Several events this year have directly highlighted the importance of self-custody within the digital asset space. Ironically enough, self-custody and peer-to-peer technology were created as a solution to remove trust from centralized authorities or entities, and yet our industry still remains dominated by a lot of these ‘trusted’ parties.
The purpose of this guide is to help readers become more accustomed to, and better understand how they can safely hold their coins, tokens and NFTs themselves. The trustless systems built within crypto eliminate the need for reliance on any centralized exchange (CEX) or crypto investment platform; or at the very least, minimize the reliance on them and exposure to the risks they might pose. Getting to know safe practices of self custody is the real first step in one’s crypto journey, and we’re happy to help along that path.
So what is self custody, and what are the key differences between holding coins in your own wallet vs. leaving them on a centralized exchange? The classic phrase within crypto immediately comes to mind “not your keys, not your coins”. What this means is when you download a wallet app to your phone, or install a desktop browser extension, you are the only person who ever has access to the private keys which hold the assets in that wallet. There is no other entity that has the ability to move the coins or any of the assets held in that wallet, besides YOU. It is worth noting that typically you do not need an email address or identification to create a new wallet, and anyone is free to make as many wallets as they choose.
Now, say you create an account with Binance, Coinbase, or any other CEX. Generally, this works similar to web 2 profile creation or online banking, where you’ll have a username/email and a password to login to their platform. On their platform, you can buy/sell tokens like BTC or SOL and sometimes access additional financial products they offer. However, the actual ‘keys’ to the coins you’ve purchased are not held by you, instead you have a username and password which grants access to buy/sell or withdraw to your own wallet, so long as that company/exchange is still functioning as intended.
Experienced crypto users often hold their coins in a private wallet and only send them to an exchange when they intend to buy/sell/trade. This minimizes the time and exposure to any third party risk while your coins are out of self custody. Inexperienced users will often leave their tokens on the exchange for a variety of reasons such as: false sense of security, unwillingness to learn the further steps in their crypto journey, or even a lack of trust in themselves to entirely self custody their token holdings. Ideally, we want readers of this guide to feel confident in their abilities in practicing safe crypto storage and fund management.
Self custody wallets embody the true ethos of crypto, relying on no centralized party in between you and your assets. The (minor) stipulation being, that it requires the holder to overcome another learning curve in order to move their funds off an exchange and into their own wallet. This section will be a brief walk through on the basics of using a browser wallet for storing funds, sending them to another wallet and the differences between hot wallets and cold wallets. In the essence of time, we won’t explain the how-to process for downloading and installing a wallet. Instead we’ll refer to Phantom’s guide section for how to install and navigate within the Phantom wallet, which is the browser wallet we will also be using for examples within this guide.Installing Phantom wallet and basic use guides.
When first setting up a wallet, a random string of words will be generated at the time of creation. This is known as your ‘seed phrase’. Usually seed phrases are either 12 or 24 words and keeping them private is extremely important. Your seed phrase can be used at any time to restore the funds from your wallet if you damage/lose your device or need to import your wallet to another device. If anyone else gets a hold of your seed phrase, they can access everything within your wallet. Keep it secret! (Keep it safe). We recommend physically writing it down and storing it in a hidden location. Don’t write it in your phone’s notes or screenshot it!
A public wallet address on Solana is a string of characters between 32 and 44 characters in length. This address *can* be shared, and is the address in which you send and receive tokens on the Solana blockchain (SPL tokens). Some examples of Solana-native tokens are STEP, SAMO, ORCA and the SOL token itself. Your same wallet address can be used to receive any SPL tokens. A wallet address on the ethereum network will not receive SPL tokens, and vice-versa, a Solana wallet will not receive tokens native to the Ethereum network (ERC-20 tokens).
The Solana token (SOL) is required to perform any transactions on the Solana network. The SOL spent in each transaction is used to compensate the validators of the decentralized network, and on the user's end is often referred to as a 'gas token'. In order to use your newly created Solana wallet, you will first have to send a small amount of SOL so the wallet is able to cover the cost of your first few transactions. About 0.1 SOL is a good minimum amount to cover your initial transactions fees and get started. When sending SOL from an exchange or fiat on-ramp, you will have to locate and copy the address from within the Phantom wallet.
When sending funds between wallets, it's important to properly copy+paste the destination wallet address, for if tokens are sent to the wrong address they can not be recovered. It is quite common for crypto users to send a ‘test’ transaction (<$1.00) to confirm the correct address before sending the quantity in full.
You may have heard of people keeping their coins in ‘cold storage’ or on a hardware wallet. This refers to a physical device which is not connected to the internet and requires a password to be manually input on the device while connected to a computer in order to access the funds. This is the safest method of crypto storage, as it adds a layer of security on top browser wallets/hot wallets, which can be susceptible to malware or bad actors targeting the device where your wallet is installed. Without physical access to your hardware wallet, it’s next to impossible for anyone else to steal your coins. The most popular hardware wallets are made by Ledger and can be used for multiple blockchains and tokens including Bitcoin, Ethereum and Solana. If you’re looking to maximize security of your digital assets, investing in a hardware wallet is a terrific idea.
We recommend the following tutorials from Ledger:
Many centralized exchanges will offer a suite of crypto-financial products, whether that be token staking, lending, or supplying liquidity in order to generate yield on your assets. These concepts and opportunities stem from DeFi (Decentralized Finance), but in this case are being managed through a centralized party, such as Binance, Coinbase or [FTX]. Again, as we discussed, most crypto veterans would not advise leaving your coins with a centralized party. As history has shown that undisclosed crypto holdings, balance sheets and whereabouts of customer funds tend to form an unhealthy relationship when mixed in with human greed.
Enter: DeFi, self custody and trustless systems. Instead of requiring users to send tokens to a CEX in order to access crypto financial tools, DeFi protocols allow users to keep their funds within their own private wallet. The basic idea is a user goes to a trusted DeFi application within their browser, such as app.step.finance and “connects” their wallet.
Once your wallet is connected, the dApp can request to sign a transaction(s). Transactions will not occur unless the user ‘approves’ them within the wallet’s UI following the transaction request. A common example of a DeFi transaction is a token swap. Below is a screenshot of a token swap being approved on the Step Finance swap page. The key difference between a CEX and a DEX (decentralized exchange) is the user’s funds remain self custodied and in their own wallet at all times. You can see the ‘Estimated Changes’ on the simulated transaction with most credible Solana wallets before you click approve.
For a detailed How-to on using Step’s Swap Feature, see our in-depth guide here.
Once finished interacting with a DeFi protocol, you may ‘Disconnect’ your wallet and the dApp no longer has permission to request transactions from your wallet. Funds are Safu.
For more guides on using the Step app and getting comfortable with DeFi, read our other Step Learn guides with the link below.