Episode 8 · 19 min
Wallets, Private Keys, and Digital Custody
November 6, 2025 · Douglas Borthwick, Ali Davoudi & Phil Larmon
Demystifying Digital Wallets and Key Management
In this episode of Old Men New Money, Douglas Borthwick addresses the fears traditional investors have about digital securities, specifically focusing on private keys and digital wallets. He explains the importance of digital wallets, how custody works, and why security tokens offer safety advantages over pure cryptocurrencies. Douglas clarifies key concepts such as hot and cold wallets, seed phrases, and multisignature wallets, providing insights on the security and practicality of each option. He also discusses the regulatory landscape for digital asset custody, the role of custodians, and the future developments in the field. Key takeaways include understanding the critical nature of seed phrases, practicing wallet setup, and considering custodial versus non-custodial solutions.
00:00 Introduction to Digital Securities
00:51 Understanding Digital Wallets
03:21 Hot Wallets vs Cold Wallets
05:47 The Importance of Seed Phrases
07:00 Custodial vs Non-Custodial Wallets
09:31 Multisig Wallets for Institutional Custody
10:25 Common Mistakes and Best Practices
11:32 Popular Wallet Options
12:45 Regulatory Perspective on Custody
14:53 Future of Digital Custody
16:04 Practical Steps for Secure Custody
16:58 Conclusion and Next Steps
Transcript
Welcome back to Old Men, New Money. I'm Douglas Borthwick, and today we're tackling something that terrifies traditional investors more than anything else about digital securities, private keys and digital wallets. This is the biggest barrier to adoption I've seen. I can't tell you how many sophisticated investors, people who manage millions or billions in traditional portfolios, freeze up when I mention self-custody and private keys. But here's the thing, it's not as scary as it sounds. And for security tokens specifically, there are protections that don't exist with pure cryptocurrencies.
So today we're going to demystify digital wallets, explain how custody works and show you why security tokens are actually safer than most people think. Here's your 30 second version. A digital wallet is software that stores your private keys, which are secret codes that control your blockchain assets, lose your private keys and you lose access to your assets. With cryptocurrencies like Bitcoin, that's permanent. But with security tokens, because there's a transfer agent who knows your identity, the issuer can freeze old tokens and reissue new ones to your new wallet address. You get blockchain benefits with investor protections.
Custodial solutions exist where third parties hold keys for you, which is what institutional investors require. We're at this point where digital securities are ready for mainstream adoption, but the custody question holds people back. At INEX when we raised our $85 million from over 7,000 investors, the number one question wasn't about returns or risks, it was how do I safely hold these tokens? Traditional investors are used to custody being invisible. Your stocks sit at your broker, your bonds sit at your bank. You log in, you see your holdings, you never think about custody.
But with digital security, suddenly custody is your responsibility. Unless you choose a custodial solution and that freaks people out. Once you understand how it works, it's not that complicated. And the benefits, instant settlement, true ownership, programmability, they make the learning curve worth it. Let me explain what a digital wallet actually is because the name is misleading. A wallet doesn't store your tokens or coins. Your assets live on the blockchain. The wallet stores your private keys, which are the secret codes that prove you own those assets and allow you to transfer them. Think of it like this.
The blockchain is a giant public ledger that says address ABC owns 10,000 tokens. Your wallet holds a private key that corresponds to address ABC. When you want to send those tokens, your wallet uses the private key to create a digital signature proving you control that address. No private key, no signature, no signature, no transfer. The tokens are still on the blockchain, but you can't access them. So when people say not your keys, not your coins, they mean if you don't control the private key, you don't truly own the assets someone else does. And there are two fundamental types of wallets and understanding the difference is critical.
Hot wallets are connected to the internet. These are apps on your phone or extensions in your browser. MetaMask, Phantom, Coinbase wallet. These are hot wallets. They're convenient. You can transact quickly, but they're vulnerable to hacking because they're online. Cold wallets are offline hardware devices, ledger, treasure. These are cold wallets. Your private keys never touch the internet. To sign a transaction, you physically connect the device, approve the transaction, then disconnect. Much more secure, but less convenient. For small amounts that you transact with frequently, hot wallets are fine.
They're great, but for large amounts, you're holding long-term. Cold wallets are essential at INX. We recommended investors use hardware wallets for significant holdings and only keep small amounts in hot wallets for trading. Let me explain the cryptography briefly because it helps you understand the security model. When you create a wallet, it generates a private key. This is a huge random number. It's so large that the chances of anyone else generating the same private key are astronomically small. Like winning the lottery every day for a million years. From that private key, the wallet mathematically derives a public key.
Then from the public key, it derives your wallet address. This is one-way mathematics. You can go from private key to public key to address, but you can't reverse it. Knowing someone's address doesn't let you figure out their private key. When you send tokens, your wallet uses your private key to create a digital signature. This signature proves you control the private key associated with the sending address, but it doesn't reveal the private key itself. Anyone can verify the signature is valid using your public key, but they can't use that signature to forge future signatures.
