In 2022, actor Seth Green lost four valuable NFTs—including a Bored Ape he'd licensed for a TV show—to a phishing scam. Someone tricked him into signing a malicious transaction. The assets were gone in seconds.
When authorities investigate crypto theft, they often find recovery phrases stored in iCloud, Google Drive, or screenshot folders. Easy to find. Easy to steal.
Self-custody gives you complete control over your assets. It also gives you complete responsibility for protecting them. There's no bank to call, no fraud department to file a claim with, no reversing transactions.
This is Part 1: how the technical pieces fit together. Part 2 covers security practices and the broader implications.
Every self-custody wallet involves three related pieces of information. Understanding how they connect is the foundation of everything else.
Your public key is like an email address—safe to share, used to receive funds. It looks like this:
0x47bb4cCA98FC49B971d86c5t26562c86E6284CeD
Long and ugly, but modern wallets offer address books and human-readable names (ENS domains like yourname.eth) to make this manageable.
Double-check addresses before sending. Transactions to wrong addresses are usually irreversible. There's no "undo."
Your private key proves you own the address. It authorizes every transaction. It looks like this:
E9883D79C6D87DC0FB6A5778633389F4253213303DA61F20BD47FC233AA332623
You rarely interact with private keys directly—wallets handle this in the background. But conceptually, every time you approve a transaction, your private key is signing it.
Never share your private key. Anyone who has it controls your wallet.
The mnemonic (also called seed phrase or recovery phrase) is typically 12-24 common English words:
dog house safe board room chair table desk computer space flower rain
This phrase generates all your private keys. It's the master backup that can restore your entire wallet on any device.
This is the most important thing you will ever protect in crypto.
The mnemonic can regenerate all your private keys and addresses, restore access if you lose your device, and give anyone who obtains it complete control of everything you own. Write it down. Store it securely. Never type it into a website. Never store it digitally.
The relationship flows one direction: mnemonic phrase generates private keys, private keys generate public keys.
From one mnemonic, a wallet can generate unlimited private keys. From each private key, one public key is derived. The math only works forward—you can't reverse-engineer a mnemonic from a public key.
What this means in practice: sharing your public key is safe. Exposing your private key compromises one account. Exposing your mnemonic compromises everything.
Self-custody eliminates intermediaries. No bank decides whether to process your transaction. No exchange can freeze your account. No institution can fail and take your funds with it.
In 2024, migrant workers paid approximately $44 billion in fees to send $685 billion home—6.49% average, equivalent to 24 days of annual income.1 Self-custody enables direct transfers for a fraction of that. Anyone with internet can create a wallet. No credit checks, no applications, no geographic restrictions. The blockchain doesn't know or care who you are. Your assets are controlled by math, not policy. No committee votes on whether to honor your balance.
But these benefits come with responsibility. There's no customer support. No fraud protection. No recovery if you lose your keys.
The rules are simple. Following them is harder than it sounds.
For your mnemonic phrase: write it on paper or etch it in metal—never store it digitally. Keep it somewhere secure and private. Consider multiple copies in different locations. Never enter it on any website; legitimate services never ask for it. Never share it with anyone. There are no exceptions. Be paranoid about phishing. Scammers impersonate support staff, create fake apps, and build convincing websites.
The Seth Green situation happened because he signed a malicious transaction—not because he gave away his mnemonic. Even careful people make mistakes when the interface is deceptive.
Self-custody security isn't just about protecting your phrase. It's about verifying every transaction, being skeptical of every request, and assuming that anything asking for sensitive information is a scam until proven otherwise.
This probably sounds complicated. It is—at first.
The early internet required understanding IP addresses, dial-up connections, and arcane error messages. Now your grandmother uses FaceTime. Technology gets easier as interfaces improve.
Self-custody is on the same trajectory. Hardware wallets are getting simpler. Social recovery systems are emerging. Account abstraction promises better UX without sacrificing control.
But today, self-custody still requires understanding these fundamentals. The technology will get easier. The principles won't change.
Part 2 covers operational security—how to structure your wallets, protect against common attacks, and think about the tradeoff between convenience and safety.
World Bank "Remittance Prices Worldwide" Q4 2024 and KNOMAD (Global Knowledge Partnership on Migration and Development). Fees have declined from 7.45% in 2017 to 6.49% in 2024, but total remittance volume has grown 47%, meaning absolute fee extraction has increased. ↩
The keys that control everything
In 2022, actor Seth Green lost four valuable NFTs—including a Bored Ape he'd licensed for a TV show—to a phishing scam. Someone tricked him into signing a malicious transaction. The assets were gone in seconds.
