Mobile Wallet

Trust the best strategy in crypto bear market — Trust Wallet CEO

Cointelegraph sat down with Trust Wallet CEO Eowyn Chen to talk about how Web3 can become a better experience for everyone.

Bringing the global crypto and blockchain communities together in Istanbul, Turkey, the Binance Blockchain Week 2023 was a clear indicator that the Web3 ecosystem continues to grow regardless of price movements.

Despite being a Binance event, the conference housed several key players from the crypto industry.

Among them was Trust Wallet, a decentralized Web3 wallet provider acquired by Binance back in 2018. Since its acquisition, Trust Wallet has been widely seen as “the wallet arm of Binance.” This is why the Binance Blockchain Week visitors were caught off-guard when the crypto exchange announced its own Web3 wallet.

Trust Wallet CEO Eowyn Chen — a former vice president at Binance — clarified that “Binance focuses on the centralized, while Trust Wallet works toward the decentralized ecosystem,” adding that Trust Wallet has a neutrality that can serve and partner with anyone in the crypto industry.

“We think that keeping that independence and distance is the best way to keep the culture and the talents running for its own mission.”

Trust Wallet was born in 2017 during the initial coin offering craze due to the need for an accessible mobile wallet, Chen said.

Cointelegraph sat down with Trust Wallet CEO Eowyn Chen during Binance Blockchain Week Istanbul. Source: Cointelegraph

“Recently, we became a sister company of Binance rather than operating under Binance because we can have a better playing field,” Chen explained.

“Scammers provide better customer support”

Compared to fixing the user experience, solving the security issues across Web3 is trickier, according to Chen.

Uniswap launches iOS mobile wallet in select countries

The decentralized exchange had previously stated that Apple was not allowing the app to be listed on the App Store.

Decentralized exchange Uniswap has launched a mobile wallet that features built-in support for the exchange, according to an April 13 announcement from the company. The app is available for iOS devices in select countries and can be found in Apple’s App Store.

1/ THIS IS NOT A DRILL

The Uniswap mobile wallet is out of Apple jail and now live in most countries ✨

Download our self-custody, open-sourced app today! https://t.co/yWxuw79xTY pic.twitter.com/QhK06icKBL

— Uniswap Labs (@Uniswap) April 13, 2023

The Uniswap team complained on March 3 that Apple was blocking the app from its stores. But in this new announcement, the team said that its wallet is “out of Apple jail and now live in most countries.”

Uniswap said the new wallet allows users to swap tokens on the Ethereum, Polygon, Arbitrum and Optimism networks. It can also be connected to any Ethereum app through WalletConnect. Users can back up their accounts by either writing down their seed phrase or encrypting their key vaults with a password and storing them in iCloud.

The Uniswap app also allows users to see detailed information about nonfungible tokens (NFTs) stored within it, including their floor prices and collections.

To make Web3 onboarding easier, several wallet developers have offered mobile apps with built-in decentralized finance (DeFi) functions over the past few years. In 2020, Argent integrated MakerDAO and other DeFi protocols with its wallet app, and 1inch provided similar integrations in 2021.

Uniswap is Ethereum’s largest decentralized crypto exchange, with over $3.4 billion of total value locked inside of its smart contracts, according to its own analytics page.

Cointelegraph reached out to the Uniswap team for a list of countries where the app is available but was unable to get a response by the time of publication.

Europe’s digital ID wallet — Easy for users or a data privacy nightmare?

European Union lawmakers are planning an EU-wide digital identity wallet for access to essential services.

On March 15, the European Parliament voted 418 to 103 (with 24 abstentions) in favor of negotiating a mandate for talks with the European Union member states about revising the new European Digital Identity (eID) framework and creating the “European Digital Identity Wallet,” also known as EUDI Wallet or EU wallet.

Citizen’s IDs, health cards, certificates and many other documents could soon be digitally stored in a smartphone application for EU citizens.

According to an official statement from the European Parliament, the system would allow citizens to identify and authenticate themselves online without relying on big commercial providers like Apple, Google, Amazon or Facebook.