This is public key cryptography, and it's the same math that secures online banking. Encrypted email and secure websites, it's battle tested and secure. The vulnerability isn't the math. It's that if someone gets your private key, they have full control. There's no reset password button, no customer service to call. And that's why custody is so critical. Now let me explain seed phrases because this is how you back up a wallet. When you create a wallet, it generates a seed phrase. This is usually 12 or 24 random words. Purple, elephant, justice, mountain, completely random.
This seed phrase is a human readable representation of your private key. If you lose your device or your wallet software gets corrupted, you can use the seed phrase to recover your wallet and regain access to your assets. But here's the catch. Anyone who has your seed phrase has your private key. Anyone who has your private key controls your assets. So your seed phrase is the most important thing to protect, write it down on paper, store it in a safe, never take a photo of it. Never store it digitally where it could be hacked. Never ever share it with anyone. And at INEX, we saw investors make this mistake.
They store their seed phrase in a phone note or email it to themselves for safekeeping, then their phone or email gets compromised and they lose everything. Treat your seed phrase like cash, physical storage in a secure location. Now let's talk about the big decision. Custodial versus non-custodial wallets. Non-custodial means you control the private keys. You have full responsibility, maximum control, maximum risk. If you lose your keys or seed phrase, your assets are gone forever. If you get hacked, there's no recourse. Custodial means a third party holds your keys for you. Like a bank holds your dollars.
You log in with a username and password. They handle the key management. Less control, less risk. If you forget your password, they can reset it. If they get hacked, often there's insurance. For retail investors, custodial solutions make sense for convenience and security. Coinbase, Gemini, Kraken, these offer custodial wallets. You trade convenience for trust in the custodian. For institutional investors, regulated custodians are required. Anchorage Digital, Coinbase, Cassidy, BitGo, these provide institutional grade security, insurance, and compliance. For security tokens specifically, there's a third option.
Because there's a transfer agent maintaining legal ownership records, if you lose your keys, the issuer can freeze the old tokens and reissue new ones to a new wallet address. This is a huge advantage over pure cryptocurrencies where lost keys mean permanent loss. Let me emphasize this because it's critical. Security tokens are different from cryptocurrencies when it comes to key management. If you lose your Bitcoin private keys, that Bitcoin has gone forever. No one can help you. The Bitcoin protocol has no concept of identity or recovery. If you lose your private keys to your security tokens, the transfer agent knows your identity.
They maintain illegal ownership records that exist separately from the blockchain. The issuer can freeze the old tokens on chain, issue new tokens to a new address you control and update the legal records. This is one of the biggest advantages of security tokens that people don't talk about enough. You get the benefits of blockchain, instant settlement, transparency, programmability, with the protections of traditional securities. And at INEX, we built this into our infrastructure. If an investor lost access to their wallet, we had a process for verifying identity and reissuing tokens.
This gave investors confidence that a single mistake wouldn't cost them their investment. Now let me explain multi-sig wallets because these are important for institutional custody. A multi-signature wallet requires multiple private keys to authorize a transaction. You might set it up so two out of three designated keys must sign, or three out of five, whatever makes sense for your security model. This prevents single points of failure. If one key is compromised, assets are still safe. If one key is lost, the others can still authorize transactions. For corporate treasuries or high value accounts, multi-sig is essential.
At INEX, we use multi-sig wallets for company funds. No single person could move assets. We needed multiple executives to approve. Many institutional custodians use multi-sig as part of their security model, Anchorage, BitGo, they structure custody so that multiple keys held by different parties must approve before assets move. Let's talk about the most common mistakes I've seen because I want you to avoid them. Writing seed phrases digitally, taking a photo, saving in a note, storing in cloud storage, all terrible ideas. If it's digital, it can be hacked. Paper in a safe is using the same wallet for everything.
Small trades, large holdings, all in one wallet. This creates unnecessary risk. Use a hot wallet for small amounts, cold wallet for large holdings. Not testing recovery? Creating a wallet, writing down seed phrase, never verifying it works. Then when you need it, you discover you wrote it wrong. Test your seed phrase recovery on a new device before storing significant assets, sharing access, giving your seed phrase to a family or business partners for safekeeping. If they're compromised, you're compromised. Use multi-sig instead. Trust in custodians without research. Not all custodians are created equal.
Some have been hacked, some aren't properly insured. Do your due diligence. Let me walk through the main wallet options because this is overwhelming for newcomers. MetaMask is the most popular wallet for Ethereum and EVM compatible chains. Browser extension and mobile app, easy to use, supports most tokens. At iNEX, many of our investors use MetaMask. Phantom is a leading wallet for Solana. Clean interface, great user experience. If you're dealing with Solana based securities, you'll probably use Phantom.
