deposited.

Fortunately, it only takes a few steps to protect us from any risk:

  • We transcribe the seed phrase on two different media. If we were to lose one, we would have the other as a backup.
  • We avoid jotting down the phrase on computer media, whether computers, smartphones or tablets. In case we suffer a cyber attack, it could be stolen. We opt instead for something material, such as a sheet of paper.
  • We leave the seed phrase in a safe place. This means we should avoid keeping it in our wallet or leaving it on display on our desk. If the phrase were written on paper, let’s not deposit it in places where it might get damaged and be illegible.
  • Let us not communicate the seed phrase to anyone. There is no support service that comes asking for this information, because it would be tantamount to handing ATM and pin into the hands of a stranger. Stay away from those who do this: it would certainly be a scammer.

That’s all, nothing complex but woe to take things lightly.

Let us move on to the password, different from the seed phrase but still important.

"Never share the seed phrase: let's keep it jealously and in absolute safety!"

Cryptocurrency wallet password

The less experienced tend to confuse seed phrase and password. However, they are two separate things and serve different functions.

The seed phrase we can file away. Let’s see what the password is.

When we install a wallet, whether on a browser, PC/MAC app or mobile, we need to choose a password. Each time we log in we will need to provide it, otherwise we cannot continue.

This password is only valid on the computer medium in question. For example: let’s say we have a desktop computer and a smartphone. On the PC we install the Chrome extension of MetaMask. We are provided with the seed phrase and set a password.

Whenever we want to access the Chrome extension Metamask, we will have to compulsorily enter the password.

However, for our needs we would like to have access to the wallet also from smartphones. So let’s install the MetaMask wallet app android.
When the procedure is complete, we will not be able to simply enter the password and log in; this is because our wallet is not yet associated with the app.
It will therefore need to be imported via the seed phrase. In addition, we will have to choose a password that will only apply to the mobile app; the one established at the time for the Chrome extension on PC will remain unchanged. That done, here we will be able to access our wallt from both computer and mobile.

The purpose of the password is to create a barrier in case the computer, phone or tablet ends up in the wrong hands. On the other hand, it has no relevance outside the context: in that case, the seed phrase would be required.

"The password also has its importance, albeit limited when compared to the seed phrase"

Most common crypto frauds

A few mentions of the most prevalent online frauds never hurts.

First, let us mention those posing as support services for wallet applications, as well as exchanges, CeFi and even DeFi platforms.

These self-styled customer care people will try to get the seed phrase delivered, claiming that it is needed in order to help us. As mentioned in the dedicated section, we communicate nothing, close the conversation and possibly report the fact to those in charge.

Beware also of those who contact via messaging apps (such as Telegram) or comment posing as someone else on social networks and platforms such as YouTube and Instagram. The target is usually one: our seed phrase.

Then there are links that point to specific software that can attack our wallet, or to malware and computer viruses. If we were to link to one of these portals, our funds would be seriously at risk.
To avoid the problem, just follow these rules:

  • Never click on links received via email or message from strangers. Indeed, avoid clicking regardless even if the person is known, unless there is certainty that the link is reliable.
  • Do not Google the name of the platform we would like to access. To clarify, if we would like to visit the famous DEX PancakeSwap, we take the link from reliable sites such as DefiLlama; after which we save it as a favorite.
    This shrewdness comes from the fact that malicious people often buy advertising space on search engines, posing as the platform in question. By logging in, everything looks the same, because they copy its interface. However, by plugging in the wallet we are giving a green light to the theft of our cryptos.

Finally, if possible do not access crypto wallets if you are using public WiFi, as it is not an adequately protected environment.

"Scammers are constantly devising new methods to get us into trouble: let's stay updated and always alert"

VPN e criptovalute

Let’s close with VPN, a very useful tool for surfing the Internet more safely, not only when operating with our precious coins.

A VPN allows us to mask our IP address and the activities we perform on the network. Therefore, hackers will have a much harder time stealing our data, following us and attacking us.

If you wish, you can subscribe to Nord VPN: you will be entitled to a super discount and a free period!

 

Go to top
Security
Wallets
Blog
Insights and research
X

Vuoi essere sempre sul pezzo?

Iscriviti alla newsletter per ricevere approfondimenti esclusivi e analisi ogni settimana.

Se ti iscrivi c’è un regalo per te!

bitcoin
Bitcoin (BTC) $ 89,348.94
ethereum
Ethereum (ETH) $ 2,213.54
xrp
XRP (XRP) $ 2.56
tether
Tether (USDT) $ 1.00
bnb
BNB (BNB) $ 595.61
solana
Solana (SOL) $ 145.67
usd-coin
USDC (USDC) $ 1.00
cardano
Cardano (ADA) $ 0.909955
dogecoin
Dogecoin (DOGE) $ 0.203660
staked-ether
Lido Staked Ether (STETH) $ 2,217.29
tron
TRON (TRX) $ 0.240148
pi-network
Pi Network (PI) $ 1.79
wrapped-bitcoin
Wrapped Bitcoin (WBTC) $ 89,232.91
chainlink
Chainlink (LINK) $ 16.72
hedera-hashgraph
Hedera (HBAR) $ 0.237839
wrapped-steth
Wrapped stETH (WSTETH) $ 2,665.74
stellar
Stellar (XLM) $ 0.300816
leo-token
LEO Token (LEO) $ 9.88
sui
Sui (SUI) $ 2.81
avalanche-2
Avalanche (AVAX) $ 21.40
usds
USDS (USDS) $ 0.999950
litecoin
Litecoin (LTC) $ 104.61
shiba-inu
Shiba Inu (SHIB) $ 0.000013
bitcoin-cash
Bitcoin Cash (BCH) $ 387.45
the-open-network
Toncoin (TON) $ 3.04
mantra-dao
MANTRA (OM) $ 7.08
polkadot
Polkadot (DOT) $ 4.45
weth
WETH (WETH) $ 2,217.89
bitget-token
Bitget Token (BGB) $ 4.57
ethena-usde
Ethena USDe (USDE) $ 0.999259
hyperliquid
Hyperliquid (HYPE) $ 15.92
wrapped-eeth
Wrapped eETH (WEETH) $ 2,352.03
uniswap
Uniswap (UNI) $ 7.20
whitebit
WhiteBIT Coin (WBT) $ 29.91
monero
Monero (XMR) $ 225.53
near
NEAR Protocol (NEAR) $ 3.12
ondo-finance
Ondo (ONDO) $ 1.14
aptos
Aptos (APT) $ 6.03
dai
Dai (DAI) $ 1.00
aave
Aave (AAVE) $ 216.13
susds
sUSDS (SUSDS) $ 1.04
ethereum-classic
Ethereum Classic (ETC) $ 20.19
internet-computer
Internet Computer (ICP) $ 6.23
pepe
Pepe (PEPE) $ 0.000007
official-trump
Official Trump (TRUMP) $ 13.18
gatechain-token
Gate (GT) $ 21.30
okb
OKB (OKB) $ 43.50
coinbase-wrapped-btc
Coinbase Wrapped BTC (CBBTC) $ 89,439.96
mantle
Mantle (MNT) $ 0.734351
tokenize-xchange
Tokenize Xchange (TKX) $ 30.44