The new eID framework will purportedly give EU citizens digital access to key public services across the EU. Citizens will remain in “full control of their data” and be able to “decide for themselves what information to share and with whom.”

European lawmakers have set an ambitious goal for this new wallet, aiming to bring it to 80% of the population by 2030. This could be achieved by mandating that the wallet be supported by e-government services and companies that have a legal requirement to identify their customers through Know Your Customer checks. It could require major online platforms like Google or Facebook to offer the EU wallet to log in to their services, with soft law and delegated acts that could require small and medium-sized enterprises to support the wallet.

Negotiations with the European Council on implementation would be the next step, but digital transformation and data protection experts have doubts and differing opinions about implementing the wallet.

Usability is the key to adoption

The EU wallet — like the current electronic ID cards in Germany and other European countries — will hardly be adopted by citizens in their daily lives if it doesn’t offer a good use case.

The challenge is to make it easier and more efficient for citizens to interact with public services and administrations, enabling authentication and verification processes, especially in the private sector.

According to Clemens Schleupner, policy officer of digital identity and trust services at Germany’s digital association Bitkom, the possibility of storing electronic IDs on a smartphone to use online as well as digitizing drivers’ licenses, health cards, passports, tickets, school reports, credit cards, membership certificates, etc., and combining them into one wallet could have mass market potential.

*Applying for a bank loan with eID. Source: European Commission*

The EUDI Wallet could make that happen; however, this will only succeed “if adoption among citizens in Europe is ensured through security and usability, relevance through a high number of possible uses and interoperability of different applications throughout Europe,” Schleupner told Cointelegraph.

Lack of usability and public awareness are also significant concerns for Christof Stein, spokesperson for Germany’s Federal Commissioner for Data Protection and Freedom of Information (BfDI).

Stein told Cointelegraph that using proven technologies and trusted infrastructures with enforced IT security and data protection standards are crucial for citizens using the EU wallet.

Privacy is king

As the final rules are not yet known, it is too early to evaluate the EU wallet at this early stage of implementation. For citizens, it is important that the legal framework provides a data-saving solution that only lets organizations ask for user data when they need it.

According to Stein, it is critical that users are protected from tracking by wallet providers, and wallet providers must ensure that wallet data processing is in line with legal requirements.

“What is necessary is a central anchor of trust enabling the enforcement of rules for the protection of individuals. For example, the infrastructure must be designed so that all organizations participating in the system must register to ‘identify’ themselves to users.”

The previous proposal from the European Commission lacked essential privacy safeguards that would have enabled third parties to obtain data about user transactions, possibly allowing bad actors to exploit the system for identity theft or fraud.

According to Thomas Lohninger, executive director of data protection Austrian NGO epicenter.works, the European Parliament has drastically improved the law and adopted a good position in the first reading. He told Cointelegraph:

“It is unlikely that the Parliament will win 100% of the trialogue negotiations. But we hope that the Council and the Commission will realize that the success of the whole system depends on the privacy and trust that is built in. Only if it is the trusted and chosen tool of citizens for their most sensitive health, identity and financial data can the European Digital Identity Wallet be a success.”

The problem of “over-identification”

Lohninger also warned of “over-identification,” i.e., if everyone in the EU is obliged to always use the wallet, this could lead to a loss of anonymity and pseudonymity in everyday interactions.

BfDI’s Stein shared this view, arguing that there should be no general obligation to use the EUDI Wallet and that there should be alternatives.

The European Parliament appears to have heard these concerns, as one of the most important safeguards in the recently passed identity framework is a non-discrimination clause that “protects anyone who chooses not to use the EU wallet, whether it’s in access to government services, freedom of business or the labour market.”

In the European Parliament, all four committees adopted this safeguard with a cross-party consensus. Now this safeguard must survive the trialogue — negotiations with representatives from the European Parliament, the Council of the European Union and the European Commission.

What about zero-knowledge proofs?

As Cointelegraph reported, the EU’s Industry, Research and Energy Committee included a standard for zero-knowledge proofs (ZK-proofs) in its eID amendments.

