My teenage son asked me last weekend what happens to my "computer money" if I die. I gave him the confident dad answer about self-custody and being my own bank. Then I realized I did not actually have one, because the honest answer involves incapacity, not just death.
The phrase that has anchored a decade of crypto culture is "not your keys, not your coins." It is a good line. It compresses a real truth about counterparty risk into five words that fit on a sticker. But sitting across from my son, I heard the unstated clause for the first time. Not your keys, not your coins, and also not your kids' coins, not your spouse's, not anyone's once you are gone or no longer able to remember the seed phrase that controls them.
For years I bought the orthodoxy completely. Hold your own keys. Trust no custodian. Be your own bank. It is a clean philosophy and an emotionally satisfying one, especially for anyone who watched TradFi freeze accounts, lose records, or charge a fee for the privilege of holding your own money. The trouble is that the philosophy quietly assumes something it never states out loud. It assumes you will be alive and lucid every single day you own the asset. You will not always be that. None of us will.
This article argues that the self-custody movement solved the wrong half of the problem. It built an elegant defense against theft and seizure while leaving the most common failure mode, the slow human one, completely unaddressed. And it argues that the institution crypto was built to replace, the custodian, is the only part of this system actually engineered for a human lifespan.
The Orthodoxy and Its Blind Spot
To understand why this matters, you have to understand how deep the orthodoxy runs. Self-custody is not a feature in crypto. It is the founding ideology.
Bitcoin's genesis block carried a headline about bank bailouts. The entire point was to remove the trusted third party from the act of holding and moving value. A private key is the purest expression of that idea. Whoever holds it controls the money, absolutely and without appeal. No bank can freeze it. No government can claw it back through the protocol. No customer service line can reset it.
That absoluteness is the feature. It is also the bug. The same property that makes a private key impossible for an adversary to override makes it impossible for a court, a family member, or a doctor to override either. The protocol does not distinguish between a thief trying to steal your keys and a daughter trying to recover her incapacitated father's savings. It treats both as outsiders without the secret, and it locks both out with identical, mathematical finality.
The crypto community has spent enormous energy hardening the system against the first scenario. Hardware wallets, air-gapped signing, multisig arrangements, passphrase splitting, geographically distributed metal backups. An entire industry of careful, clever engineering exists to make sure the wrong person can never get your keys. Almost none of that energy has gone toward the opposite and far more common problem: making sure the right person can get them when you no longer can.
What the Lost Coins Actually Tell Us
The scale of this blind spot is not a hypothetical. It is already sitting on the blockchain, visible to anyone who cares to look, in the form of coins that will never move again.
Estimates of permanently lost Bitcoin vary by methodology, but they cluster in a striking range. Analysts at firms tracking long-dormant wallets put the figure somewhere between 2.3 million and 3.7 million coins, roughly 11 to 18 percent of the 21 million that will ever exist, with some estimates reaching toward 20 percent (CoinLedger research, August 2025). At current prices, the high end of that range represents well over 200 billion dollars of value that is real, on-chain, and utterly unreachable.
Here is the part that should reframe the entire conversation. The overwhelming majority of that loss was not theft. Chain analysis of these wallets shows addresses that simply went silent, often for five, ten, or more years, with no signs of a hack and no movement of any kind (Ledger Academy, 2025). These are people who died, who lost a drive, who threw out a laptop, or who forgot. A separate estimate focused specifically on death and incapacity puts permanently lost crypto in the range of 60 to 80 billion dollars from owners who passed away or became unable to share access (CryptoAdventure, 2026).
Sit with that comparison for a moment. The headlines obsess over the nine-figure exploits, the bridge hacks, the smart contract failures. Those are real and I have written about them at length. But the largest single category of vanished crypto wealth is not a clever adversary. It is mortality and memory, working exactly as they always have, against a system that made no accommodation for either.
Death Is the Easy Case. Incapacity Is the Hard One.
When people do think about crypto and mortality, they think about death. There is a small but growing industry around crypto inheritance, and most of it is framed around what happens when the holder dies. That framing, I have come to believe, hides the harder and more frequent problem.
The Slow Failure Nobody Plans For
Death is, perversely, the clean case. There is a date, a certificate, a legal event that triggers a process. The much messier scenario is incapacity. The slow kind. A stroke that takes language and memory but not life. Early dementia. The six-month or six-year window where a parent is still very much here, still your parent, but can no longer recall a 24-word phrase or reliably approve a transaction.
