Centralized exchange risks (custody and exposure)

Delegation changes who can fail

Centralized exchanges often feel familiar: accounts, balances, support teams, interfaces that resemble online banking or trading platforms.

That familiarity is not accidental. It is designed. And while it makes crypto more accessible, it also obscures something important: using a centralized exchange is not the same as using a blockchain. It is using a company that uses a blockchain on your behalf.

Understanding the risks that come with that arrangement is not about assuming bad intent. It is about understanding what changes when someone else holds the keys.

Illustration of a centralized exchange with a crack in its structure

What custody actually means

Custody defines who controls the cryptographic keys, and in crypto, controlling the keys means controlling the assets.

On a centralized exchange, the platform holds those keys. Users do not sign blockchain transactions directly. They interact with the exchange's internal system, where displayed balances are database entries rather than direct on-chain ownership records.

To understand why this distinction matters, see What is a crypto wallet? (custodial vs non-custodial) and Keys, addresses, and seed phrases.

Blockchain transactions still happen, but they are managed in the background, often aggregated across many users. From the blockchain's perspective, individual exchange users are not recognised as owners of those assets. The blockchain recognises only the entity that controls the keys. What users see on screen is the exchange's promise to reflect that control back to them.

Convenience and abstraction

Centralized exchanges handle key management, transaction processing, and account recovery. For users who do not want to manage keys themselves, that removes real friction.

But the same abstraction that simplifies access also removes direct control. The convenience is real, but it comes with a trade-off. That trade-off is structural. It is not a temporary limitation or a feature that will be added later. It is part of how the model works.

Readers who decide they want direct control of their assets can follow How to move crypto off an exchange safely.

Exposure beyond hacking

Exchange risk is often discussed in terms of hacks. Hacking is real, but it is only one way things can go wrong.

Custodial exposure also includes operational failures, insolvency, frozen withdrawals, and regulatory intervention. These are different causes, but they produce the same effect: users cannot act independently at the protocol level. Access depends entirely on the platform's ability and willingness to process requests. That ability can disappear for reasons that have nothing to do with the user.

Irreversibility at a different layer

Blockchains enforce irreversibility at the protocol level. Once a transaction is confirmed, it cannot be undone.

Exchanges add a different kind of layer on top of that. Inside the exchange, some actions can appear reversible. Balances can be adjusted, accounts restricted, and withdrawals delayed or stopped. That flexibility belongs to the exchange, not to the user.

When an exchange fails, there is no blockchain-level recovery path for users who never controlled the keys. The blockchain will show the exchange as the entity that controlled those keys, because it was. The internal promise that those funds belonged to users existed entirely outside the protocol, and the protocol cannot enforce it.

Trust as a single point of failure

Using a centralized exchange means placing trust in something the protocol cannot see.

That trust is not in cryptography. The cryptographic layer still works as intended. It is trust in the exchange's operations, governance, and solvency, in the company remaining functional, solvent, and willing to honour withdrawals when requested. Whether those conditions hold is not something the protocol tracks or guarantees.

If that trust turns out to be misplaced, the protocol offers no remedy. It already did its job by processing the signatures the exchange submitted. What happens between the exchange and its users is outside its scope entirely.

Why delegation removes protocol-level agency

When custody is delegated, signing authority moves to the custodian, and the protocol only recognises whoever signs.

User intent no longer reaches validation directly. What reaches the blockchain is the exchange's decision about how that intent will be executed. In normal circumstances, the distinction is easy to miss because the exchange acts on behalf of the user. Problems emerge when those interests no longer align, because the user has no recourse at the protocol level.

The system enforces outcomes based on who controls the keys. Expecting control is not the same as having it.

Key takeaways

Centralized exchanges hold keys on behalf of users.
Users do not control assets at the protocol level.
Displayed balances are the exchange's internal records, not direct on-chain ownership.
Custody trades control for convenience, and that trade-off is structural.
Risks extend beyond hacking to include insolvency, operational failure, and regulatory intervention.
The trust placed in an exchange exists entirely outside the protocol and cannot be enforced by it.

←

Browse all articles:
Academy index

→

Find out more

What is a crypto wallet? (custodial vs non-custodial)
revisits direct control versus delegation.
Risks in the crypto ecosystem (overview)
places exchange exposure in a broader context.
If a service disappears: what happens to your assets?
explores what changes when an intermediary fails.
How to move crypto off an exchange safely
provides a practical guide to taking direct custody of your assets.
Why securing cryptocurrencies is essential
explains the broader principles behind reducing custodial and operational risk.

CryptKi Academy full index - Browse all articles

Some tools exist to help manage private keys.

If you want to see concrete examples, you can explore our shop.

See all