This technology, which allows the selective disclosure of certain information — like revealing only one’s age, for example — could become a core function of the EU wallet, said Stein.

Epicenter.work’s Lohninger noted that ZK-proofs could provide “unlikability.” For example, someone could prove they are of age to someone else on different occasions without the latter party knowing the former is the same person.

Recent: Islam and crypto: How digital assets can comply with Islamic financial law

Although ZK-proofs allow personal data to be anonymized, Schleupner sees two challenges. First, ZK-proofs in their current application are “a new technology and vulnerabilities may arise if they are not implemented properly,” and second, “many use cases [of ZK-proofs] have not yet been conclusively evaluated.”

Before trusting the technology, EU regulators must ensure that ZK-proofs comply with privacy regulations and meet all specific requirements of the General Data Protection Regulation.

The trialogue at the EU has much to consider before passing eID into a usable, safe and reliable tool for Europeans. How regulators balance these considerations could have profound implications for other formers of digital or blockchain-based ID.

MetaMask addresses privacy concerns with new features for enhanced control

The new features allow a user to manage which servers are able to receive their IP address.

Web3 wallet app MetaMask has introduced a number of new features aimed at enhancing privacy and giving users more control, according to a March 14 blog post by the developer. The new features come after MetaMask had previously been criticized for allegedly intruding on users’ privacy.

MetaMask Mobile v6 is now available to everyone! Our biggest release yet fixes issues around slow load times and provides a new and improved UX that gives users more control over their funds and digital identities.

Upgrade to the latest version todayhttps://t.co/tGtA4GUXR1

— MetaMask (@MetaMask) March 14, 2023

Previously, MetaMask used its Infura RPC node to connect to Ethereum automatically, whenever a user first set up the wallet. Although the user could change the settings later, this still meant that the user’s public address was transmitted to Infura before they had a chance to change their node, according to a report from Ethereum node operator Chase Wright.

Infura is owned by MetaMask’s parent company, Consensys.

Under the new version of Metamask extension, labeled “10.25.0,” users are prompted with the option to use an “advanced configuration” during setup. Choosing this option reveals a number of settings that can be configured, including one that allows the user to choose a different RPC node than the default Infura one.

In addition to letting the user enter their own node details, the “advanced configuration” dialogue box also allows them to turn off incoming transactions, phishing detection and enhanced token detection. These features require data to be sent to third parties, such as Etherscan and jsDeliver, according to the app’s UI. Users concerned about privacy can now turn off these features during setup if they want to.

According to the post, the new mobile version of MetaMask also includes privacy enhancements. Previously, the app did not allow users to connect one account to a Web3 app while leaving another account disconnected. The user only had the option of connecting all of them or none at all.

However, the new version allows users to select which particular accounts they want to connect to an app, without disclosing the other addresses they control.

In its post, Metamask stated that it has always intended to preserve privacy for users and that it believes these new features align with these values, stating:

“Data exploitation goes against MetaMask core values. Instead, we believe in equipping our community with the founding principles that guide our development — true ownership and privacy […] We are committed to protecting the privacy of our users so that you will not, and ultimately, cannot be exploited by yet another centralized entity.”

On November 23, MetaMask became heavily criticized in the crypto community for releasing a privacy policy that stated it would collect IP addresses from users. ConsenSys responded to the criticism on Nov. 24, saying that RPC nodes have always collected IP addresses and that the substance of the privacy policy was not new, although the language used in it had changed. On Dec. 6, ConsenSys announced that IP addresses collected through Infura would no longer be stored for more than 7 days.

Multiparty computation could offer increased protection for crypto wallets

Multiparty computation can help users to protect their private keys and seed phrases when used in wallets.

Multiparty computation (MPC) is a type of cryptographic protocol that allows multiple parties to jointly compute a function over their inputs without revealing those inputs to each other.

MPC can be useful when parties want to compute some function together but want to keep their inputs private from others. For example, a group of banks may want to determine the total amount of money in their joint account without revealing their account balances to each other.

