Exchange Custody vs Self-Custody: Which Is Safer?
‘Not your keys, not your coins.’ The risks of leaving coins on an exchange vs holding them yourself — and how to choose.
After buying digital assets, the next unavoidable question is: "Where do I keep my coins?"—do you leave them in your exchange account, or withdraw them to your own wallet for self-custody? This seemingly simple choice conceals two completely different risk models.
Leaving coins on an exchange is convenient for trading, but it means trusting the platform to safeguard the private keys on your behalf. Holding your own private keys gives you true ownership, but you also bear the responsibility of safeguarding them alone. The widely circulated phrase "Not your keys, not your coins" captures the heart of this issue. This article objectively compares the risks and the right audience for each.
1. Keeping Coins on an Exchange: Convenient, but You Don't Hold the Private Keys
Leaving coins on an exchange is essentially a custodial relationship: the platform holds the private keys, and the numbers in your account are just the platform's "IOU" record to you.
Advantages:
- Buying, swapping, and withdrawing are done all in one place, with a low barrier to entry
- If you forget your login password, you can recover your account via customer support, email, or verification
- Suited to frequent traders
Main risks:
- Platform absconding / insolvency: Historically, many exchanges have collapsed, leaving users unable to withdraw their assets.
- Hacker theft: Exchanges are prime targets for hackers, and user assets can be lost when a platform is breached.
- Freezes and restrictions: An account may be restricted from withdrawing due to risk controls or compliance review.
- Misappropriation risk: You cannot verify whether the platform truly holds your assets 1:1.
Security note: An exchange is convenient, no doubt, but "coins on the platform" equals "trusting the platform not to fail." Keep only funds you'll need to trade soon on an exchange, and never entrust your entire net worth to any single platform long-term.
2. Self-Custody: True Ownership, but the Responsibility Is All Yours
Self-custody means withdrawing your coins to a personal wallet (hot or cold), with the private keys and recovery phrase in your own hands. This is the complete form of digital asset "ownership."
Advantages:
- You truly control your assets, unaffected by the platform's business condition
- No institution can freeze or restrict your funds
- Paired with a cold wallet, you can reach a very high security level—see Hot vs. Cold Wallets
Main risks:
- Loss of private key/recovery phrase: No customer support can recover it; if lost, it's a permanent loss—see Recovery Phrase Backup.
- Operational mistakes: Sending to the wrong address, the wrong chain, or signing a malicious approval can all cause irreversible loss.
- Phishing and fake wallets: Downloading a fake app or falling into a phishing trap—see Spotting Fake Wallet Phishing.
3. Side-by-Side Comparison
| Dimension | Coins on Exchange | Self-Custody |
|---|---|---|
| Who holds the private keys | The platform | You |
| Asset ownership | Indirect (depends on platform's solvency) | Direct and complete |
| Convenience | High, smooth trading | Medium, requires self-management |
| Account recovery | Via customer support/verification | Only the recovery phrase—no one can rescue you |
| Core risks | Absconding, theft, freezes | Lost private key, mistakes, phishing |
| Responsible party | Platform + you | Entirely you |
| Best for | Frequent trading, small turnover | Long-term holding, large storage |
4. How to Weigh It: Not an Either/Or Choice
The mature approach isn't to go to the extreme of "all on the exchange" or "all self-custodied," but to allocate by purpose:
- Keep trading funds on the exchange: Hold only the portion you'll trade and turn over soon, minimizing your platform risk exposure.
- Self-custody long-term assets: For large holdings you plan to keep long-term and won't touch, withdraw them to your own cold wallet for offline storage.
- Spread across platforms: If you must keep a larger amount on exchanges, spread it across multiple compliant, reputable platforms to avoid a single point of failure.
- Act within your ability: The prerequisite for self-custody is that you are capable of securely backing up your recovery phrase. If you can't even manage the recovery phrase, blindly self-custodying is actually more dangerous.
5. Recommended Approaches for Different Audiences
- Complete beginners: Start with small amounts on a compliant exchange. When the amount is very small and you're not yet familiar with operations, the convenience and recoverability of custody are friendlier. Read the Beginner's Roadmap at the same time to progress step by step.
- Intermediate holders: Build a three-tier structure of "small amounts on the exchange + a personal hot wallet for daily use + a cold wallet for large amounts," storing funds in tiers by amount.
- Long-term large holders: Firmly self-custody your core assets, use a hardware wallet, and make multiple dispersed offline recovery phrase backups to isolate platform risk to the greatest extent.
Whichever path you choose, the security bottom line is the same: understand which type of risk you're taking on, and be prepared for it.
FAQ
What does "Not your keys, not your coins" mean?
It means: if the private keys aren't in your hands (for example, coins kept on an exchange), you don't have final control over the assets—once the platform runs into trouble, you may be unable to retrieve your funds. Only by holding the private keys yourself do you truly "own" the coins.
If an exchange is hacked, can I get my coins back?
Not necessarily. Some platforms set up a compensation fund or insurance and may partially reimburse users; but other platforms collapse and leave users with total losses. Whether you can recover funds depends on the platform's solvency and compliance—there is no guarantee, which is exactly why dispersion and self-custody matter.
Is self-custody necessarily safer than an exchange?
Not necessarily. Self-custody shifts the risk from "the platform failing" to "you yourself failing." If you don't know how to securely back up a recovery phrase and easily click into phishing links, self-custody can actually be more dangerous. Whether it's safe depends on your operational habits, not simply the form of custody.
Risk note: This article is for educational purposes only, does not constitute investment advice, and does not recommend any specific exchange or wallet product. Digital asset prices are highly volatile, and both keeping coins on an exchange and self-custody carry risks that cannot be ignored. Choose based on your own amounts, experience, and security ability, safeguard your private keys and recovery phrase carefully, and make your own judgment at your own risk.
This article was written by Lin An (Digital Asset Security Analyst) for LinkUp Crypto. It is for education and reference only and does not constitute investment, financial, or legal advice. Digital-asset prices are highly volatile and investing carries risk — participate responsibly and follow local laws.