Harness Engineering: Why “Done” Isn’t the Agent Saying So
Douglas da Silva | May 27, 2026
Summary
- Crypto wallets fall into two main categories: custodial wallets, where a third party manages private keys for easier onboarding and compliance, and non-custodial wallets, where users retain full control of their keys for greater security and privacy.
- Custodial wallets suit startups, fintech platforms, and regulated institutions prioritizing compliance and ease of use, while non-custodial wallets fit blockchain-native apps, DeFi platforms, and businesses requiring full asset control and decentralization.
- Each model carries distinct risks: custodial wallets face centralized security breaches (e.g., Mt.
- Gox, Bitfinex, Coincheck) and strict KYC/AML obligations, while non-custodial wallets pose challenges around key storage, recovery, and evolving regulatory scrutiny.
Cryptocurrency wallets are foundational tools in the growing world of digital finance. Choosing the right wallet model — custodial or non-custodial — is crucial for businesses planning to integrate crypto transactions or launch blockchain-based solutions.
Each has distinct implications for security, regulatory compliance, user experience, and control over digital assets.
In this guide, we’ll explore the differences, highlight each type of wallet’s advantages and risks, share relevant industry trends, and look at real-world examples to help businesses like yours decide on the best type of wallet to develop.
What is a crypto wallet, and how does it work?
A crypto wallet is a digital tool that stores your private and public keys, enabling you to send, receive, and manage cryptocurrencies on blockchain networks.
While it doesn’t hold crypto directly, it reflects your balance and activity, much like a bank account.
There are two primary wallet categories: custodial wallets and non-custodial wallets.
What is a custodial wallet?
A custodial wallet is one where a third party, an exchange, a financial institution, a fintech platform, holds the private keys on the user’s behalf. The user holds a balance and the custodian controls the keys.
The analogy is a bank account. You trust the institution to hold your funds and honor your withdrawal requests.
Benefits and limitations of custodial wallets
| Advantages | Challenges |
|---|---|
| No key management responsibility for the user Account recovery is possible through standard KYC processes Integrated with trading, staking, and fiat on/off-ramp features Regulatory oversight provides a baseline of consumer protection | Users don’t directly control their private keys. Platform insolvency or a security breach can result in loss of funds Centralized security risks are vulnerable to breaches (e.g., Mt. Gox, Bitfinex hacks). Potential downtime and limited access during service outages. |
The ideal use cases for custodial wallets
Custodial wallets are ideal for startups, fintech platforms, and regulated institutions that prioritize convenience, compliance, and streamlined user experiences.
Best examples of custodial wallets:
Read more: Scaling a Crypto Wallet: 30% Growth with Backend and UX/UI Enhancements
What is a non-custodial wallet?
A non-custodial wallet, also known as a self-custodial wallet, gives users full control over their private keys, eliminating reliance on third-party providers.
The keys are stored securely on the user’s own device, ensuring true ownership of digital assets.
Pros and cons of self-custodial wallets
| Benefits | Challenges |
|---|---|
| Full sovereignty over assets No counterparty risk No platform dependency Compatible with DeFi protocols, cross-chain bridges, and on-chain applications that require direct wallet control | Private key loss means permanent, unrecoverable loss of funds No customer support, no account recovery Higher technical responsibility — seed phrase management is the user’s problem More complex UX, particularly for users new to crypto |
Who should choose non-custodial wallets?
Non-custodial wallets are ideal for blockchain-based apps, decentralized finance (DeFi) platforms, and fintech startups seeking to offer self-custody and true financial autonomy.
Best examples of non-custodial wallets
Read more: Building a Global Non-Custodial Wallet on Stellar for Cross-Border Payments
Custodial and non-custodial wallets: key comparison
Here’s a quick cheat sheet to help you tell the difference between custodian and non-custodial wallets.
| Feature | Custodial wallet | Non-custodial wallet |
|---|---|---|
| Private key control | Third party or user | User-controlled |
| Security risk | Risk of hacking, but recoverable | Higher security, but loss of keys is irreversible |
| User experience | Beginner-friendly | Managing private keys may be challenging for non-technical users |
| Privacy | Subject to tracking and regulations | Anonymous transactions possible |
| DeFi & Web3 access | Compatible, depending on the features of the wallet | Compatible, depending on the features of the wallet |
How to choose your crypto wallet strategy
Choosing between a custodial and a non-custodial wallet depends on your business model and technical priorities.