In MPC, each party has a secret input that they keep to themselves. The process is done by carefully encrypting the inputs and performing the computation on the encrypted values so that the final result is the desired function, all while keeping the values secure.

MPC protocols typically involve multiple rounds of communication between parties exchanging encrypted messages and performing various computations on their own inputs.

MPC is a complex and technical topic, and there are many variations and approaches to implementing MPC protocols. Some key challenges in designing MPC protocols include ensuring that the protocol is secure against various attacks, such as malicious parties trying to learn other parties’ inputs, and ensuring that the protocol is efficient with regard to computational resources and communication costs.

What is a multiparty computation crypto wallet?

A multiparty computation crypto wallet is a crypto wallet that uses MPC technology to manage and store users’ assets securely. In an MPC crypto wallet, the private keys used to access and manage the users’ cryptocurrency are split into multiple parts, known as “shares,” which are distributed among the parties involved in the MPC protocol.

The key advantage of using MPC in a crypto wallet is that it allows the users to securely manage their cryptocurrency without any single party having access to the entire private key. This can help protect against various attacks, such as hackers attempting to steal users’ cryptocurrency by compromising a single party’s private key share.

Recent: Remote work could redefine the global workforce for good

MPC crypto wallets typically use a combination of cryptography and secure communication protocols to enable different parties to jointly manage users’ cryptocurrency. The process can involve complex calculations and communication between the parties, but the result is a secure and efficient way to manage users’ cryptocurrency assets.

Crypto wallets like ZenGo use multiparty computation to improve wallet security, and Coinbase has the feature enabled for their noncustodial wallet. As a result, MPC crypto wallets can provide increased security and protection against certain attacks. Still, they also require more computational resources than other crypto wallets.

Benefits and drawbacks of multiparty computation crypto wallets

The main advantage of an MPC crypto wallet is that it can provide increased security for users’ cryptocurrency assets by splitting the private keys used to access and manage the cryptocurrency into multiple parts and distributing those parts among different parties.

Tal Be’ery, co-founder and chief technology officer at crypto wallet ZenGo, told Cointelegraph, “MPC solves cryptocurrency’s most pressing problem: The single point of failure (SPOF) of the private key. This SPOF is the main reason users lose their funds: Whether by misplacing their private key, having their private key stolen, or accidentally sharing their seed phrase through a phishing scam.” He continued:

“With MPC, the indivisible private key is replaced by multiple distributed secrets often called ‘shares,’ such that a quorum of these shares can distributively sign a message — without creating a private key.”

Be’ery mentioned how separating the pieces of the private key and storing them in different locations makes it more difficult for malicious actors to compromise a user’s wallet.

“If each of these shares is held in an orthogonal place (e.g., mobile device and a server), then it makes it orders of magnitude more complicated for hackers to steal, as the attacker would need to steal from multiple independent places in different ways,” Be’ery said.

“This type of architecture also solves the dilemma discussed above: Creating copies of shares as a backup against loss is much easier, as no one share represents the ‘the and only’ private key,” he added.

Parth Choudhary, founder and CEO of Glip — a Web3 gaming and wallet application — also told Cointelegraph, “MPC could make it so that a wallet provider can’t get to a user’s money or control it. It may also make it harder for hackers and other bad people to steal private keys.”

MPC cryptocurrency wallets have some advantages over traditional wallets. MPC wallets are more reliable since they can ensure that a user’s assets are still accessible, even if one or more parties become unavailable or unresponsive. Privacy is also improved because the private keys are split into multiple shares and distributed among different parties.

By preventing any single party from discovering the user’s complete private key, the user has a reduced chance of losing their funds. Security is also improved since the computations are carried out on encrypted outputs, preventing malicious parties from learning sensitive information.

However, there are also some potential disadvantages to using an MPC crypto wallet. One of these disadvantages is the complexity associated with MPC protocols, especially for non-experts in cryptography. So, an MPC wallet can be more challenging to set up for the average person.

Recent: Crypto layoffs mount as exchanges continue to be ravaged by the prevailing bear market

Additionally, due to the computational resources needed by MPC protocols, they may be slower to operate. In this regard, an MPC wallet may be less efficient than other crypto wallets. Finally, not all cryptocurrency assets can be managed using an MPC crypto wallet, and some assets may be difficult or impractical to manage using MPC.

