You bought Bitcoin on an exchange. Coinbase. Kraken. Crypto.com. FTX (well, not anymore). It's sitting there right now. You check the balance almost daily. It feels secure—you have 2FA enabled, a strong password, everything you think should protect it.
But ask yourself a simple question: Who actually owns your Bitcoin?
The uncomfortable answer is: The exchange does. You don't. And that distinction matters enormously.
The Reality: Exchange Risk Is Not Theoretical
This isn't speculation. This is history repeating itself, over and over, with your money on the line.
Mt. Gox: 850,000 BTC Lost
In 2014, Mt. Gox was the world's largest Bitcoin exchange. It held about 7% of all Bitcoin in existence at the time. Then it was hacked. 850,000 Bitcoin disappeared—worth roughly $475 million at the time, worth billions today. Customers waited over a decade for partial recovery. Many never recovered anything.
FTX: $8 Billion Vanished
FTX was the hottest exchange of 2022. Celebrity-backed. Mainstream. Regulated. Then the CEO, Sam Bankman-Fried, was found to have secretly diverted customer funds to his personal trading firm. $8 billion in customer assets simply gone. Not hacked. Stolen by the people running the platform.
Bybit: $1.5 Billion in Unconfirmed Breaches
In 2024, reports emerged of significant security breaches affecting Bybit. In the crypto world, breaches of this magnitude mean customer funds are at risk. The exchange either had to admit a hack or face questions about their security controls.
DMM Bitcoin: $320 Million Stolen
A Japanese exchange suffered a hack that resulted in $320 million in customer Bitcoin disappearing overnight. The funds were never recovered.
QuadrigaCX: Founder Dies with the Keys
QuadrigaCX was a major Canadian exchange. The founder, Gerald Cotten, was the only person with access to the cold storage keys. He died suddenly in India—and $190 million in customer Bitcoin became permanently inaccessible. Investors were left with nothing. A centralized system failed catastrophically when the central person died.
The Five Ways Your Bitcoin Can Disappear on an Exchange
1. Exchange Gets Hacked
Hackers target exchanges constantly. They're high-value targets—thousands of private keys, all sitting in one place. Even well-funded exchanges with dedicated security teams get breached. When they do, customer funds vanish. Cold storage can help, but if the exchange keeps funds in hot wallets for liquidity (which they do), you're exposed.
2. Exchange Becomes Insolvent
An exchange might be solvent today and bankrupt tomorrow. A bad trade. A CEO embezzlement. A failed investment. When the exchange collapses, your Bitcoin goes with it. You become an unsecured creditor in a bankruptcy proceeding, fighting with thousands of other victims for whatever assets remain (often cents on the dollar).
3. Regulatory Seizure
Governments can shut down exchanges and freeze customer funds. This is happening in real-time in various countries. Your Bitcoin sits in an exchange in a jurisdiction that decides to regulate it out of existence—and suddenly you need lawyers and years of legal proceedings to access your own money.
4. Withdrawal Freezes
When an exchange faces problems (hacks, insolvency, regulatory pressure), one of the first things it does is freeze withdrawals. Your Bitcoin is still there on paper, but you can't access it. You watch as the exchange scrambles to fix its problems (or fails to fix them). You're locked in.
5. Inside Job or Negligence
An employee steals keys. An administrator mistakes delete your account. A insider rug-pull happens. Negligent security practices expose your keys. The exchange didn't get hacked—the system simply wasn't secure enough. And you lose.
The Central Problem: You Don't Control the Keys
Bitcoin's entire security model depends on one principle: whoever controls the private key controls the Bitcoin.
When you hold Bitcoin on an exchange, the exchange controls the private keys. You have an account balance. You have a password. But you don't have the actual ability to move your Bitcoin without the exchange's permission. If the exchange says you can't withdraw, you can't. If the exchange loses the keys, your Bitcoin is gone. If the exchange's system is compromised, so are your funds.
This is called custodial storage. You're trusting a third party to hold your asset. Bitcoin was invented specifically to eliminate the need for this trust. Satoshi's original vision was a system where you could control your own money without relying on intermediaries. Using an exchange to hold Bitcoin long-term completely undermines that vision.
