Hey you!
Welcome back to “that’s what she said”, the newsletter which makes you feel smarter about the world of web3. Last time, we explored Bitcoin — the OG cryptocurrency that started it all (if you missed it, go back and read it before diving into today's topic).
Today, we're tackling something more personal: crypto wallets, but calling them "wallets" is actually misleading. They don't hold your crypto the way your leather wallet holds cash. Instead, they're more like keychains that prove you own digital assets living on the blockchain. Lose those keys? Your crypto is gone forever. Share those keys? Anyone can take everything you own.
In web3, you are the bank, the vault, and the security guard. There's no customer service hotline to call, no "reset password" button to click, and absolutely no one to blame but yourself if things go wrong.
Sounds intimidating? Good, it should be like this. However, once you understand how wallets work, you'll also understand why this system is revolutionary.
Let's explore how crypto wallets work, why they matter, and how to choose the right one. Ready?
🔐 Cryptography and Keys
Before we dive into the wallets, we need to cover the cryptographic trick that makes them tick: public and private keys.
Picture blockchain cryptography as a high-security lock-and-key setup. When you create a wallet, you’re really just generating a pair of mathematically linked keys — one public, one private. They work together in a neat little duet of asymmetric cryptography, keeping your assets safe while still letting you move them around without friction.
Your public key is like your email address or bank account number. It's safe to share with anyone who wants to send you crypto. In fact, you want people to have it, as that's how you receive funds. The public key generates your wallet address, that long string of letters and numbers you copy-paste when someone asks where they should send you the crypto.
Your private key is a completely different story. This is the master password, the skeleton key, the nuclear codes all rolled into one. It's typically a 256-character binary code, though you'll usually interact with it as a 64-character hexadecimal code or a 12-24 word recovery phrase (called a seed phrase or mnemonic phrase). This key proves you own whatever assets are associated with your public address.
Anyone can use your public key to encrypt a transaction and send it to your address, but only someone with the matching private key can decrypt that transaction and actually spend those funds. It's a one-way mathematical function that's computationally easy to go forward (generating a public key from a private key), but practically impossible to reverse (deriving a private key from a public key).
When you sign a transaction with your private key, you're creating a unique digital signature that proves you authorised that specific transaction. Nodes across the network can verify this signature using your public key, confirming the transaction is legitimate without ever seeing your private key. This is asymmetric cryptography in action: basically, a way to communicate securely even when the whole world might be eavesdropping.
The critical thing to understand: whoever controls the private key controls the assets. Not the person who bought them. Not the person who should own them. The person with the key. This is why the crypto community repeats the mantra "not your keys, not your coins" like a religious chant.
🧠 Definition of Wallet
Now that you get how keys work, here’s the plot twist: crypto wallets don’t actually hold your crypto. Yep, the name totally lies. Your Bitcoin, Ethereum, or whatever you’re into isn’t sitting inside your wallet like cash in a purse. It all lives on the blockchain. The wallet just gives you the keys to access what’s already there.
A crypto wallet is simply software (or sometimes hardware) that stores your private and public keys and allows you to interact with various blockchains. Think of it as a keychain that holds the proof of ownership for your digital assets. The wallet shows your balance by reading the blockchain, and it uses your private key to sign transactions that move those assets around.
Here's a better analogy: imagine the blockchain is a massive public vault with millions of safety deposit boxes. Your public key is the box number: anyone can see it and put things in. Your private key is the only key that can open that specific box and take things out. Your wallet is the keychain holding that key, plus maybe a label showing what's inside the box.
This is why you can access the same crypto assets from different wallet applications. The assets aren't in any specific wallet; they're on the blockchain. The wallet is just the interface that lets you prove ownership and interact with those assets using your keys.
Why do we need wallets in web3? Because blockchains use public-key cryptography to verify transactions and maintain security. Without a wallet, managing your keys and signing your transactions, you simply cannot participate in the crypto economy. You can't send tokens, interact with smart contracts, connect to DeFi protocols, mint NFTs, or do anything else blockchain-related. The wallet is your gateway to web3: your passport, your identity, and your control centre all in one.
💪 How Wallets Work
Understanding wallet mechanics reveals why they're simultaneously empowering and terrifying.