Wallet security has always been important for anybody who uses cryptocurrency, and the need for self-custody has become all the more apparent with the collapse of several high profile cryptocurrency firms and the loss of millions in user funds.

The decision to use an MPC crypto wallet will depend on the specific needs and requirements of the user. For example, it may be useful for users who prioritize security and privacy, but some people may prefer a more simple solution.

The Easy Company secures $14.2M funding for new crypto wallet with social features

The company says it wants to make it easier for users to engage with Web3 and use digital wallets.

The Easy Company, a startup focusing on building a consumer layer for the decentralized web, has raised $14.2 million in a seed round for its “social” crypto wallet, which seeks to help onboard more mainstream audiences into the Web3 ecosystem.

As reported by TechCrunch, the seed funding round was supported by a diverse group of investors, including venture capital firms Lobby Capital, Relay Ventures and 6th Man Ventures, as well as Tapestry, Upside and Scribble. Additionally, the round featured angel investors with backgrounds in traditional social media and Web3, including former executives from Instagram, Novi, Airbnb, Twitter, Uber, OpenTable and Eventbrite.

8/ Easy is backed by Lobby Capital, Relay Ventures, 6th Man Ventures, Tapestry VC, Upside Partnership, Scribble Ventures and other experienced social and web3 Investors.

— The Easy Company (@TheEasyCoHQ) January 10, 2023

The wallet is said to be available to the public on iOS and Android after completing a 30-day private testing phase. According to Easy’s CEO, Mike Dougherty, the company aims to combine user-curated profiles with engaging social features so that people can search, navigate and discover the world of Web3 on their own.

A lot of Web3 products and services today are too technical for the everyday person to use, Dougherty shared. The company aims to make it easier for users to engage with Web3 and use digital wallets. The platform reportedly has a similar layout to social media apps like Instagram, where users can swipe to view both their own NFTs or those of people they “watch,” like Instagram Stories.

Despite a long crypto winter, Web3 projects continue to receive substantial funding from Venture Capitalists. In 2022, billions of dollars poured into various projects in the ecosystem, including blockchain-based startups.

In the first two quarters of 2022, Venture Capital inflows were over $14 billion, and even though it receded to just under $5 billion in the third quarter, that was still a substantial amount given the negative impact of the sudden collapse of several prominent players in the industry, such as Celsius, Three Arrows Capital, BlockFi and FTX. Venture capitalist funding for the 2023 remains yet to be seen.

On Jan. 4, Cointelegraph reported that Singapore-based cryptocurrency exchange MEXC plans to invest $20 million to support the growth and development of Sei Network, a layer-1 blockchain platform that is specifically tailored for trading.

BitKeep exploiter used phishing sites to lure in users: Report

The attacker appears to be attempting to cash out funds using Binance and Changenow.

The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink.

The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker.

【12-26 #BitKeep Hack Event Summary】
1/n

According to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker addresses and total Txns volume reached $31M.

— OKLink (@OKLink) December 26, 2022

The report did not say how the malicious file stole the users’ keys in an unencrypted form. However, it may have simply asked the users to re-enter their seed words as part of the “update,” which the software could have logged and sent to the attacker.

Once the attacker had users’ private keys, they unstaked all assets and drained them into five wallets under the attacker’s control. From there, they tried to cash out some of the funds using centralized exchanges: 2 Ether (ETH) and 100 USD Coin (USDC) were sent to Binance, and 21 ETH were sent to Changenow.

The attack happened across five different networks: BNB Chain, Tron, Ethereum and Polygon, and BNB Chain bridges Biswap, Nomiswap and Apeswap were used to bridge some of the tokens to Ethereum. In total, over $13 million worth of crypto was taken in the attack.

It is not yet clear how the attacker convinced users to visit the fake websites. The official website for BitKeep provided a link that sent users to the official Google Play Store page for the app, but it does not carry an APK file of the app at all.

