Why custodial, in 2025?

You'll get this question if you build anything custodial in 2025: “why don't you let the user hold their own keys?”

Short answer: because the user has decided their relationship with crypto is your problem. They want a balance, a deposit address, a withdrawal button. They don't want a seed phrase. They especially don't want to be the one responsible when their dog eats the seed phrase.

Long answer is more interesting. Custodial vs non-custodial isn't a moral question; it's a UX question dressed up as a moral one. The serious threats to a user's funds are, in roughly this order:

1. Phishing / social engineering. Affects custodial and non-custodial almost equally.
2. Their own device being compromised. Strictly worse for non-custodial.
3. The custodian going down. Doesn't apply to non-custodial.

For users who can defend against (1) and (2) — security researchers, OG holders, dedicated DeFi users — non-custodial is correct. For everyone else, the third risk is the one you can engineer against. So we do.

SwyDex's answer: KMS-wrapped DEKs, decrypt-only runtime, tenant-scoped queries enforced by static analysis tests, and an export path so a user can leave with their funds if you (or we) ever fail.

If you want to give your users self-custody, we ship that too — see non-custodial mode. But for most B2B integrations, custodial is the answer your users are quietly asking for.