This is not an edge case. It is the statistically normal way that human beings decline. Most of us do not die suddenly with our affairs in order. Most of us fade, and during that fade we lose precisely the cognitive faculties that self-custody depends on: the ability to remember a secret, to recognize a phishing attempt, to understand which transaction we are signing and why.
A self-custodied wallet has no concept of this state. To the protocol, an 80-year-old in the early stages of dementia who can still be coaxed into signing a transaction is indistinguishable from a sovereign individual exercising free choice. There is no graduated capacity, no observation period, no second signer who can say "wait, he does not understand what he is approving." The keys do not care that you are confused.
TradFi Solved This a Century Ago
Traditional finance, for all its faults, has an entire legal apparatus built for exactly this human reality. It is called a power of attorney, and a durable one specifically survives the incapacity of the person who granted it. A bank account, a brokerage account, a pension, all of them can be managed by a designated agent the moment a doctor certifies that the owner can no longer manage their own affairs.
This is not a loophole or a workaround. It is core infrastructure, refined over more than a century of probate law, guardianship statutes, and fiduciary duty. The entire point is to handle the gap between a person being alive and a person being capable. TradFi treats that gap as the normal course of a human life, because it is.
A self-custodied wallet has nothing equivalent. There is no field for "trusted agent upon incapacity." There is no mechanism for a court-appointed conservator to be recognized by the blockchain. The seed phrase is the only authority, and the seed phrase cannot be delegated to a future version of events. You either share it now, accepting all the risk that comes with another person holding total control today, or you do not share it, accepting that your incapacity will lock the funds forever.
The Steelman: Maybe Sovereignty Is Worth the Cost
Let me give the orthodoxy its strongest defense, because it has one. The self-custody maximalist would say this is not a bug but a deliberate trade. The whole point of removing the trusted third party is that third parties fail. Custodians get hacked, go bankrupt, freeze withdrawals, and collude with governments to seize assets. The graveyard of crypto is full of exchanges that took customer keys and lost them. Mt. Gox, Celsius, FTX. "Not your keys, not your coins" was earned in blood.
From this view, the lost coins are not a system failure. They are the price of a system with no master key, and a system with no master key is the only kind that cannot be quietly compromised. Introduce a recovery mechanism for incapacity and you have introduced an attack surface. Whoever can recover your keys when you are confused can also be tricked, coerced, or subpoenaed into recovering them when you are not.
This is a serious argument and I do not dismiss it. But notice what it actually defends. It defends self-custody as the right choice for a specific person: technically capable, in good health, willing to accept total personal responsibility, and holding assets they are prepared to lose if they make a mistake. That describes a real population. It does not describe a grandmother, a stroke survivor, or a teenager inheriting coins they never asked to manage. The maximalist case is strong precisely where the user matches the assumptions, and it collapses everywhere else.
The Tooling Is Coming, Slowly
To be fair to the ecosystem, the gap is starting to be addressed. The question is whether the tooling can mature faster than the population of holders ages.
The most promising direction is multisig, particularly the 2-of-3 arrangement. You hold one key, a trusted party holds a second, and a service or lawyer holds a third. While you are alive and well, you keep effective control because no one else can act without you. If you become incapacitated or die, two of the remaining parties can cooperate to recover the funds, and crucially, no single one of them can move the money prematurely on their own (Ryder, 2026).
Services like Casa, Unchained, and Nunchuk have built their businesses around exactly this framing, treating long-term access and inheritance as a first-class problem rather than an afterthought. There are also dead-man's-switch designs, lawyer-held encrypted instructions, and time-locked recovery paths. In March 2026, a wallet provider launched a dedicated digital inheritance feature aimed squarely at the self-custody crowd, which tells you the market is finally pricing the problem (BusinessWire, March 2026).
This is genuine progress, and if you self-custody, setting up a 2-of-3 today is the single most responsible thing you can do. But I want to be honest about the limits. These solutions require the holder to be technically sophisticated, forward-thinking, and disciplined enough to set them up correctly while healthy. That describes a small fraction of the people who own crypto. The vast majority hold a single seed phrase on a piece of paper or, worse, in their head. The tooling exists. The adoption does not. And incapacity does not wait for you to get around to it.
Run the Numbers Like a Risk Manager
Strip the ideology away and look at this the way a risk committee would, because the comparison is stark.