The BitKeep attack was first reported by Peck Shield at 7:30 am UTC. At the time, it was blamed on an “APK version hack.” This new report from OKLink suggests that the hacked APK came from malicious sites and that the developer’s official website has not been breached.

How do crypto hardware wallet firms make money?

All the companies that are involved in producing hardware crypto wallets have multiple revenue streams, either directly or indirectly.

The hardware wallet industry has emerged as one of the most resilient sectors to the ongoing cryptocurrency winter, with issues like the FTX crash bringing in even more cold wallet sales.

The bear market of 2022 has once again reminded crypto investors of the importance of self-custody and independence from centralized exchanges (CEX).

As a result, some major CEXs like Binance has increased their investment exposure to hard wallet firms, while CEO Changpeng Zhao even suggested that CEXs may no longer be necessary in the future. Should it be the case, the crypto industry of the future will be quite unlike the existing one because the business model of hardware wallets is very different from that of CEXs.

One massive difference is how hardware wallets make money because — unlike CEXs — cold wallets don’t charge any fees for most transactions by design. But selling devices cannot be the sole revenue stream for cold wallet manufacturers due to a number of reasons, including that hardware wallets are durable devices that don’t often need upgrades.

So, how do hardware wallet manufacturers actually make money? Cointelegraph reached out to several cold wallet providers to discuss the issue to better understand their business model.

How long does a hardware wallet last?

There is no clear answer on how long a hardware cryptocurrency wallet is able to last, partly because the world’s first-ever cold wallets are still working properly.

Czech Republic-based hardware wallet firm Trezor was the first company in the world to officially release a cold wallet back in 2014. After eight years, the Trezor One model is still one of the most popular hard wallet devices, with many customers still using their first generation of Trezor devices, Trezor brand ambassador Josef Tetek told Cointelegraph.

“Trezor devices come with a two-year warranty. However, that doesn’t mean the devices break down after two years,” Tetek said, adding:

“At conferences we regularly meet users who still use the first edition from 2013. In general Trezor devices are very durable and the fault rate is minimal.”

The exec emphasized that users can break, lose or damage their devices, but they will keep their Bitcoin (BTC) if they keep their recovery seed backup intact.

According to Ledger, another major cold wallet provider, the lifespan of a cold wallet is “really long,” but is not something that the firm can estimate. “Devices are designed to last. Sometimes issues come up as with every product, but people should be able to bury them,” a spokesperson for the firm told Cointelegraph.

According to some hardware wallet providers, card-based cold wallets can last for dozens of years or never expire at all.

Recent: Into the storm: The murky world of cryptocurrency mixers

Andrey Kurennykh, CEO at the SBI-backed cold wallet firm Tangem, suggested that their card-like hardware wallet has the same lifespan as the underlying Samsung S3D350A secure element. “Samsung claims that they have a lifespan of more than 25 years. Since there are no other hardware components in Tangem wallets, we consider this to be the lifespan of the whole device,” Kurennykh said in an interview with Cointelegraph.

Adam Lowe, creator of another cold wallet company Arculus, also told Cointelegraph that the company’s card-like cold storage device “never expires.”

As hardware wallets might never require a user to upgrade the device, how do cold wallet firms keep running operations, given that such companies have to spend significant resources to provide long-time support for their customers?

Increasing demand for hardware wallets

Many hardware wallet providers have been forced to expand their support staff in order to meet increasing demand for cold wallet devices.

“We have significantly scaled up our support team, which has been important to us considering recent events in the crypto industry and the increase in people moving to self-custody,” the Ledger spokesperson said.

“We’re seeing a large influx of people new to crypto from different channels and geographies, and we’re strengthening support proportionally,” Tangem’s Kurennykh noted.

A number of wallets have also introduced new support solutions including self-help tools and chat bots, allowing them to more easily handle frequently recurring requests like implementing an e-commerce API. “This helps to handle unexpected surges in inquiries such as that experienced in the recent FTX collapse,” Trezor’s Tetek said, adding that the firm has also been actively adding videos on solving the most common issues and difficulties.

