Mike Lewis
- 6 minutes
Comparing the tradeoffs between security and ease of recovery for custodial and non-custodial wallets, and how Bunkyr can help bridge the gap
In the context of a cryptocurrency wallet, custody of your wallet refers to who ultimately has control of the assets. The type of custody is determined by two main factors:
If the answer to either of these questions is “yes”, then a wallet is considered custodial; if both answers are “no”, then a wallet is considered non-custodial or self-custodial.
With custodial wallets, a third party (for example, a cryptocurrency exchange like Coinbase) maintains raw access to your wallet keys, and therefore always has access to all crypto assets in your wallet. While this third party may be doing everything in their power to protect the wallets they control, a data breach, software bug, or court order could put your assets at risk. For instance, the infamous Mt. Gox hack discovered in 2014 resulted in the loss of over $460 million in users’ Bitcoin1 (worth over $30 billion at today’s prices) due to the exchange having direct access to the keys to users’ wallets. Beyond a cyberattack, the third party could simply suffer a system failure and lose your wallet keys (either temporarily or permanently), denying you access to your assets.
Even if a third party claims that all wallet keys are stored encrypted, they use at-rest encryption where the encryption is performed with a key controller by that third party. This is certainly better than leaving the keys unencrypted, but does not solve the fundamental problem of the third party having access to the keys at all times - you’re betting your critical assets on them not using that access or accidentally turning it over to an attacker.
Third-party control of wallets does come with a few benefits, however:
With a non-custodial wallet, your wallet keys never leave your device (your phone, computer, or a dedicated hardware wallet, for instance), and thus it’s almost impossible for your assets to be lost or stolen as a result of a third-party service being hacked or compromised. Transactions are signed locally on your device and then submitted to the blockchain network for processing, without your keys ever leaving your device.
While much more secure, this approach also comes with a significant drawback: if you lose your device, the assets in your wallet are irretrievably lost as you’re the only one who had access. Most non-custodial wallets have you store a seed phrase as a recovery method, but this is equivalent to printing out your wallet key - you have to store the seed phrase securely enough where nobody but you can access it, but it must also be readily accessible if you lose your primary device. There are quite a number of instances of even technologically savvy people losing large amounts of cryptocurrency assets because they lost both their primary device and recovery methods, including a UK-based IT professional who is still trying to search landfills for his hard drive containing over $300 million in Bitcoin2.
Further encryption of the keys in a non-custodial wallet can certainly add an additional layer of security onto a hardware wallet or mobile app, but then also adds one more point of failure if those keys (or their recovery methods) are lost or stolen.
So, is there a way we could combine the security benefits of non-custodial wallets with the usability and recovery methods of custodial ones? Simply backing up your seed phrase or private key with some other third party (like placing it in cloud storage such as Google Drive or Dropbox) is the same as trusting that provider with your crypto, and if you or they use end-to-end encryption to further protect your data, you’re right back to needing a recovery method for that encrypted data that won’t be lost or stolen.
Luckily, this is where Bunkyr comes in. By securely generating a recovery key from social sign-in methods including Google and Apple, the recovery method for your wallet is something you use frequently and utilizes industry-leading security features (two-factor authentication, suspicious login detection, etc.). Bunkyr generates these recovery keys from multiple distributed sources of information and never even has access to the actual wallet keys (which are stored by the wallet service provider and encrypted with the recovery key), so even if there is a compromise there’s no risk to cryptocurrency assets.
Bunkyr enables a non-custodial wallet service provider to get rid of seed phrases while still allowing the owner of the wallet (and only them) to securely recover access to their wallet keys. At the same time, custodial wallet providers can continue to offer the same set of user-friendly features while dramatically increasing security by using Bunkyr to move to a more non-custodial model. And since Bunkyr is simply a recovery method, a service outage or system failure on our end cannot prevent users from accessing their wallets through their normal login methods.
Integrating with Bunkyr is easy, and ensures both the security and usability of cryptocurrency wallets. Reach out to our engineering team today for more information or to schedule a demo.