The table below frames the two custody models against the failure modes that actually destroy wealth. I have spent enough years in bank risk functions to know that the question is never "which system is philosophically purer." It is "which system fails gracefully, and which one fails catastrophically and silently."
| Failure mode | Self-custody (single key) | Regulated custodian |
|---|---|---|
| Exchange insolvency | Fully protected | Exposed (counterparty risk) |
| State seizure via protocol | Protected | Exposed (subpoena, freeze) |
| Theft of keys | Exposed if keys compromised | Insured, recoverable |
| Owner death | Locked forever unless pre-arranged | Recoverable with death certificate |
| Owner incapacity | Locked forever, no legal hook | Power of attorney applies |
| Simple human forgetting | Permanent loss | Account recovery process |
Look at the bottom three rows. Death, incapacity, and forgetting are not exotic tail risks. They are certainties on a long enough timeline. Every single person holding crypto today will, with probability approaching one, eventually die, and a large fraction will pass through a window of diminished capacity first. The self-custody column answers those certainties with "locked forever." The custodian column answers them with a process, an afternoon of paperwork, and a death certificate.
A custodian holding 200 billion dollars of dormant assets would face regulators, audits, and a legal obligation to locate beneficiaries. The blockchain holding the same value faces nothing. It simply records the silence. From a pure capital-preservation standpoint, a system that loses 18 percent of its supply to its own users would be considered a catastrophic operational failure in any other corner of finance.
What This Means If You Hold Crypto
So I have changed my mind in public, which is an uncomfortable thing to do. I used to think custodians were the compromise you tolerated, the necessary evil for people not serious enough to hold their own keys. I now think they are the part of this industry actually built for the full arc of a human life.
That does not mean sell everything to an exchange. The maximalist warnings about counterparty risk are real and I am not retracting them. It means matching the custody model to the person and the moment. For active, technical holders managing assets they can afford to lose, self-custody with a properly configured 2-of-3 multisig is defensible and probably correct. For long-term holdings meant to pass to a family, for elderly relatives, for anyone whose primary risk is not theft but their own eventual incapacity, a regulated custodian with a clear inheritance and power-of-attorney path is not a betrayal of the cause. It is competent estate planning.
The concrete signals to watch over the next two years are worth naming. Watch whether multisig inheritance tooling moves from a niche product for enthusiasts to a default prompt in mainstream wallets. Watch whether regulators begin to treat crypto inheritance the way they treat dormant bank accounts, with escheatment and beneficiary-location requirements. Watch the "inheritance time bomb" that analysts now openly forecast for 2026, as the first large cohort of long-term holders reaches the age where incapacity and death stop being abstractions (CryptoSlate, 2026). The protocols will not flag any of this. The dormant wallet count will just keep climbing.
If you take one action after reading this, make it the boring one. Write down, today, what happens to your coins if you cannot remember the phrase tomorrow. A 2-of-3 setup, a lawyer-held instruction, a custodial account for the long-term portion. Anything but a single secret in a single head.
The Confident Dad Answer
My son did not ask a hard technical question. He asked the most basic question there is about any store of value: what happens to it when you are gone. Every system humans have ever built to hold wealth has needed an answer to that question, because the question is older than money. Self-custody is the first system I can think of that simply does not have one, and treats the absence as a virtue.
We built a beautiful defense against the thief at the door and forgot that most people are not robbed. Most people grow old. They forget. They get sick. They leave behind the people they were trying to protect, and a piece of paper those people cannot read. The system we designed to liberate the individual quietly punishes exactly the individuals who most need protecting: the elderly, the sick, and the heirs who never signed up to learn cryptography.
Sovereignty is wonderful right up until the moment you can no longer exercise it. The lesson my son pulled out of me, the one I did not have ready, is the same lesson every durable financial institution eventually learns. Build for the bad day, not the bull run. What does your "computer money" do on the day you cannot answer for it yourself?
Further Reading
- The Keys Were Always the Weakest Link. Crypto Still Hasn't Fixed It.: if incapacity is the human failure mode of key custody, this is the operational one. How concentrated signing authority keeps draining protocols, and what TradFi did to fix it.
- $292 Million Gone in 46 Minutes: what happens when a single key with no fallback sits at the center of a billion-dollar protocol, and why a risk manager would have flagged it on day one.