Cold wallets’ multiple revenue streams

All the companies that are involved in manufacturing hardware crypto wallets have multiple revenue streams, either directly or indirectly, according to comments from industry executives.

“Ledger isn’t just a hardware company, we’re a software company as well with Ledger Live,” a representative said, adding that its revenue comes from not only selling Ledger devices but also through services on Ledger Live.

The firm also offers its own nonfungible token platform known as Ledger Market, business-to-business (B2B) products tool called Ledger Enterprise and others, the spokesperson noted.

Ledger has also been actively expanding its devices, launching a total of seven different cold wallets since 2014. Ledger’s latest wallet, developed in collaboration with iPod Classic creator Tony Fadell, is priced at $279, which is $200 higher than the cost of the previous Ledger wallet.

Rival firm Trezor doesn’t offer any financial services and doesn’t levy any fees on using its Trezor Suite app, Tetek said. At the same time, its sister firm, Invity, enables Trezor users to buy and sell Bitcoin (BTC) and other crypto currencies directly from the Trezor Suite, he said, stressing that the firm is a separate business from Trezor.

According to Tangem’s Kurennykh, the firm has several revenue streams, with as much as 70% of the company’s revenue coming from hardware wallet sales. About 20% of revenues come from third-party services fees like on-ramp and off-ramp exchanges, while 10% is generated through white-label wallet sales, Kurennykh said. The company is also working on its own non-custodial payment solution, which is expected to make another additional revenue stream.

Ruben Merre, co-founder and CEO at Binance-backed crypto wallet Ngrave, also told Cointelegraph that the firm’s revenue is mostly generated from product sales. However, there are areas for additional revenue streams, including a transaction fee for a fiat-crypto onramp. “The user can then buy crypto directly from the hardware wallet app […] The hardware wallet manufacturer may charge a transaction fee for this process,” Merre said.

Additionally, a number of cold wallets also participate in affiliate or promotion programs in cooperation with crypto services and exchanges.

There’s no public hard wallet company yet

As none of the existing hardware wallet companies are public, there is no readily available data on the revenues coming from their business. All the hardware wallet firms interviewed by Cointelegraph declined to provide any figures related to their financial information, citing their status as a private company.

At the same time, the executives reiterated that the collapse of the FTX exchange in November has driven massive sales and traffic to hardware wallet platforms.

In November, Ledger doubled its transaction revenue through Ledger Live month-over-month, also recording an all-time-high in number of trades through Ledger Live, the spokesperson said. “We had our best sales month ever in November, with our two best sales days ever on Nov. 13 and Nov. 14, following FTX,” the representative added.

“We can say that we have sold over 1 million devices, and we are experiencing record sales after the recent FTX collapse,” Trezor’s Tetek also noted.

As previously reported by Cointelegraph, the hardware wallet industry had been estimated to grow at a faster pace than exchanges, even before the FTX crash. But despite self-custody being one of the genuine purposes of crypto, investors should still be aware of the risks associated with storing coins by themselves.

FDIC–FTX spat is another reason for investors to self-custody their funds

Between the collapse of Celsius and the FDIC’s warning to FTX, consumers should be awakening to the benefits of moving their funds off of centralized exchanges.

Searching for more evidence that self-custody of your cryptocurrency holdings beats a centralized manager? Look to the latest action by the Federal Deposit Insurance Corporation (FDIC).

The agency sent a letter to FTX Exchange this month — along with four other entities — that included a cease-and-desist order for “false and misleading statements.” Namely, it accused the exchange of falsely implying that user funds were FDIC-insured.

It could have turned into an ugly situation if customers expected — but did not receive — a certain level of protection in the event of catastrophic failure. It’s difficult to ascertain how heavily the guarantee factored into the adoption of FTX services, but the firm enjoyed a record-breaking year in 2021 with revenue growth of more than 1000%.

Ultimately, the incident serves as an endorsement of self-custody, because it reminds us that exchanges can only protect user funds as far as their pockets allow them. Empowering consumers to hold their own funds on ideally cold wallets significantly reduces the chance their funds will be lost to a company’s insolvency, like in the case of Celsius, or even to a hacker gaining access to wallets held by a central entity.