When authorities investigate crypto theft, they often find recovery phrases stored in iCloud, Google Drive, or screenshot folders. Easy to find. Easy to steal.
Self-custody gives you complete control over your assets. It also gives you complete responsibility for protecting them. There's no bank to call, no fraud department to file a claim with, no reversing transactions.
This is Part 1: how the technical pieces fit together. Part 2 covers security practices and the broader implications.
Every self-custody wallet involves three related pieces of information. Understanding how they connect is the foundation of everything else.
Your public key is like an email address—safe to share, used to receive funds. It looks like this:
0x47bb4cCA98FC49B971d86c5t26562c86E6284CeD
Long and ugly, but modern wallets offer address books and human-readable names (ENS domains like yourname.eth) to make this manageable.
Double-check addresses before sending. Transactions to wrong addresses are usually irreversible. There's no "undo."
Your private key proves you own the address. It authorizes every transaction. It looks like this:
E9883D79C6D87DC0FB6A5778633389F4253213303DA61F20BD47FC233AA332623
You rarely interact with private keys directly—wallets handle this in the background. But conceptually, every time you approve a transaction, your private key is signing it.
Never share your private key. Anyone who has it controls your wallet.
The mnemonic (also called seed phrase or recovery phrase) is typically 12-24 common English words:
dog house safe board room chair table desk computer space flower rain
This phrase generates all your private keys. It's the master backup that can restore your entire wallet on any device.
This is the most important thing you will ever protect in crypto.
The mnemonic can regenerate all your private keys and addresses, restore access if you lose your device, and give anyone who obtains it complete control of everything you own. Write it down. Store it securely. Never type it into a website. Never store it digitally.
The relationship flows one direction: mnemonic phrase generates private keys, private keys generate public keys.
From one mnemonic, a wallet can generate unlimited private keys. From each private key, one public key is derived. The math only works forward—you can't reverse-engineer a mnemonic from a public key.
What this means in practice: sharing your public key is safe. Exposing your private key compromises one account. Exposing your mnemonic compromises everything.
Self-custody eliminates intermediaries. No bank decides whether to process your transaction. No exchange can freeze your account. No institution can fail and take your funds with it.
In 2024, migrant workers paid approximately $44 billion in fees to send $685 billion home—6.49% average, equivalent to 24 days of annual income.1 Self-custody enables direct transfers for a fraction of that. Anyone with internet can create a wallet. No credit checks, no applications, no geographic restrictions. The blockchain doesn't know or care who you are. Your assets are controlled by math, not policy. No committee votes on whether to honor your balance.
But these benefits come with responsibility. There's no customer support. No fraud protection. No recovery if you lose your keys.
The rules are simple. Following them is harder than it sounds.
For your mnemonic phrase: write it on paper or etch it in metal—never store it digitally. Keep it somewhere secure and private. Consider multiple copies in different locations. Never enter it on any website; legitimate services never ask for it. Never share it with anyone. There are no exceptions. Be paranoid about phishing. Scammers impersonate support staff, create fake apps, and build convincing websites.
The Seth Green situation happened because he signed a malicious transaction—not because he gave away his mnemonic. Even careful people make mistakes when the interface is deceptive.
Self-custody security isn't just about protecting your phrase. It's about verifying every transaction, being skeptical of every request, and assuming that anything asking for sensitive information is a scam until proven otherwise.
This probably sounds complicated. It is—at first.
The early internet required understanding IP addresses, dial-up connections, and arcane error messages. Now your grandmother uses FaceTime. Technology gets easier as interfaces improve.
Self-custody is on the same trajectory. Hardware wallets are getting simpler. Social recovery systems are emerging. Account abstraction promises better UX without sacrificing control.
But today, self-custody still requires understanding these fundamentals. The technology will get easier. The principles won't change.
Part 2 covers operational security—how to structure your wallets, protect against common attacks, and think about the tradeoff between convenience and safety.
World Bank "Remittance Prices Worldwide" Q4 2024 and KNOMAD (Global Knowledge Partnership on Migration and Development). Fees have declined from 7.45% in 2017 to 6.49% in 2024, but total remittance volume has grown 47%, meaning absolute fee extraction has increased. ↩