A crypto wallet is used to sign transactions when interacting with a blockchain network, as well as to store digital assets including crypto coins, NFTs, and tokens. A wallet contains a public key (the wallet address) and a private key (basically your password), which is needed to complete and sign transactions. Whoever has access to the private key, controls the assets.
There are multiple types of crypto wallets that individuals and organizations can utilize. The level of security is different per wallet type.
Types of wallets include:
Custodial Wallet: With a custodial wallet, the private key is controlled and maintained by a third-party. Common examples of custodial wallets include those you set up when utilizing crypto exchanges, like Coinbase or Binance.
Non-Custodial (Hot) Wallet: In non-custodial wallets (that are connected to the internet), the private key is controlled by the individual owner of the wallet. Examples of non-custodial wallets built on Algorand include Pera Wallet and Defly.
Cold Wallet: Cold wallets are by definition not constantly connected to the internet. This is the case when your private key is secured offline through a hardware wallet, or maybe even saved in a piece of paper in a safe place. Examples of hardware devices for cold storage are the Ledger and Trezor devices.
So to be clear: the key defining characteristic between a custodial and non-custodial crypto wallet is who ultimately controls the private keys to it.
With non-custodial wallets, the responsibility of storing and securing the private keys lies solely with the wallet owner. That means if you opt to secure your own assets, you must understand the responsibility and ensure that they’re properly stored and protected against cyber and physical threats. The benefit of this means that you fully and singularly control access to your assets, the definition of self-sovereignty.
When setting up a non-custodial wallet, you will be prompted to copy down sensitive information such as the private key and recovery phrases. (The latter refers to a series of random words which, when entered into a new device in the correct order, automatically migrates your crypto wallet and any funds it contains to the new device.)
Copying this information down onto an offline source (like written on a piece of paper) is a backup measure in case the device storing your non-custodial crypto wallet gets lost, compromised or damaged. If you lose your 25-word recovery passphrase that unlocks the account, no one can grant you access.
Tips for Users to Keep Their Wallets Safe:
Account Rekeying on Algorand
A unique feature on Algorand is the option to “rekey” a wallet account. This becomes important in the event that a wallet account becomes compromised.
On other networks, when a compromised private key needs to be changed, an entirely new account with Different Public Address and Private Spending Key need to be opened - and assets within that account have to be moved from the old Public Address to a new address representing a new account, creating inefficiency and onerous operational overhead.
Regularly changing the Public Address and Private Spending key also creates downstream implications, for example, the potential to interrupt automated, recurring transactions. Rekeying solves for the existing Public Address and Private Spending key friction by allowing users to change their Private Spending key without the need to change their Public Address. Rekeying enables more flexibility, Public Address continuity of use and permanent identifier with less overhead when changes to the Private Spending key occurs.
Users on Algorand can secure existing accounts with a new Private Spending Key at any time, including with a hardware wallet, a multisig account, or smart contract based key (smartsig).
Learn more about Algorand Rekeying.
Additional resources related to security for some of the wallets supporting $ALGO:
Pera Wallet Security Overview (blog)
Pera Wallet (Guide to setting up Pera wallet account)
Connect your Ledger Nano X to the Pera wallet app