Self-custody isn’t perfect, but it can be better than the alternative

Those who say self-custody is fraught with danger would be right. Retail investors cannot be expected on a widespread scale to properly manage and protect their funds in a wallet owned solely by them, and many, in fact prefer the oversight from a seemingly too-big-to-fail central exchange.

Even experienced crypto investors and holders can send tokens to the wrong address by mistake or even in some cases, face issues with technical glitches on self-custody wallets. If mainstream adoption is the goal, this isn’t even close to being a safe way to exchange value.

It’s a catch-22 situation. Money isn’t inherently safe when it’s held by scarcely regulated central entities known for suffering hacks and always being vulnerable to the possibility of executives running away with user funds.

Cryptocurrencies, at their very core, are about independence and moving away from the financial establishment that has influenced monetary policy for a very long time. So, the industry is crying out for a solid self-custody solution that resolves the associated dangers.

Last month @Brett_FTX tweeted that you can deposit your paycheck into FTX, and that they were FDIC insured.

I called BS and said they are either lying or holding clients money externally at other banks.

Brett said I was wrong.

FDIC just answered it… and Brett deleted tweets. https://t.co/QuiXQ8rDiA pic.twitter.com/xkgxP5r4Ez

— Stephen Geiger (@Stephen_Geiger) August 19, 2022

There are crypto enthusiasts who do not wish to hold their funds exclusively on a central exchange. For them, the whole point is to move away from traditional finance (TradFi) and overt centralization.

This is a valid choice and should be respected. It should also be understood that mainstream adoption will likely only be plausible thanks to centralized entities able to provide security and guarantees on the funds held by their platforms.

The independence/security tradeoff

We have seen European Union regulators attempt to tie in self-custody with verifiable identities. This misses the point to some degree. Blockchain technologies are designed to bring elements of decentralization to the financial world and allow unfettered access to people around the globe.

Making it easy and user-friendly to set up a wallet within a wider network of self-custody wallets clearly brings the potential for a worldwide revolution in how we treat money. Those living in developing nations, and more specifically the more than one billion unbanked, can retain complete control over their funds without being at the mercy of a (CeFi) centralized financial institution.

Good, safe self-custody is the key to unlocking such possibilities with the result of significant real-world impact.

This entirely depends on the needs decided by users. It feels safer for many to trust their crypto funds with the custody of a centralized exchange (CEX). While independence can be worth the precautions of risk diversification — through hardware wallets, open-source software and multisignature setups — the majority of regular people are probably vastly safer on Binance, FTX and other CEXs.

Centralized finance (CeFi) may be slowly turning into de facto TradFi. This is not necessarily a bad thing. If centralized exchanges can be insured like their traditional counterparts, then this massively reduces the risk of transacting with them.

Meanwhile, engaging with decentralized exchanges and smart contracts can also be a risky endeavor. Decentralized finance (DeFi) supporters hope it will become less so in time as the industry matures. Increased focus on user experience and safety should swiftly follow this maturation.

A great upside to DeFi is that adopters do not have to trust vague messaging from entities such as FTX. They’re free from the risk of most centralized failures that could result in the loss of their funds.

The power to decide rests with the consumers and whether they trust regulators to protect them while they utilize a CeFi entity — which emulates TradFi — or decide to wait for a better, sorely needed self-custody solution.

Ultimately, there will be a demand for both DeFi and CeFi amid the rich tapestry of blockchain and crypto offerings. Rather than being forced to choose between two suboptimal offerings, investors will have a panoply of options to consider.

Tom Tirman is the CEO of IQ Protocol, an NFT renting solution that allows games and other platforms to wrap digital assets and lend them out to users looking to play and earn. Before crypto, Tim graduated from a top technological university in Eastern Europe with a law degree and continued his studies at the Stockholm School of Economics. In his free time, he also spearheads PARSIQ, a web3 data aggregator.

The views, thoughts, and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

FDIC–FTX spat is another reason for investors to get their funds off exchanges