Insights

Custodial or non-custodial — who actually controlled the keys?

6 July 2026

When digital assets go missing, the first question is rarely “where did they go” — it is “who was in a position to move them.” That question resolves to a technical fact: who controlled the private keys. Custody is not a matter of whose name is on an account statement; it is a matter of who could sign a transaction.

Non-custodial: the user holds the keys

In a non-custodial wallet, the private keys exist only on the user’s device (or in their seed phrase). No third party can move the funds, and no third party can recover them if the keys are lost. The ledger will show transactions signed by those keys, but it cannot, on its own, prove the human identity behind them. In a dispute, this shifts the focus to who had access to the device or the seed phrase.

Custodial: a platform holds the keys

In a custodial arrangement — most centralized exchanges and lenders — the platform holds the keys and the user holds a claim against the platform, recorded in the platform’s internal ledger rather than on-chain. The user’s balance is a database entry, not coins they directly control. When such a platform fails, the on-chain reality (what the platform actually held) and the internal ledger (what users were told they held) can diverge sharply. Reconciling the two is often the core forensic task.

Why the distinction decides cases

The custody model determines who could have caused a loss, who bears it, and what evidence is even available. A non-custodial loss points at device or key compromise; a custodial loss points at the platform’s own books and its on-chain holdings. Getting this wrong at the outset sends an investigation in the wrong direction.

Establishing custody is a technical exercise best grounded in on-chain evidence and the platform’s own records, examined together.


Written by Alexander Mologoko, Blockchain Innovation Associates. Discuss an instruction →