Wallet Creation
When you set up a new wallet, the software generates your cryptographic key pair using complex mathematical algorithms. This happens locally on your device — the keys are created right there, not on some company's server (unless you're using a custodial wallet, but we'll get to that).
During setup, the wallet presents you with a seed phrase: usually 12, 18, or 24 randomly selected words. This phrase is the human-readable version of your private key. Write these words down incorrectly or in the wrong order? You're screwed. Lose this phrase? Also screwed. Someone finds this phrase? They're now the owner of all your crypto, and you're screwed.
The wallet also prompts you to create a password. Important distinction: this password is NOT your private key. It's just a local security layer that locks the wallet app on your specific device, similar to a PIN on your phone. Forget this password, and you can still recover your wallet using your seed phrase. But forget your seed phrase, and even remembering your password won't help you.
Sending Transactions
When you want to send crypto to someone, here's what actually happens behind the scenes. First, you input the recipient's public wallet address and the amount you want to send. Your wallet constructs a transaction message containing this information plus your public key.
Next comes the critical step: digital signing. Your wallet uses your private key to create a unique cryptographic signature for this specific transaction. This signature mathematically proves that you (the holder of the private key) authorised this exact transaction. Change even one character in the transaction details, and the signature becomes invalid.
The wallet then broadcasts this signed transaction to the blockchain network. Nodes across the network verify your signature using your public key, checking that the signature is valid, that you actually have the funds you're trying to send, and that you're not trying to double-spend tokens.
Once verified and included in a block, the transaction is complete. The blockchain's record now shows those tokens moved from your address to the recipient's address. Your wallet displays your new balance by reading the updated blockchain ledger.
Receiving Transactions
Receiving crypto is simple: you share your public wallet address with the sender. They create a transaction sending funds to your address. Once that transaction is confirmed on the blockchain, the next time your wallet checks the ledger, it sees the new balance and displays it.
You don't need to do anything, approve anything, or even have your wallet open. The transaction happens on the blockchain level. Your wallet just reads and displays what's already been recorded.
Key Management
The single most important function of any wallet is managing your private keys securely. Different wallet types handle this differently:
- Some wallets generate and store keys directly on your device.
- Others use hardware devices for key storage.
- Some derive multiple addresses from a single seed phrase, giving you fresh addresses for each transaction while needing to back up only one phrase.
The critical security principle: your private key should never leave your wallet's secure environment. When signing transactions, the wallet performs the signing operation internally, broadcasts the signed result, but never exposes the actual private key.
This is why hardware wallets are considered more secure than software wallets. The private key lives on a specialised device, and the signing happens inside that device. Even if your computer is infected with malware, the malware can't steal keys that never touch the computer.
📍Types of Wallets
Crypto wallets come in various forms, each making different trade-offs between security, convenience, and control. Understanding these distinctions helps you choose the right wallet for your needs. The fundamental division in the wallet world is between hot and cold storage.
Hot wallets are constantly connected to the internet, making them incredibly convenient for frequent transactions. They include web-based wallets, mobile wallet apps, and desktop software wallets. The always-online nature means you can quickly trade on exchanges, interact with DeFi protocols, send payments, or mint NFTs with just a few clicks.
The downside? That constant internet connection makes hot wallets more vulnerable to hacking, phishing attacks, and malware. If your device is compromised or if you accidentally sign a malicious transaction, your funds can disappear instantly. Hot wallets are perfect for amounts you need regular access to (think of them as your digital spending money).
Cold wallets, on the other hand, spend most of their time offline, making them extraordinarily difficult to hack remotely. These primarily come as hardware wallets (specialised physical devices) or paper wallets (physical documents with your keys printed on them, though these are largely obsolete now).
When you need to transact from a cold wallet, you must physically connect the device to a computer, authorise the transaction on the device itself, and then disconnect it again. The private keys never leave the hardware device, even during transactions. The signing happens in-device, keeping your keys isolated from any internet-connected computer that might be compromised.
Cold wallets are less convenient but dramatically more secure. They're ideal for long-term storage of significant amounts (your digital savings account).
Software Wallets
Software wallets are applications you download and run on your phone or computer. They offer high user-friendliness while maintaining good security, provided you follow best practices.