The table below helps startups, fintech platforms, blockchain-native apps, and enterprises evaluate whether custodial or non-custodial wallets are the better fit, based on compliance, scalability, asset control, and blockchain interoperability.
| Startups & fintech platforms | Blockchain-native & DeFi platforms | Enterprises & global payment providers |
|---|---|---|
| Choose custodial wallets if your business prioritizes compliance, ease of integration, and scalability for regulated markets. | Opt for non-custodial wallets if your solution demands full asset control, decentralization, and direct blockchain interoperability. | Consider adopting innovative non-custodial models (like MoneyGram’s solution) that blend self-custody security with traditional financial usability and compliance measures. |
Security and regulatory factors of crypto wallets
If you’re considering building a crypto wallet, it’s essential to look beyond core features and consider both security and regulatory compliance.
The requirements differ significantly between custodial and non-custodial models, each carrying distinct risks and responsibilities. Overlooking these factors can lead to security breaches or compliance violations.
In the sections below, we break down the most common risks associated with each type of wallet and explore strategies to mitigate them effectively.
Custodial wallet vulnerabilities
Custodial wallets have been frequent targets of cyberattacks because they store private keys centrally. This centralized model has led to some of the most high-profile security breaches in crypto history.
Below are key incidents that highlight the inherent risks of custodial wallet solutions.
- Mt. Gox (2014): $450M Bitcoin loss.
- Bitfinex (2016): Around 120,000 BTC (~$72M) stolen.
- Coincheck (2018): $530M compromised due to hot wallet vulnerabilities
How to protect custodial wallets from security risks
- Multi-signature authentication: Prevents single points of failure by requiring multiple approvals for transactions.
- Cold storage protocols: Keep most funds offline to minimize exposure to online threats and hacking.
- AI-powered fraud detection: Leverages machine learning to identify suspicious behavior and flag anomalies in real time.
- Security certifications: Achieving certifications like SOC 2 or ISO 27001 helps validate the organization’s commitment to data protection and security standards.
Top challenges of using non-custodial wallets
Non-custodial wallets offer stronger asset control and security, but they also come with technical and usability challenges. From key management to onboarding complexity, here are the key trade-offs to consider.
Key storage and recovery
With non-custodial wallets, users maintain control of their keys, providing better security and control. However, that also leaves users open to potentially irreversible losses if those keys are lost or compromised.
How to secure private key handling
- Safe storage of private keys: On-device key storage solutions like Apple Keychain (iOS) or Android Keystore allow keys to be encrypted and stored in secure system-level modules, reducing attack surfaces.
- Key recovery mechanisms: Modern approaches like Stellar’s SEP-30 offer simplified flows and can enhance usability.
Evolving regulatory landscape
As global regulators tighten oversight, both custodial and non-custodial wallets face increasing scrutiny, but the impact varies based on how the wallet is structured.
Custodial wallet regulation
Custodial wallets, in particular, are often classified as Money Services Businesses (MSBs) under U.S. law.
This classification requires registration with the Financial Crimes Enforcement Network (FinCEN) and adherence to strict compliance protocols.
Key compliance requirements for custodial wallets
- Know Your Customer (KYC): Verifying user identities to prevent fraud and illicit activity.
- Anti-Money Laundering (AML) controls: Monitoring transactions and reporting suspicious activity.
- Data protection regulations: Ensuring secure storage and handling of user information, like Suspicious Activity Reports (SARs) and Currency Transaction Reports (CTRs).
- Licensing and reporting obligations: Meeting state-level and federal regulatory standards.
Non-custodial wallets regulation
Meanwhile, non-custodial wallets generally fall outside FinCEN’s MSB designation, as they don’t hold or transmit user funds.
However, this could change as regulators increasingly examine decentralized technologies that still offer UI layers or added services.
Key regulatory developments to monitor
To stay compliant as the landscape shifts, businesses operating or developing wallet solutions should actively track:
- Any proposed legislation targeting self-hosted wallets and peer-to-peer transactions.
- Discussions around applying the Bank Secrecy Act (BSA) to developers or front-end providers.
- Evolving IRS guidance on wallet-related tax reporting, especially where staking or DeFi is involved.
- Data privacy obligations, especially when collecting metadata or user behavior data, even if not personally identifiable.