When Exchanges ARE Appropriate (And When They're Not)
Appropriate use: Trading and buying
Exchanges serve a real purpose. You need somewhere to convert fiat currency into Bitcoin. You might want to trade. You might want to dollar-cost average. For these short-term activities, exchanges make sense. The risks are manageable because you're not holding large amounts for long periods.
Not appropriate: Long-term storage
If you're a Bitcoin HODLer—someone buying Bitcoin and holding it for years—an exchange is the worst place to keep it. Every day you leave Bitcoin on an exchange is another day you're exposed to exchange-specific risk. You're betting that nothing goes wrong with the exchange before you decide to move it. Don't make that bet.
The solution: Use exchanges as ramps, not vaults
Use exchanges to buy Bitcoin. Then move it immediately to self-custody. Use the exchange as a transactional tool, not a storage device. This way you get the convenience of buying on an exchange with the security of controlling your own keys.
Self-Custody: The Answer
The answer to exchange risk is simple: stop keeping your Bitcoin on exchanges.
When you use self-custody, you hold the private keys to your Bitcoin. No exchange. No company. No intermediary. Your Bitcoin sits on the public blockchain, and only you can spend it. If an exchange collapses tomorrow, it doesn't matter—your Bitcoin is unaffected. If regulators shut down every exchange in the world, it doesn't matter—you still control your Bitcoin.
This is the security promise of Bitcoin: You can be your own bank.
How self-custody works
You buy a hardware wallet (Coldcard, Ledger, Passport, Jade—roughly $50-150). You set it up, write down your seed phrase, and store it safely. Then you move your Bitcoin from the exchange to an address controlled by your hardware wallet. From that point forward, only you control the Bitcoin. The exchange has no access. Hackers can't steal it. Regulators can't freeze it. The system can't fail because you're not relying on any system—just math and cryptography.
Making the Migration: Your Step-by-Step Path
Step 1: Decide how much to move
You don't have to move everything at once. Start with 50% or even 25% of your Bitcoin. Move it to self-custody. Once you're comfortable with the process, move the rest.
Step 2: Order a hardware wallet
Choose a reputable option (Coldcard, Ledger, Passport, or Jade). Order from an official source. Never buy secondhand—the device could be pre-compromised.
Step 3: Set up and back up your seed phrase
Follow the setup process. Write your seed phrase on paper. Store it somewhere safe (safe deposit box, home safe, etc.). This is your backup. If anything happens to the device, you can recover your Bitcoin using just this phrase.
Step 4: Do a test transaction
Before moving all your Bitcoin, send a small amount ($50 or so). Verify it arrives. Verify you can see it in your wallet software. Once this works, you know the process is correct.
Step 5: Move your Bitcoin
Send the rest of your Bitcoin from the exchange to your hardware wallet. Wait for confirmation. Verify on the blockchain. You now control your Bitcoin.
That's it. The entire process takes an afternoon and costs maybe $100 for a hardware wallet.
Ready to Move Your Bitcoin?
The Self-Custody Setup Walkthrough provides step-by-step video guidance for every hardware wallet type, including address verification and safe migration from exchanges.
Get Walkthrough ($19)The Cost of Waiting
If you've been holding Bitcoin on an exchange while reading this article, you're exposed. Not definitely exposed—but exposed. The next major exchange hack might not happen for months or years. Or it might happen tomorrow. You're betting on an exchange you probably don't fully trust to remain solvent and secure.
The cost of moving Bitcoin to self-custody is negligible: $100 for a hardware wallet, maybe an hour of your time. The cost of an exchange hack is potentially losing everything.
The math is simple. Move your Bitcoin today.
The Bottom Line
Bitcoin exchanges are not vaults. They're not banks. They're companies that can be hacked, shut down, or mismanaged. Your Bitcoin sitting on an exchange is exposed to exchange-specific risks that have nothing to do with Bitcoin itself. The most expensive exchange hack in history (Mt. Gox at 850,000 BTC) proves this point. The most brazen example (FTX at $8 billion) proves it again.
Self-custody eliminates this risk category entirely. You control the keys. You control the Bitcoin. No exchange. No company. No intermediary. Just you and the Bitcoin you own.
The uncomfortable truth is this: Your Bitcoin is not safe on an exchange. But it can be safe in your own hands. The question is whether you'll take the responsibility to secure it yourself.