5
Crypto Wallet Fundamentals
Custodial vs non-custodial, hot vs cold, what an address is, what a key is.
4 quiz questions
A wallet is keys, not money
A crypto wallet does not "hold" your coins the way a bank account holds money. The coins live on a blockchain; the wallet holds the private keys that authorize moves from specific addresses. Lose the keys → lose access. Share the keys → share control.
Custodial vs non-custodial
•Custodial wallet: a third party (exchange, payment app) holds the keys. You log in with email/password/2FA. Convenient; vulnerable to the custodian.
•Non-custodial wallet: you hold the keys (via a seed phrase). Full control; full responsibility.
Hot vs cold
•Hot wallet: connected to the internet (mobile app, browser extension). Convenient for daily use, more exposed.
•Cold wallet: not connected to the internet for normal operation (hardware wallet, air-gapped device). Slower, much harder to drain remotely.
A practical model for an NGO
•Treasury reserves → cold storage, ideally multisig (covered later).
•Operational funds (current month) → a hot wallet on a controlled device, with hardware-backed signing.
•Short-term donor inflows that will be converted → a reputable custodial exchange account with strong 2FA, used as a passthrough.
Never use a personal staff wallet as the de-facto organizational treasury, even temporarily.
Addresses are public, identity is implicit
A wallet address is safe to share — that is how you receive funds. But every move from and to that address is recorded publicly and forever. Tools like block explorers (and increasingly mainstream analytics) can cluster addresses with identities. Plan accordingly.
•Use a separate "public" donation address for marketing.
•Keep treasury operations on different addresses than visible donation addresses.
•Be aware that linking a wallet to KYC anywhere is, in effect, linking your entire on-chain history to your identity.