In this article
The fundamental custody question
Bitcoin is a bearer asset. The entity that controls the private key controls the bitcoin. There is no account number, no customer ID, no recourse mechanism. If the key is lost or the key-holder disappears, the bitcoin is gone — mathematically, permanently. If an unauthorised party gets the key, they can take the bitcoin with no reversal possible. The financial system that most people grew up with — with its chargebacks, fraud departments, and deposit insurance — simply doesn't exist at the base layer of Bitcoin.
This isn't a design flaw. It's a design choice. The same properties that make Bitcoin seizure-resistant and censorship-resistant — no central issuer, no account that can be frozen, no institution that can be pressured — are precisely the properties that make custody the critical question. The trade-off is not avoidable. You are choosing between bearing your own risk and delegating it. Both choices have real costs.
Understanding those costs clearly — rather than defaulting to whatever is most convenient — is the first step toward making a defensible custody decision.
Custodial: exchanges, banks, ETFs
Custodial bitcoin means you hold a claim on bitcoin that someone else controls. When you buy bitcoin on an exchange and leave it there, the exchange holds the keys. When you buy a bitcoin ETF, the fund manager's custodian holds the keys. When a bank offers bitcoin exposure through a savings product, the bank (or its custodian partner) holds the keys.
The appeal is obvious. There is no key to lose. There is no seed phrase to protect. If you forget your password, customer support can verify your identity and restore access. The experience is indistinguishable from holding any other financial asset in an account. For someone buying a small position to learn about Bitcoin before committing to the complexity of self-custody, this is a reasonable starting point.
The risk profile is correspondingly clear. Custodial bitcoin is subject to counterparty risk — the risk that the custodian fails, is hacked, is defrauded, or acts against your interests. This is not a theoretical risk. FTX had roughly $8 billion in customer claims it could not honour when it collapsed. Mt. Gox lost approximately 850,000 bitcoin to an attack that went undetected for years. Celsius froze withdrawals and subsequently filed for bankruptcy. In each case, customers who held on exchange believed their funds were safe because the numbers in their account UI said so. The numbers were not connected to actual bitcoin under anyone's control.
Bitcoin ETFs reduce some of this risk — they are regulated vehicles with auditing requirements and custodians that are subject to SEC oversight. They are meaningfully safer than exchange custody. But they introduce a different constraint: you cannot actually use the bitcoin. ETF exposure cannot be sent, cannot open a Lightning channel, cannot participate in any protocol that requires a genuine on-chain transaction. For many holders, particularly those interested in the agent economy use cases covered elsewhere on this site, this is disqualifying.
The core trade-off: custodial bitcoin is convenient and recoverable but subject to counterparty risk. It is better than not holding bitcoin, but it is not bitcoin custody — it is a claim on bitcoin custody.
Self-custody: hardware wallets and multisig
Self-custody means you hold the private keys yourself. The bitcoin is controlled by a key that only you possess. The exchange cannot freeze it, the government cannot compel a third party to surrender it, and no institution's failure can cause it to disappear. It is yours in a way that custodial bitcoin is not.
The dominant implementation for most holders is a hardware wallet — a dedicated device that generates and stores keys offline, signs transactions without exposing the key to the internet-connected device it's paired with, and requires physical interaction to authorise any spend. Trezor and Ledger are the market leaders. The UX has improved substantially over the past decade, but there is still meaningful operational overhead: backup the seed phrase, store the backup securely, understand what happens if the device fails.
The failure mode in self-custody is the inverse of custodial: there is no counterparty to fail, but there is no counterparty to recover from user error either. Losing the seed phrase means losing the bitcoin. Seed phrase exposure means losing the bitcoin to whoever found it. The bitcoin community's repeated advice — "not your keys, not your coins" — applies equally in both directions: holding your keys means accepting full responsibility for them.
For larger holdings, multisig significantly improves the security profile. A multisig wallet requires multiple keys to sign a transaction — a 2-of-3 setup, for example, requires any two of three keys to authorise a spend. This eliminates the single point of failure inherent in single-key self-custody: losing one key doesn't lose the funds, and an attacker gaining access to one key doesn't gain access to the funds. The keys can be stored in physically separate locations, making a combined theft or loss scenario substantially less likely.
