AMINA Bank: Crypto Wallet Safety 101: Factors to Consider when Choosing a Crypto Wallet 

Crypto’s aggregate market value now oscillates around $3 trillion. Yet, millions of prospective users still stall at the same chokepoints: pricey on-ramps, confusing wallet choices, and headline-grabbing hacks. So, which is the safest crypto wallet for you? There’s no one-size-fits-all answer. What works best depends entirely on your needs, risk appetite and how you plan to use your crypto.

In this edition of the Crypto Market Monitor, we walk our readers through a typical journey from that first fiat on-ramp to institutional-grade custody. We flag the most common pitfalls and the controls that neutralise them.

Onramping: The First Step

Currently, centralised exchanges (CEXes) remain the default gateway. This could primarily be because they mimic online banking user experience (UX): account-recovery links, customer support, instant liquidity, and regulatory supervision which ensures a certain level of legal protection towards users. Additionally, users can almost always access their account even if they lose their password. They can reset password or contact support if an issue persists. This convenience is extremely beneficial for first-time users entering unchartered territory.

However, fees on CEXes add up fast. At the time of writing, standard spot charges hover at 0.10% on Binance and between 0.40%-0.60% for entry-level volumes on Coinbase. Also, in this case, users may depend on a third entity for crypto custody services. Therefore, CEX costs sit atop the perennial counter-party caveat: not your keys, not your coins.

An important factor for users to watch is whether their CEX of choice is legally compliant in their jurisdiction, which should be the case as CEXes are under legal supervision. Nevertheless, it is advisable, in particular for first-time users, to do the corresponding due diligence.

Roughly after twelve months of intensive CEX use, first-time users will have explored virtually every retail-facing feature that a CEX offers (spot and margin trading, collateral-backed loans and staking programs). At this stage, two structural frictions become clear.

• First, asset coverage thins out beyond the top-tier coins, while headline trading commissions remain material: standard spot fees hover around 0.10% per side and fall to only (about) 0.075% when paid in the exchange’s native token.


• Second, operational risk increases. For instance, a June 2025 disclosure aggregated roughly 16 billion credentials from platforms such as Google, Apple and Meta into a single breach repository, illustrating how one compromised email address can cascade into unauthorised access to exchange accounts and the digital assets they secure. App-based two-factor authentication is therefore non-negotiable for CEX users.

Self-Custody: The Inevitable Next Step

When users’ goals expand beyond the best-known coins and they want to capture DeFi opportunities (or simply assume direct control of assets), the logical next step is a self-custody crypto wallet. These wallets come in two primary forms: Hot wallets which keep private keys on devices connected to the internet, for easy access, and cold wallets which store keys entirely offline for maximum security.

Hot Wallets

Hot wallets are software-based wallets (desktop, mobile or browser extension applications) that keep private keys online. They offer unmatched convenience (for users preferring self-custody). Their always-online design makes them the de-facto interface for DeFi, NFTs trading, and crypto-trading. However, it also widens the attack surface for malware, phishing, and DNS hijacks. Below we outline some risks and practical measures for protecting your crypto if you use any of the popular hot wallets.

Dedicated hardware: Use a separate phone or laptop exclusively for blockchain activity to avoid cross-contamination from everyday web browsing, email or downloads. Relentless software hygiene: Keep wallet extensions, browsers, operating systems and device firmware fully patched. Wallet updates often close critical security holes.

• Phishing and spoof sites: Verify every URL that you connect your wallet with, bookmark trusted domains, and reject unexpected pop-ups. Treat any link shared on social media or chat apps as suspicious until proven otherwise. Do not link your wallet with such links.


• Burner wallets for experimentation: Spin up temporary wallets for testnets, new NFT mints, airdrops or unaudited dApps to isolate your main holdings from contract exploits.

Securing your Private Key: Below are some best practices for users to safely secure private keys.
• Never store seed phrases or keys in any digital form (screenshots, cloud drives, email, messaging apps).


• Record the phrase offline, preferably in archival-grade ink on paper or stamped onto steel plates. (Users should even store copies in fire-resistant locations if possible.)
• For extra safety, users can split and store their secret key.

Cold Wallets

Cold-storage hardware wallets give users an extra layer of protection by ensuring that private keys are never exposed to an internet connection, thereby neutralising most phishing and malware vectors that plague hot wallets. A dedicated device not only generates the key pair but also signs transactions internally, meaning the secret data never leaves the unit. This offline architecture explains why cold wallets are widely regarded as the industry standard for long-term or high-value holdings.

The added security, however, comes with cost and operational discipline compared to hot wallets, which are free to use. There are some reliable cold wallet manufacturers in the market that the user can search for, perform due diligence, and upon that decide whether to engage or not.

A cautionary tale:

In February 2025, attackers extracted approximately $1.4 billion from Bybit after compromising a Safe-wallet developer’s laptop. The malware injected malicious code into the wallet’s user interface hosted on AWS, prompting authorised personnel from Bybit to sign rogue transactions. The underlying smart contract and multi-signature policy remained intact, yet the altered interface deceived approvers. The episode showed how supply-chain integrity and operational checks are also as important as the hardware itself.

Institution Grade Protection

Let’s now look at institutional-grade safeguards employed by regulated custodians and specialist banks. These are solutions designed to withstand both market volatility and sophisticated cyber-attacks. For balances large enough to warrant bank-level controls, custodians combine several technologies:

1. Multi-Party Computation (MPC) is a cryptographic protocol that splits a private key into independent shards, so no single party can reconstruct it.


2. Hardware Security Modules (HSMs) are tamper-resistant devices that generate and sign keys inside an encrypted enclave.


