Custodial and non-custodial wallets

1) Why choosing a wallet model is important to iGaming

• Time-to-Finality/SLA speed and predictability;
• Cost per Approved and Transaction Costs;
• compliance level (KYC/KYT/Travel Rule/sanctions);
• key security and UX simplicity.

2) Basic models

2. 1 Custodial

Keys and balances are stored by the provider/VASP (or you are like a custodian). The user has an account, not a private key.
Pros: fast start, SLA/24 × 7, ready-made KYT/Travel Rule, simple returns and reporting, friendly-UX.
Cons: trust in provider, regulatory requirements, focus on due diligence and provider reservation.

2. 2 Non-custodial (non-custodial/self-custody)

User key (seed/passphrase, passkey, social recovery). You are interacting with the user's address/contract.
Pros: customer control, lower custodial risks, fewer PII/key storage requirements.
Cons: harder than UX, network/tag/address error - customer responsibility; you - KYT/Travel Rule-procedures for unhosted.

2. 3 Hybrid

Custody for mass flows (invoices, quick outputs).
Self-custody for VIP/Web 3 audiences with increased flexibility.
Internal subaccounts + white lists of external addresses.

3) Technology: multisig, MPC, AA

4) Security of keys and operations

HSM/KMS for custodial keys; medium segregation (prod/stage), hardware entropy, rotation.
Limits and output policies: day/hour, velocity by address/network, "two signatures" for amounts> X.
RBAC/SoD: segregation of duties (create/sign/release).
Private relay/MEV protection for large payments.
Logs and unchangeable logs of actions of operators and API clients.

5) Compliance: KYC/KYT/Travel Rule/RBA

KYC/Tier model: accelerated onboarding for Low Risk; EDD + SoF/SoW for High/VIP.
KYT: pre-check addresses/exchanges/clusters before enrollment and before withdrawal; white/deny address list with TTL.
Travel Rule: VASP↔VASP IVMS101 exchange; unhosted policy - confirmation of address ownership (signature/microtransfer), limits.
RBA matrix: Low/Med/High → confirmations, limits, manual review/hold/SAR.

6) Architectural patterns

6. 1 Custody stack (reference)

Wallet/Custody Core: MRS/multisig, limits, policies.
Crypto Gateway: invoices, statuses, memos/tags, dynamic confirmations.
Risk & Compliance Hub: KYT/sanctions/Travel Rule, RBA solutions.
Treasury: T0 conversion, RFQ/multibiber, rebalance between networks/wallets.
Accounting & Recon: lager, mapping 'invoice/within ↔ txid ↔ subaccount'.
Observability: SLA/fee/ETA metrics, alerts, audits.

6. 2 Non-custody stack

Smart-wallet/AA с policy-guardrails (daily caps, trusted spenders).
Address book/whitelisting; UX network/memo/tag validation.
Self-custody support: instructions, QR/deeplinks, confirmation statuses.

7) UX: How not to break a conversion

Seedless/passkeys/social recovery (for AA/MPC) instead of a phrase of 12-24 words.
Auto-detection of the network at the address, mandatory validation of the memo/tag (XRP/XLM/TON, etc.).

QR/deeplink, statuses: "address created," "awaiting confirmation," "credited."

Explanation of fees and ETA before payment; TXID/memo hints.
Partial release during checks (EDD/SoF) instead of "blank" lock.

8) Economics and operations

Network commissions + provider + KYT/Travel Rule + ops → count all-in on the network/asset.
Time-to-Finality p50/p95 - main SLA; support primary/secondary networks per asset.
Idempotence: keys' invoice _ id/within _ id ', anti-duplicates, backoff + jitter.

T + 0/T + 1 Reconciliation - Amounts, Commission, FX/Exchange Rate, Statuses, Open Balances

Returns: This is a new onchein translation; rule "to source address/network or confirmed new."

9) Model comparison: what to choose

Conclusion: for mass regions and beginners - custody (or hybrid). For crypto-native/VIP - non-custody/AA in addition.

10) Special topics

10. 1 Whitelisting and Address Book

Confirmation of ownership of the address + KYT → whitelist with TTL; fast T + 0/T + 1 leads.

10. 2 Nets and stablecoins

Keep USDT/TRON and USDC/L2 as a basic set; redundant networks (BSC/SOL).

Dynamic RBA confirmations (amount/segment/load)

10. 3 Incidents and degradation

The network peregruzhena/fee↑ → auto-routing to secondary; informing the ETA in the UI.
KYT high-risk → hold, SoF, Travel Rule; possible SAR.
The provider is not available → a feiler for backup, manual release of critical payments.

11) Data and privacy

PII minimization, tokenization of identifiers, separate storage from PAN/PIN/PAN-safe.
Encryption at rest/transit, signature of webhooks.
Retention: logs of decisions/cases in accordance with the law (often 5 + years).
DSR/Access: data issue/correction/deletion processes (where applicable).

12) Metrics and OKR

Approval Rate and Time-to-Finality p50/p95 (deposits/conclusions).
KYT reject %/sanctions hits/SAR-conversion.
Network/tag error rate, address error frequency.
Cost per Approved by Network/Asset/Model, Proportion of Batch Outputs.
Uptime providers, webhook delays, number of auto-switch-over.

13) Anti-patterns

"Accepted in any network" without validation → loss.
One custodial provider without SPOF → reserve.
Storage of keys without HSM/KMS/multisig and limits.
No KYT/Travel Rule for unhosted ("small amounts - you can") → blocking.
No idempotency/anti-takes → double charge-offs/credits.
Seed-UX without alternatives (passkeys/social recovery) → high churn and tickets.

14) Implementation checklist (short)

• Select between custody, non-custody, or hybrid by segment.
• Key safety: HSM/KMS, MRS/multisig, limits, 4-eye.
• Networks/assets: primary/secondary, dynamic confirmations, memo/validator tags.
• KYT/sanctions/Travel Rule, unhosted policy (address signature, whitelist).
• Treasury: T0-conversion, RFQ/multibiber, liquidity pool on 2 + networks.
• Accounting/Recon: ledger, 'invoice/within ↔ txid ↔ subaccount', course sources.
• Idempotency, anti-duplicates, backoff + jitter retreats; signed webhooks.
• UX: seedless/passkeys/AA, QR/deeplink, ETA and transparent commissions.
• Incident playbooks: network/provider/TAC, partial release/hold/SAR.
• Metrics/alerts: AR, finalization, KYT failures, uptime, switch-over.

15) Summary

Custodial wallets give speed, SLA and compliance out of the box - ideal for mass on-ramp/off-ramp. Uncastodial - control and flexibility for crypto-native audiences and VIPs. The best choice for iGaming is a hybrid: custody as default, self-custody/AA as complement, plus security discipline (HSM/MPC/multisig), KYT/Travel Rule/RBA, correct accounting and "careful" UX (seedless/passkeys). So the payment rails remain fast, safe and profitable.