Hot Wallet
A Hot Wallet is a cryptocurrency wallet that is connected to the internet, enabling fast and convenient transactions but exposing the private keys to potential online security threats, making it suitable for operational balances but not for storing large amounts of digital assets long-term.
Hot wallets encompass a broad range of software applications: the web-based wallets provided by exchanges like Coinbase or Kraken, browser extension wallets like MetaMask, and mobile app wallets. The defining characteristic is that the private key (or the encrypted file containing it) resides on an internet-connected device. This connectivity is what makes hot wallets fast and convenient — transactions can be signed and broadcast in seconds without any physical device interaction — but it is also what creates the security exposure.
For exchange-based hot wallets, the exchange itself manages the private keys on behalf of users. This is the simplest user experience — similar to a brokerage account — but introduces counterparty risk. If the exchange is hacked, mismanages funds, or fails (as happened with FTX in 2022, Celsius, Voyager Digital, and several others in the 2022-2023 crypto market stress period), users may lose access to or permanently lose their assets. The phrase 'not your keys, not your coins' encapsulates this risk.
Self-custody hot wallets (where the user holds their own private key on a personal device) eliminate exchange counterparty risk but introduce device security risk. A private key stored in a browser extension on a computer that later gets infected with malware could be exfiltrated. Social engineering attacks targeting seed phrase extraction are another common attack vector. MetaMask and similar browser wallets have detailed security guidance on protecting the encrypted vault file and avoiding phishing sites that mimic legitimate wallet interfaces.
For DeFi (decentralized finance) applications, a hot wallet is essentially required for normal interaction. Connecting a hardware wallet to DeFi protocols is possible but adds friction; most users interacting with protocols on Ethereum, Solana, or other smart contract chains maintain a hot wallet with a modest operational balance. The recommended practice is to keep only the funds needed for active DeFi participation in the hot wallet and keep long-term savings in cold storage.
The distinction between hot and cold storage is not binary — it exists on a spectrum. Some hardware wallets can be connected to mobile phones via Bluetooth, creating a slightly warmer version of cold storage. Multi-signature arrangements (where multiple keys, potentially a mix of hot and cold, are required to authorize a transaction) represent another layer of the custody architecture that institutional users and sophisticated individuals use to balance security with operational flexibility.