Hybrid: collaborative custody
The collaborative custody model — pioneered by services like Unchained Capital and Casa — sits between full custodial and full self-custody. In a typical 2-of-3 multisig arrangement, you hold two keys and the service holds one. You can spend without the service's involvement using your two keys. The service can assist with recovery if you lose one of your keys but cannot unilaterally spend — they hold only one key of the required two.
This model significantly reduces the key-management burden without reintroducing the counterparty risk of full custodial. You retain sovereignty over your funds because the service can never spend without you. The service provides value by acting as a backup key-holder and advising on operational security. If the service disappears, you still control your funds with your two keys.
The trade-off is cost — these services charge ongoing fees — and trust, not in the custodial sense, but in the operational sense: you are relying on the service to maintain availability for the recovery scenarios where their key matters. For holdings large enough to justify the cost and for holders who want self-custody-level security without self-custody-level operational complexity, collaborative custody is arguably the best available option.
Machine custody: AI agents holding keys
The emerging custody question — one that barely existed two years ago and is now increasingly pressing — is what happens when the key-holder is not a human. AI agents that need to make payments require wallets. Wallets require keys. Who holds those keys, and under what constraints, is a custody question with no established answer.
The naive implementation — generate a key, hand it to the agent, let the agent spend freely — has the obvious failure mode: a misbehaving or compromised agent can drain the wallet without human intervention. Any system that gives an AI agent unconstrained custody of significant funds is making a bet on the reliability of that agent that is probably not warranted by the current state of the technology.
More practical machine custody architectures involve constraints at the key level. Multisig with a human co-signer for transactions above a threshold. Time-locked keys that allow small transactions immediately but require a waiting period for large ones, creating a window for human review. Whitelisted destination addresses — the agent can only send to pre-approved counterparties. Budget caps enforced at the key level rather than relying on the agent's own judgment.
The deeper architectural question is whether the agent should ever hold keys at all, or whether the key-holding should be separated from the agent's reasoning entirely — a hardware security module or a dedicated signing service that the agent requests signatures from, with the signing service enforcing the constraints. This separation means that compromising the agent's reasoning layer doesn't automatically compromise the keys. The two threat surfaces are isolated.
None of these patterns are settled. The agent payment infrastructure is genuinely nascent, and the security models being developed today will define the attack surface that malicious actors probe for the next decade. The organisations building careful, constrained machine custody architectures now are doing foundational security work, not over-engineering.
Decision framework
The right custody model is not the same for everyone. It depends on the amount being held, the technical sophistication of the holder, the intended use of the funds, and the specific risks the holder most wants to protect against.
Small amounts, learning phase: Exchange custody is acceptable for amounts you would not be devastated to lose. The convenience is real and the counterparty risk, while real, is proportionate to the position size. This is the on-ramp, not the destination.
Medium holdings, non-technical holder: Collaborative custody (Unchained, Casa) provides meaningful security improvement over exchange custody with a manageable operational burden. The co-signing structure provides a recovery path without surrendering sovereignty.
Significant holdings, technically capable: Single-key hardware wallet self-custody with careful seed phrase storage is appropriate. At larger sizes, move to multisig — the additional key management complexity is worth the elimination of the single point of failure.
Institutional or very large holdings: Multisig with geographically distributed key storage, possibly involving a collaborative custody service for the backup key, combined with operational security practices around access and signing ceremonies.
Machine custody: Constrained key architecture with human co-signature requirements for non-trivial transactions, budget caps, and isolated signing infrastructure. Treat machine wallets as hot wallets with explicit spending limits rather than as general-purpose stores of value.
The custody question compounds. Getting it wrong early is recoverable — you can move funds from custodial to self-custody at any time. Getting it wrong on a significant holding is not recoverable in either direction: a custodial collapse loses the funds permanently, and a lost self-custody seed phrase does the same. Make the decision deliberately, with clear understanding of the risk you are accepting at each tier, and revisit it as your holdings grow.