3. Multi-signature wallets require two or more approvals before funds move, reducing single-point failure risk.

Many regulated custodians also carry insurance for digital-asset holdings, offering a level of recourse that retail hardware cannot match.

Hardware wallets are an excellent midpoint between the convenience of online wallets and the comprehensive safeguards of a professional custodian. Users with modest, frequently accessed balances may continue to rely on hot wallets, whereas those holding significant sums or acting on behalf of an organisation should consider either a hardware wallet or an institutional MPC/HSM platform with insurance cover. The optimal choice hinges on the user’s risk appetite, the degree of usage for their holdings, and their level of wallet knowledge.

Smart Contract Wallets

This brings us to smart contract wallets. Smart contract wallets represent the next step in the evolution of self-custody. To provide an illustrative example of the previous statement, may be mentioned that this system sits as the basis of Ethereum’s account-abstraction roadmap.) Smart contract wallets are intended to replace the static, key-pair model of conventional wallets with programmable logic, allowing security rules to be hard-wired into the wallet contract itself.

Leading implementations include Argent and Safe. Each implementation stores assets under a contract that can enforce policies for the wallet. They help users manage risk and recover access without needing to memorise or store a seed phrase. For instance, users can set daily spend limits, so even if a wallet gets compromised, a hacker can’t drain it all at once. Then, there are Guardians: trusted friends, family members, or secondary devices that can help recover a wallet if users lose access.

Such controls address two persistent barriers to mainstream adoption: fear of irreversible loss and anxiety over single-point failures. The Ethereum Foundation and multiple grant rounds have therefore funded research and tooling to standardise account-abstraction techniques. In summary, smart-contract wallets offer a blend of security and convenience that conventional key-pair wallets struggle to match. Built-in recovery, programmable spend controls and policy-based approvals mean users can attain stronger protection with less operational overhead. For institutions and retail users alike, smart contract wallets may be considered an additional option for self-custody solutions.

The table below provides an illustrative overview - as of the day of publication of this article - of the key differences between the main custody options and shows how each one fits into an overall crypto-security plan.

Figure: Illustrative breakdown of custody options in crypto.



Source: AMINA Bank

Conclusion

Depending on the stage of a user’s journey in crypto and their assets, different custody solutions may offer more suitable storage. In general, cold wallets seem to be the best long-term solution. For beginners, the observed tendency indicates that they are mostly inclined for centralized exchanges mainly due to UX advantages and legal certainty in particular in terms of protection. For experienced users or users that consider an additional security level to protect their investments, the tendency is to rely on specialized licensed banks. In any case, assessing the different available custody solutions and performing adequate due diligence is advisable before committing.

Disclaimer - Research
This document has been prepared by AMINA Bank AG ("AMINA") in Switzerland. AMINA is a Swiss bank and securities dealer with its head office and legal domicile in Switzerland. It is authorized and regulated by the Swiss Financial Market Supervisory Authority (FINMA). This document is published solely for educational purposes; it is not an advertisement nor is it a solicitation or an offer to buy or sell any financial investment or to participate in any particular investment strategy. This document is for distribution only under such circumstances as may be permitted by applicable law. It is not directed to, or intended for distribution to or use by, any person or entity who is a citizen or resident of or located in any locality, state, country or other jurisdiction where such distribution, publication, availability or use would be contrary to law or regulation or would subject AMINA to any registration or licensing requirement within such jurisdiction. No representation or warranty, either express or implied, is provided in relation to the accuracy, completeness or reliability of the information contained in this document, except with respect to information concerning AMINA. The information is not intended to be a complete statement or summary of the financial investments, markets or developments referred to in the document. AMINA does not undertake to update or keep current the information. Any statements contained in this document attributed to a third party represent AMINA's interpretation of the data, information and/or opinions provided by that third party either publicly or through a subscription service, and such use and interpretation have not been reviewed by the third party. Any prices stated in this document are for information purposes only and do not represent valuations for individual investments. There is no representation that any transaction can or could have been affected at those prices, and any price(s) do not necessarily reflect AMINA’s internal books and records or theoretical model-based valuations and may be based on certain assumptions. Different assumptions by AMINA or any other source may yield substantially different results. Nothing in this document constitutes a representation that any investment strategy or investment is suitable or appropriate to an investor’s individual circumstances or otherwise constitutes a personal recommendation. Investments involve risks, and investors should exercise prudence and their own judgment in making their investment decisions. Financial investments described in the document may not be eligible for sale in all jurisdictions or to certain categories of investors. Certain services and products are subject to legal restrictions and cannot be offered on an unrestricted basis to certain investors. Recipients are therefore asked to consult the restrictions relating to investments, products or services for further information. Furthermore, recipients may consult their legal/tax advisors should they require any clarifications. At any time, investment decisions (including whether to buy, sell or hold investments) made by AMINA and its employees may differ from or be contrary to the opinions expressed in AMINA research publications. This document may not be reproduced, or copies circulated without prior authority of AMINA. Unless otherwise agreed in writing AMINA expressly prohibits the distribution and transfer of this document to third parties for any reason. AMINA accepts no liability whatsoever for any claims or lawsuits from any third parties arising from the use or distribution of this document. Research will initiate, update and cease coverage solely at the discretion of AMINA. The information contained in this document is based on numerous assumptions. Different assumptions could result in materially different results. AMINA may use research input provided by analysts employed by its affiliate B&B Analytics Private Limited, Mumbai. The analyst(s) responsible for the preparation of this document may interact with trading desk personnel, sales personnel and other parties for the purpose of gathering, applying and interpreting market information. The compensation of the analyst who prepared this document is determined exclusively by AMINA.