Understanding the wallet wars
You may have noticed that wallet companies are getting gobbled up recently:
Privy → bought by Stripe
Portal → bought by Monad
Dynamic → bought by Fireblocks
With all the M&A activity, I wanted to break down the wallet landscape - what wallets are and how the various companies differentiate themselves.
Finally, I conclude with some thoughts on why one might buy a wallet company.
What is a wallet?
“Wallet” can be a confusing word as it's used to describe two different things:
Wallet address = Your account
This is where your money is stored (like a bank account number)
Wallet software = Your access tool
This is the application or program you use to manage your accounts (like a banking app)
Wallet software helps you create a wallet address, securely stores your "private key" (the password that proves you own the account), and it allows you to access your private key when you need to interact with your account.
Why wallets matter
Wallets are core to blockchains. Trading, stablecoin money movement, interacting with your favorite dApp, market making - they all need wallets. Even companies like Coinbase, PayPal, and Robinhood are built on wallet infrastructure.
Every blockchain interaction requires a wallet.
Understanding the wallet landscape
The novelty of blockchains is that anyone can create a wallet without permission. The challenge is in storing, and accessing the private key in a manner with the right tradeoff between ease of use and security.
Different approaches to key management serve different customers, whether individuals, institutions, or applications.
Storing keys
Wallets like MetaMask, Phantom, Ledger, or Trust Wallet store the private key hidden on your device - in your browser, on your phone, or in a file on Google Drive.These wallets are examples of “non-custodial” wallets. The point is the user (you) is the only one that holds that key, and the wallet is the software layer that manages accessing that key when you need it to interact with your account.
You might have heard of a "seed phrase" before. This is a backup code you can use to retrieve your private key if you lose access to your device.
[Fun fact - a seed phrase can generate billions of unique wallet addresses. The benefit is that you can have multiple wallet addresses but only have to manage a single seed phrase for backup. The big disadvantage is that if your seed phrase is leaked/stolen, the person who has it now has access to all the wallet addresses you used using that seed phrase.]
The benefits of these wallets is that you, the user, are completely in control. You, and only you, have complete and total access.
The problem is the user is completely in control…. You could lose access to your key, or you could accidentally click a malicious transaction and reveal the key. Things can go wrong.
In walk custodial wallets.
Custodial wallets
Because things can go wrong, some users or entities want (or are required by law) to use a trusted third party to manage the private key.
The word "custodian" just means that someone else is holding your key. It doesn't say how they're doing it, just that they have access to it and you do not.
Exchanges like Coinbase or Gemini hold the private keys that control their customer’s crypto assets (not too dissimilar to how a Web2 trading platform works). This allows them to offer an experience where users can hold and swap tokens without worrying about losing keys, paying gas fees, or clicking malicious transactions. On/off-ramps work similarly. These money movers can create wallets for each user (not too dissimilar from FBO accounts), and move money in / out of it on behalf of their users.
Wallet providers like Fireblocks, Anchorage, DFNS, and Turnkey have APIs that make it easy for businesses to create and manage custodial wallets for their users.
One thing to note is that "custodial" has both a technical and legal definition. Above, I've defined custodial in the technical sense - the user doesn't own the private key. But there's also an important legal definition: if you hold assets on behalf of someone else, you may need to meet certain regulatory requirements as a qualified custodian under SEC rules. This distinction matters because whether or not you want to meet the legal definition of a custodian will impact what wallet architecture you choose.
Novel approaches to private keys
You can imagine that users may want the benefits of non-custodial wallets - user ownership (and the lower legal standard of care/liability for the application) - with the benefits of custodial wallets (better user experience and key recovery).
One popular approach that has had recent success in meeting this desire is the MPC wallet.
Examples of companies that have MPC technology are Privy, Dynamic, and Portal.
These wallets do this in two ways:
1. split up the key so that the private key can only be "made" when N number of actors approve it. Typically, the actors include the user, the MPC provider, and the application that created the wallet for the user. The user themselves often must be one of the N number of signers for the wallet to be considered “non-custodial” from a legal standard. By having many holders, you unlock the ability for key recovery and add checks on interactions with a wallet.
2. the end users authenticate with their social logins. Users don't need to save the private key on their device - they just need access to a social account (e.g., your email) to prove who you are, and that gives you access to your key.
This has profound applications for companies that want to onboard customers to crypto without having them deal with private keys - giving them a better user experience and who do not meet the legal definition of a custodian.
If you're a dollar savings app, your customer can log in with their email, which also works as access to their piece of the private key. If they lose access to their email, no problem - the entire key isn't stored with them, so you can use the other two shares to recreate the third.
How wallets compete - who is their customer?
Like every product, wallets compete on the features that best serve their customer segment.
Direct to consumer - retail: MetaMask, Phantom, etc. are actually just software layers. If you're an application, you can't use MetaMask to create wallets. They are user-facing.
Direct to consumer - institutional: Fireblocks, Anchorage, BitGo are purpose-built to serve large institutions who themselves are the user. They offer both custodial and non-custodial options, with the customer in mind being a large institution who likely needs a qualified custodian, layers of security, audits, etc.
Direct to business: Privy, Dynamic, Para, Turnkey, DFNS, Fireblocks, etc. are all infrastructure that lets other businesses create wallets for their end users.
At a high level, wallets really do just fall on this spectrum of key management. On a technical level, they all have different ways of creating, storing, and accessing the key. These different approaches are nuanced but result in security trade-offs and feature trade-offs that likely matter to the customer they're serving.
So why buy a wallet company?
Wallets are foundational infrastructure for crypto. Whether you're building blockchain applications, serving developers who need blockchain tools, or managing institutional on-chain activities like stablecoin treasury services, wallets are essential.
The answer to why you'd buy a wallet company comes down to who your customer is. Stripe, Fireblocks, and Monad all serve developers who want to build on blockchains. For companies in this position, offering wallet infrastructure is critical - it lowers barriers to getting started and enables the product experience you're aiming for. Wallet-as-a-service companies like Privy, Dynamic, and Portal all serve this same developer audience.
But why buy instead of partner? The answer is stickiness - specifically, the stickiness of non-custodial wallet infrastructure. The non-custodial aspect is key. If you can move money on behalf of users, stickiness disappears. But if users must take action themselves to move funds, you have a truly sticky product.
With MPC wallets—the type all three companies offer—developers use them non-custodially because they often lack the proper licenses to be legal custodians (which are expensive, hard to obtain, and likely not related to their core business). To move off of a non-custodial wallet, the end users must actively transfer funds themselves. This creates powerful vendor lock-in.
When you're building what could become a trillion-dollar stablecoin business line serving the developer ecosystem, you can't afford to depend on a third-party wallet provider who controls a core part of your customers' experience and could extract rents at will. Owning wallet infrastructure isn't just about adding a feature - it's about controlling your destiny in the developer platform market.