- Desktop wallets run on your computer, giving you full control over your keys stored in an encrypted local file. You can access your holdings immediately and maintain complete control, but if your computer is compromised by malware, your keys are at risk.
- Mobile wallets work similarly but run on your smartphone. They're especially convenient for making payments, scanning QR codes, or quickly interacting with dApps on the go. The same security considerations apply: your phone's security becomes your crypto's security.
Most software wallets are non-custodial, meaning you control the keys. However, they require you to handle proper backups, security practices, and device protection.
Web Wallets
Web wallets are accessed through your browser without downloading software. They're the most convenient option — access your crypto from any device with internet — but historically were the least secure type.
Modern web wallets have improved significantly. Some newer versions are non-custodial, giving you sole control of your keys even though you're accessing the wallet through a browser. However, web wallets remain more vulnerable to phishing attacks and malicious websites than downloaded software.
Web wallets are best for small amounts and testing out dApps, not for storing significant holdings.
Hardware Wallets
Hardware wallets are specialised physical devices that look like USB drives. They represent the gold standard in self-custody security.
These devices generate and store your private keys in a secure chip that's specifically designed to resist tampering. When you need to sign a transaction, you connect the device to your computer, review the transaction details on the device's screen, and physically confirm by pressing a button on the device itself.
Here's why this matters: even if your computer is completely infected with malware, the malware can't steal your private keys because they never leave the hardware device. The signing happens inside the secure chip, and only the signed transaction (not the key itself) is sent to the computer.
Most hardware wallets also offer PIN protection, so even if someone steals your physical device, they can't access your funds without your PIN. After several wrong PIN attempts, many devices will wipe themselves.
The main downsides are cost (typically $50-200) and convenience (you need the physical device to transact), but for serious crypto holders, these trade-offs are absolutely worth it.
Paper Wallets
Paper wallets are physical documents containing your public and private keys, usually as QR codes. They're completely offline and therefore immune to digital attacks.
However, paper wallets are largely obsolete and no longer recommended. They're vulnerable to physical damage (fire, water, deterioration), can be easily lost or stolen, and if you need to spend funds, you typically have to import the private key into a software wallet, which exposes it and defeats the purpose of cold storage.
If you're considering cold storage, choose a hardware wallet instead.
🤝 Custodial VS Non-Custodial Wallets
Beyond hot and cold storage, the most fundamental question is: who controls your private keys?
Non-Custodial Wallets give you complete control. You generate the keys, store them, and are solely responsible for them. This is true ownership; not your keys, not your coins. No company can freeze your account or deny access. But lose your seed phrase? Your crypto is gone forever, with no customer service to save you.
Custodial Wallets are managed by third parties like exchanges (Coinbase, Binance, Kraken). They hold your keys on their servers. You access crypto with a username and a password, just like any website. Forgot your password? Reset it via email, but you don't actually control your crypto — they do. If the exchange gets hacked, goes bankrupt, or freezes your account, you're screwed.
Please see the pros and cons of these wallets below:
| Non-Custodial Wallets | Custodial Wallets |
|---|---|
| ✅ Complete control over assets | ✅ Easy password recovery |
| ✅ No third party can freeze funds | ✅ Familiar user experience |
| ✅ No KYC requirements | ✅ Customer support available |
| ✅ True ownership | ✅ Often includes insurance |
| ✅ Direct DeFi/dApp interaction | ✅ Seamless exchange trading |
| ✅ No counterparty risk | ✅ Lower technical knowledge needed |
| ❌ Total responsibility for security | ❌ You don't truly own your crypto |
| ❌ No recovery if you lose seed phrase | ❌ Exchange can freeze your account |
| ❌ No recourse for scams/mistakes | ❌ Vulnerable to hacks/bankruptcy |
| ❌ Steeper learning curve | ❌ KYC/identity verification required |
| ❌ More technical knowledge required | ❌ Can't access many DeFi applications |
| ❌ Risk of permanent loss |
Most experienced users don't pick one; they use both strategically:
- Exchange wallet (custodial) → active trading and buying.
- Mobile wallet (non-custodial, hot) → small amounts for daily use.
