The Wallet They Call Unhosted
In December 2020, a United States financial regulator published a proposed rule about your bitcoin and, in passing, gave it a name. The rule concerned wallets that no company holds for you: the kind where you, and only you, keep the keys. FinCEN called them unhosted wallets.
Sit with the word for a second. It describes your wallet by what it is missing. No host. No custodian. No warden standing between you and your own money. The word only makes sense if you have already decided that having someone else hold your money is the natural state, and holding it yourself is the deviation that needs a special, slightly suspicious label.
The vocabulary is backwards, and it is worth seeing exactly how.
What they call a wallet
Most people who own bitcoin have never held any. What they have is an account at an exchange. They call it their wallet, and the exchange is happy to let them, but it is not a wallet. It is an IOU. The coins sit on the company’s books; the customer holds a promise that the company will pay out if asked, if it is solvent, if it is not frozen, if it has not been hacked, if it still exists on the morning they go to withdraw.
And this is the most dangerous way to own bitcoin. Not the scariest-sounding way; the most dangerous one, by the plain record. In the decade and a half that exchanges have existed, the list of custodians that held people’s coins and then failed, through fraud, mismanagement, or a breach, is long and still growing: Mt. Gox, QuadrigaCX, Celsius, FTX, and a trail of smaller names most people have already forgotten. The base rate is high enough that the honest way to think about coins sitting on someone else’s books is not whether that third party fails, but when.
So the friendly word, wallet, gets attached to the arrangement where a third party owns your bitcoin. And the cold, clinical word, unhosted, gets attached to the one where you own it yourself. Bitcoin’s entire reason for existing is that you can hold the keys. That is the default action. That is the point. Somewhere between the whitepaper and the rulebook, the language got flipped, so that the thing bitcoin was built to do now sounds like a deficiency you should be nervous about.
I am spelling this out early because the naming does real work. It is designed, whether by intent or by reflex, to make self-custody feel fringe, technical, and dangerous. It is none of those things. It is the original thing.
The same blind spot, twice
When an institution cannot name something correctly, it usually cannot judge its risks correctly either. And the risk you have been sold about self-custody is almost pure theater: a hacker in a hoodie draining your wallet from the other side of the world, exotic malware, some cryptographic break that turns your savings to zero while you sleep.
I have spent more than twenty years around crypto and software companies, watching what actually goes wrong. That is not how individuals lose bitcoin. The dramatic attack is rare because it is expensive and, against one ordinary person holding keys correctly, usually not worth it. The real losses are quieter, and almost none of them involve an attacker at all.
What actually loses coins
Four things take people’s bitcoin, and a hacker is not on the list.
You lose the backup. The recovery words get forgotten, thrown out with old paperwork, soaked, burned, or written down somewhere you can no longer reconstruct. The single largest cause of permanently lost bitcoin is not theft. It is people losing access to their own keys.
You are not there. You die, or you are incapacitated, and no one you love can reach the coins. Perfect secrecy with no survivability is not security. It is a slow way to burn money, secure right up until it is gone forever.
Someone stands in the room with you. This is the rare high-value case: not a remote genius, but a person who knows you hold and is willing to be physically present about it. It is uncommon. It is also the only “attack” most self-custodians will ever plausibly face, and it is defeated by planning, not by a stronger password.
You outsmart yourself. The overbuilt setup you can no longer operate. The clever multisig where one key went missing and now the funds cannot move. More people are wrecked by their own cleverness than by any adversary.
Notice what these have in common. Every one is boring. Every one is defeated in advance, by a decision made calmly ahead of time, not by vigilance in the moment. This is the good news hiding inside the fear: the real risks are the ones you can actually plan around.
Custody that matches the real risks
So hold your own keys in the shape of the real threats, not the imaginary one. You do not have to do everything. You have to do the right few things, in order.
Start with one hardware wallet. Buy a dedicated device, initialize it, and write down the recovery words it gives you. That is already a larger step than most people ever take, and it already removes the biggest risk you were carrying: that the company holding your coins vanishes, freezes, or is breached with your balance on its books. A cheap device you control beats the most reputable exchange, because it deletes the third party entirely.
Back it up as if it is the wallet, because it is. Those recovery words are the money; the device is just a convenient way to use them. Paper burns and fades, so put the words on metal. Keep a second copy in a different physical place, so that one fire or one burglary cannot take both. Then do the step nearly everyone skips: test the recovery once. Wipe the device, restore from your backup, watch the funds reappear. A backup you have never restored is not a backup. It is a hope.
Add layers only when the amount earns them. A passphrase, a secret extra word, creates a hidden wallet behind the obvious one. Multisig spreads the keys, so that spending needs, say, two of three, and no single backup and no single burglar is ever enough. These are genuine improvements. They are also more to maintain, and here is the one rule I would tattoo on every beginner: never build a setup you will not be able to operate in five years. The best custody is not the most sophisticated. It is the most sophisticated one you will still get right when you are tired, older, and have not thought about it in months.
Plan for the day you are not there. Decide now how someone you trust could recover the coins if you die or cannot act. This is not morbid; it is the difference between an inheritance and a number that dies with you. It can be sealed instructions left with a lawyer, or a multisig key held by an heir. The mechanism matters far less than the fact that you chose one on purpose.
You were the host all along
None of this asks you to be technical. It asks you to be deliberate a few times, in advance, while nothing is on fire. That is the whole discipline: not genius, not paranoia, just a handful of unglamorous decisions made early and then left alone. It is the same lesson every real security story ends on: the win is planned weeks before the moment, or it is not won at all.
The regulators named your freedom after the thing it appears to lack. Let them. The word says more about where they are standing, at a counter, wishing they had one more counterparty to subpoena, than about what you are doing. You are not missing a host. You are holding your own money, the way the system was built to let you.
You were never unhosted. You were the host all along.