Skip to main content
T TON Adoption
RU
← Glossary
NODE/03 · Term

Custodial wallet

Wallet in which the provider, not the user, holds the private keys. Access is through a login or a Telegram account, support can restore lost credentials, but funds effectively belong to the service rather than the user on-chain.

Aliases: custodial, hosted wallet, exchange wallet

Custodial wallet is a service that stores user private keys on its own servers. From the user’s perspective it resembles a bank account: there is a profile with a balance, login flows via password or social account, and the service executes operations on the user’s behalf.

How it works

The user signs up — often through a Telegram account, email, or phone number. The service creates a TON address for that user but keeps the private key on its side, usually in a hot wallet or HSM. When the user clicks “send TON,” the request goes to the provider’s backend; the backend constructs and signs the transaction with its own key and broadcasts it.

Many providers do not even map every user to a separate on-chain address. All funds sit in a large pooled wallet, and internal transfers are recorded as database entries off-chain without ever touching the blockchain. This is called an omnibus structure.

Where it appears

  • Wallet inside Telegram (the @wallet bot) — flagship example of a custodial TON wallet.
  • Centralised exchanges — Binance, Bybit, OKX, Bitget, MEXC. TON balances on an exchange are custodial.
  • Telegram Stars and adjacent services — Stars economics relies partly on custodial flows.
  • Payment processors and changers holding user balances on their own books.

Advantages

  • Easy onboarding. No seed phrase to write down, no address formats to learn. Account creation takes about 30 seconds.
  • Recovery through support. Forgot the password or lost the Telegram account? The provider can usually restore access (typically via KYC documents and verification).
  • UX. In-service transfers are instant and free, because they are off-chain.
  • Fiat integration. Most custodial wallets ship card or bank on-ramp and off-ramp directly inside the interface.

Drawbacks and risks

  • Counterparty risk. The service can go bankrupt (as FTX did), get its hot wallet drained, or be shut down by regulators. In those scenarios user funds may never come back, or come back partially after years.
  • KYC and freezes. Accounts can be locked for suspicious transactions, sanctions screening, or government requests. Exchanges routinely freeze balances with no clear explanation.
  • Censorship. The provider can refuse to process specific transactions or interact with specific addresses.
  • No direct DeFi. To use STON.fi, DeDust, or any TON Connect dApp, funds must first be withdrawn to a non-custodial wallet.

Difference from an on-chain wallet

The clearest test is where the balance lives. If the balance is only visible in the service’s UI but Tonscan shows zero on your personal address, it is custodial — you hold an IOU from the provider, not on-chain TON.

For larger holdings the standard advice is unchanged: custodial wallets are useful for small day-to-day operations (Telegram Stars, subscription payments, active trading), while long-term storage belongs in a non-custodial wallet you control yourself.

Related terms