- Hardware wallet (non-custodial, cold) → majority of holdings.
🔥 Top Wallets
Top Hot Wallets:
- MetaMask. The undisputed king of web3 wallets. Launched in 2016 as a browser extension, it pioneered the "connect wallet" button now standard across DeFi and NFT platforms. Started Ethereum-only, now supports multiple chains. Non-custodial with 12-word seed phrase. Nearly every dApp has "Connect MetaMask" functionality. Available as a browser extension and a mobile app. The standard for Ethereum DeFi.
- Trust Wallet. Acquired by Binance in 2018, but remains open-source and non-custodial. Mobile-first wallet supporting a massive range of cryptocurrencies and blockchains. Built-in dApp browser, DEX aggregator, and NFT support. Popular for BNB Chain and alternative L1s. All-in-one solution for users who want everything handled from their phone.
- Base App (formerly Coinbase Wallet). A separate non-custodial wallet from Coinbase. Built on Base, Coinbase's Ethereum Layer 2. Available as a browser extension and a mobile app. Supports Ethereum, Base, other EVM chains, plus Bitcoin. Smooth integration with the Coinbase exchange for an easy on-ramp to self-custody.
- Phantom. The premier Solana wallet, launched in 2021. Laser-focused on UX with the cleanest interface in the space. Browser extension and mobile app. Supports Solana, Ethereum, Polygon, and Base. Pioneered transaction simulation showing you what happens before you sign. The MetaMask of Solana. Non-custodial with recovery phrase.
Top Cold Wallets:
- Ledger. The most recognised hardware wallet brand since 2014. French company, billions secured. Models: Nano S Plus and Nano X. Secure element chips (like credit cards) store keys in tamper-resistant hardware. Small screen verifies transactions, physical buttons confirm. Ledger Live software manages assets across thousands of cryptocurrencies. Works with MetaMask and other wallets.
- Trezor. Original hardware wallet from the Czech company SatoshiLabs (2014). Ledger's main competitor. Fully open-source hardware and firmware; the community can audit everything. Valued by users who prioritise transparency and "don't trust, verify" philosophy.
- Tangem. A newer approach that was launched in 2018. Credit-card-sized smart cards with NFC. Tap against the phone to sign transactions, no cables, no Bluetooth, no batteries. Also introduced the world's first ring-shaped hardware wallet.
Key Takeaways
- Wallets don't store crypto; they store keys. Your assets live on the blockchain. The wallet is just the keychain that proves you own them. This is why you can access the same crypto from different wallet applications.
- Not your keys, not your coins. This isn't just a catchy phrase; it's a literal truth. Custodial wallets mean someone else controls your keys and, therefore, your crypto. Non-custodial wallets give you control and responsibility in equal measure.
- Security and convenience have an inverse relationship. Hot wallets connected to the internet are convenient but vulnerable. Cold wallets stored offline are secure but less convenient. Hardware wallets offer the best balance for significant holdings.
- Use multiple wallet types strategically. Exchange wallet for buying and trading, mobile wallet for small amounts and daily use, and hardware wallet for serious holdings. Don't put all your eggs in one basket or all your crypto in one wallet.
Final Thought
The traditional financial system has trained us to outsource responsibility for our assets. We expect banks to protect our money, credit card companies to reverse fraudulent charges, and governments to insure deposits. Crypto wallets represent the opposite philosophy: radical self-sovereignty and radical self-responsibility.
Once you truly understand wallet security and practice good habits, this transforms into something else entirely. Empowerment. You realise you're holding financial instruments that no government can seize, no bank can freeze, and no company can deny you access to. For the first time, you actually, genuinely own a form of money that exists outside any institution's control.
The question is whether true ownership is worth the responsibility. In my view, for anyone serious about crypto, the answer is absolutely yes. Just take your time, start with small amounts, practice good security habits, and never stop learning.
If you learnt something new today, pass it on. Share it with your community. Let's spread the knowledge and level up together.
That's a wrap, normies. Next time, we'll discuss forks. Stay tuned 🌿
Cookies She Left Behind
If you'd love to dig deeper into the topic, I'd also recommend reviewing the below:
- What is a Cryptocurrency Wallet? by Whiteboard Crypto