Ledger is the most popular hardware wallet, supports multiple blockchains, physical device about the size of a USB drive, essential for large holdings. I personally use Ledger for any kind of significant assets. Trezor is another hardware wallet with similar capabilities to Ledger. Some people prefer it for its open source approach. Coinbase wallet is non-custodial, but from a trusted brand. A good middle ground for people new to self-custody. Institutional custodians like Anchorage, BitGoing, Coinbase, custody provide custom solutions for large investors. There's no single right answer.
It depends on your technical sophistication, the amount you're holding and your risk tolerance. Now, let me talk about custody from a regulatory perspective, because this matters. In traditional finance, custody is heavily regulated. Broker dealers, banks, trust companies, they're required to segregate client attention is built into the system. In crypto, custody regulation is evolving. The SEC has said that broker dealers handling digital securities must use qualified custodians, but what qualifies a custodian for digital assets? That's still being worked on.
Some states have created special purpose trust charters for digital asset custodians. Wyoming, South Dakota, they've been proactive. Companies like Anchorage got federal bank charters specifically for digital asset custody. For security tokens specifically, the transfer agent maintains legal ownership records. This provides an additional layer of protection beyond just the blockchain custody. And at INEX, we integrated with qualified custodians and maintained transfer agent records. This dual layer of protection gave institutional investors the confidence to participate.
Now let's talk about insurance because this is what makes institutional investors comfortable. Traditional custody includes SIPC insurance. If your broker goes bankrupt, you're protected up to $500,000. If your bank fails, the FDIC covers up to $250,000. Digital asset custody has different insurance landscape. Some custodians have insurance. Coinbase custody has crime insurance covering losses from theft. Anchorage has insurance for assets under custody, but coverage varies widely. For security tokens, because there's a transfer agent maintaining legal records, you have additional recourse if something goes wrong.
The legal ownership exists separately from the blockchain custody. And this is another advantage over pure cryptocurrencies. If a Bitcoin custodian loses your keys, you might have insurance claims, but the Bitcoin itself has gone forever. If a security token custodian loses your keys, the issuer can freeze and reissue tokens based on transfer agent records. Let me share where I think custody is heading because this affects how you should think about it. Account abstraction is coming. This is technology that makes blockchain wallets work more like traditional accounts. Social recovery where trusted contacts can help you recover access.
Spending limits, multi-factor authentication, all the security features you expect from online banking. Biometric security will integrate with wallets. Your fingerprint or face ID becomes part of authentication. This makes custody both more secure and more convenient. Institutional custody is maturing. As more custodians get proper licensing and insurance, traditional investors will become more comfortable. This removes a major adoption barrier. Security tokens will have built-in recovery mechanisms. Smart contracts that work with transfer agents to enable key recovery without sacrificing the benefits of blockchain.
This is already happening, but will become standard. The gap between traditional custody and digital custody is closing. Eventually, it'll feel as normal to hold digital securities as traditional securities. But what should you do right now? Set up a wallet and practice. Download Metamask or Phantom. Create a wallet. Write down your seed phrase on paper. Send yourself a small amount of crypto. Experience the process. Practice recovery. Use your seed phrase to recover your wallet on a different device. Verify it works. This builds confidence. Understand your custody options.
If you're investing in security tokens, learn what custodial and non-custodial options are available. Make an informed choice. Secure your seed phrase properly. Get a fireproof safe. Store your seed phrase on paper or metal, never digitally. If you have significant holdings, consider multi-sig. Research custodians if using custodial solutions. Check their regulatory status. Verify insurance coverage. Read reviews. This is your money. Do your homework. Look, I get it. Private keys and seed phrases feel foreign and scary to traditional investors. We're used to banks and brokers handling custody invisibly.
But the trade-off for taking custody responsibility is true ownership. At INEX, when investors held their own tokens, they truly owned their security. No intermediary could freeze access. No broker could use their shares for lending without permission. True ownership. And for security tokens specifically, the key recovery protections means you get the benefits of self-custody with safety nets that don't exist in pure cryptocurrencies. The learning curve is real, but manageable. Start small. Practice with amounts you can afford to lose, build confidence, and scale up. $284 billion in stablecoins. $30 billion in tokenized real-world assets.
Millions of people are already managing their own digital custody. You can too. This wraps up module two, Blockchain Basics for Finance Professionals. We've covered what blockchain is, Ethereum versus Solana, stablecoins, and custody. These are the technical foundations you need to understand digital securities. Next module, we're diving into corporate treasury strategies, micro strategies, Bitcoin playbook, Bitcoin's Ethereum approach, Sol strategy's validator infrastructure, the company's turning crypto holdings into shareholder value. I'm Douglas Sporthwick. This is Old Man New Money.
If these four episodes helped you understand blockchain technology, share them with someone who's trying to learn. Thank you.
New episodes return August 2026
Get the free weekly briefing and you'll know the moment we're back in the studio.