Who controls the wallet controls the funds, so governance starts with access.

Video Coming Soon! 🎬 ⌛

Core Points

• Custodial vs. self-custodial wallets:
  • Custodial (third-party platforms)
    • Easier setup, built-in support
    • Less control, but lower operational burden
  • Self-custodial
    • Full control, higher responsibility
    • Requires internal policies and training
• Multi-signature wallets (multisig):
  • Require multiple approvals to move funds.
  • Protect against single points of failure.
  • Recommended for program funds and treasuries.
• Access best practices:
  • Separate roles (initiate vs approve).
  • Use hardware wallets for signers.
  • Keep an updated access registry.

Example:

A DAO treasury required 3-of-5 multisig approvals, preventing accidental or malicious fund movement even when one signer’s device was compromised.

Practical Takeaway

If more than one person is involved, a multisig is a baseline, not an advanced feature.