In November 2022, FTX, the second-largest crypto exchange at the time, collapsed in under a week. More than one million users discovered their balances were never fully backed. About 8 billion dollars in customer funds were frozen, much of it still tied up in bankruptcy proceedings years later.

FTX users did not lose their crypto to a hacker. They lost it to the exchange itself. That is the risk most people miss when they decide to keep crypto on an exchange: the account screen says the balance is yours, but until you can move it on-chain, what you own is only a promise from the exchange to give it back when you ask.

This guide is about when that promise holds up, when it does not, and what the alternative looks like in practice.

What "crypto on an exchange" means

When you buy Bitcoin on a crypto exchange, what you own is a balance in the exchange's internal ledger. The exchange holds the underlying keys. The exchange decides when you can withdraw. Until you move the crypto to a wallet where you hold the private key, the exchange is the custodian, not you.

This is what "not your keys, not your coins" means. It is not a catchphrase. It is a legal description of who the asset belongs to when something goes wrong. In bankruptcy proceedings, exchange customer balances have historically been treated as unsecured claims against the exchange, not as property held in trust. Being an unsecured creditor means you get in line, and the line is long.

What has gone wrong recently

Two incidents are worth knowing about specifically.

FTX collapsed in November 2022. The exchange filed for bankruptcy after a run on withdrawals revealed it had been lending customer funds to a related trading firm. About 8 billion dollars in customer funds were frozen. Recovery has been partial and slow, and the bankruptcy court is still sorting claims more than three years later.

Binance reached a 4.3 billion dollar settlement with the US Department of Justice in November 2023 over anti-money-laundering and sanctions violations. The exchange continues to operate. The settlement is a reminder that even large, apparently stable exchanges can be operating under regulatory exposure their customers do not see from the outside.

Both cases had the same lesson. People who had already moved their crypto to self-custody were not exposed to the exchange's internal problems. People who had not were exposed to whatever happened next.

When keeping some crypto on an exchange is fine

We are not going to tell you to never touch an exchange. That would be unrealistic. Exchanges are where you buy crypto in the first place, and they are useful for active trading, frequent swaps, and small balances you are moving around.

The rule of thumb most self-custody-focused users follow is the one worth copying: keep on the exchange only what you would be willing to lose to a worst case. Move everything else to a wallet you control. The specific threshold depends on how much you hold, how active you are, and how long the exchange has been around, but the principle is the same at any size.

Some people call this "hot wallet balance, cold wallet savings." A small operating balance on the exchange for buying and swapping, the rest offline. Exchange balances behave like a hot wallet: convenient, reachable, and dependent on a third party staying solvent. Savings belong in cold storage you control.

What self-custody solves

Self-custody is not a hack or a workaround. It is the default that Bitcoin and most crypto were originally designed around. You hold the keys. You decide when to move. No third party can freeze your balance, delay your withdrawal, or go bankrupt with your money inside.

The trade-off is that you are now responsible for the keys. That has historically meant managing a seed phrase, which is the single recovery string most hardware wallets generate at setup. Seed phrase management is where most self-custody losses happen. Not to hackers. To house fires, photos that end up in iCloud, password managers that get breached, and notes nobody can find when they need them.

So the real question is not "exchange or self-custody." It is "exchange or self-custody, and if self-custody, how do I handle the recovery question without creating a new single point of failure?"

That second question is what we spent the last two years building around.

How we think about this with Ryder One

We built Ryder One to be the self-custody option for people who do not want the usual seed-phrase-on-paper ritual. TapSafe Recovery distributes backup across three layers: a Recovery Tag you keep somewhere safe, a backup on your phone, and an optional circle of Recovery Contacts who are friends or family running the Ryder App. No single layer unlocks the wallet alone.

The seed phrase is still accessible on the device if you ever want to see it, and it is BIP-39 compliant, so you are never locked to our hardware. The default path simply does not require you to depend on it. That matters because the most common way people lose crypto to self-custody is not getting hacked. It is losing the paper.

The rest of the device is built around the same idea of removing single points of failure. Ryder One is NFC-only, fully offline, with no USB port and no buttons. The 1.6-inch AMOLED display shows the full destination address before you approve, so clipboard swaps and address-poisoning attacks fail at the last gate. Keys sit inside an EAL6+ secure element, and setup takes about a minute.

If you have been keeping crypto on an exchange and the FTX headline is what brought you here, Ryder One is the alternative we would recommend to our own family.