Case Study: How MoneyGram built a scalable and compliant non-custodial wallet
A standout example of successfully navigating the technical and regulatory challenges of non-custodial wallets is MoneyGram’s non-custodial wallet, designed and developed by Cheesecake Labs.
Built on the Stellar Network, the solution delivers enterprise-grade security, decentralization, and user-centric features that make non-custodial wallets truly accessible.
- SEP-30 Integration: Enables seamless key recovery without seed phrases, improving user experience without compromising self-custody.
- USDC stablecoin integration: Ensures stable, low-cost transactions across borders using a trusted stablecoin.
- Global cash-out capabilities: Empowers users to convert USDC to physical cash at MoneyGram locations worldwide.
- Scalable and compliant architecture: Balances decentralization with robust compliance and performance standards, making it enterprise-ready.
MoneyGram’s success proves that non-custodial wallets can be secure, scalable, and compliant, unlocking new opportunities for financial innovation on a global scale.
Emerging trends shaping crypto wallets
As blockchain adoption grows, wallet technology is quickly evolving. Businesses developing wallets today need to anticipate tomorrow’s user expectations and regulatory realities.
Here are some of the biggest trends shaping the next generations of crypto wallets:
Institutional custody
Traditional finance companies like Visa and PayPal are investing in enterprise-grade custodial solutions tailored towards banks, hedge funds, and payment providers.
These solutions prioritize compliance, insurance, and integration with existing financial systems.
AI-driven security
Machine learning is enhancing fraud detection and threat monitoring in both wallet types.
Advanced systems now monitor for unusual login patterns, transaction behaviors, and bot activity — all in real time.
Biometric and passkey access
Wallets are moving toward passwordless authentication via device biometrics, facial recognition, or passkeys — improving security and simplifying access for mainstream users.
Deeper DeFi integration
Seamless decentralized finance (DeFi) access is becoming a key differentiator in wallet UX. Non-custodial wallets now offer direct access to DeFi features like:
- Token swaps
- Staking and yield farming
- Lending protocols
Read more: Building the First Open-Source Smart Contract Wallet on Stellar Network
Developing a crypto wallet for your business
The choice between custodial and non-custodial wallets depends on your business model, regulatory context, and user expectations.
As the industry evolves, innovative solutions, such as enhanced recovery mechanisms, AI-powered security, and seamless DeFi integrations, will continue shaping the market. If your company is ready to build a scalable and secure crypto wallet solution, Cheesecake Labs can help.
With proven experience in blockchain development services, our team specializes in crafting custom solutions tailored specifically to your business goals. Talk to our blockchain team about which custody model fits your product.
FAQ
What is a crypto wallet and how does it work?
A crypto wallet is a digital tool that stores your private and public keys, enabling you to send, receive, and manage cryptocurrencies on blockchain networks. While it doesn't hold crypto directly, it reflects your balance and activity, much like a bank account. The two primary wallet categories are custodial wallets and non-custodial wallets.
What is the difference between custodial and non-custodial wallets?
In a custodial wallet, a user or a third party (typically an exchange or regulated financial institution) manages and stores private keys on behalf of the user, simplifying access and recovery but shifting control away from the user. A non-custodial wallet gives users full control over their private keys, with keys stored securely on the user's own device, ensuring true ownership of digital assets.
What are the advantages and challenges of custodial wallets?
Advantages include user-friendly onboarding, integrated services like trading and fiat conversion, and easier regulatory compliance with KYC/AML. Challenges include users not directly controlling their private keys, centralized security risks vulnerable to breaches (such as Mt. Gox and Bitfinex hacks), and potential downtime or limited access during service outages.
Who should choose non-custodial wallets?
Non-custodial wallets are ideal for blockchain-based apps, decentralized finance (DeFi) platforms, and fintech startups seeking to offer self-custody and true financial autonomy. Examples include MetaMask, Trust Wallet, MoneyGram Wallet, Vesseo, and Freighter.
How did MoneyGram build a scalable and compliant non-custodial wallet?
MoneyGram's non-custodial wallet, built on the Stellar Network, includes SEP-30 integration for seamless key recovery without seed phrases, USDC stablecoin integration for stable low-cost cross-border transactions, global cash-out capabilities to convert USDC to physical cash at MoneyGram locations, and a scalable, compliant architecture balancing decentralization with compliance and performance standards.
About the author.
