SaaS-based self-custody wallets have long promised institutions convenience, speed, and a turnkey path to digital asset operations. But beneath the surface, these platforms often come with trade-offs that grow more painful as institutional requirements mature. From rigid integrations to opaque key management and painful vendor lock-in, the real cost of a commitment to a SaaS wallet is measured not just in dollars, but in engineering workarounds, compliance headaches, and strategic limitations.
This article breaks down the hidden costs inherent to SaaS wallets into seven critical areas, helping institutional teams recognize the signs that it's time to reassess their infrastructure.
1. Rigid Infrastructure That Doesn’t Flex With Your Business
SaaS wallets are often marketed as plug-and-play solutions that reduce operational overhead. But the moment you try to step outside the pre-designed workflows, you start to see how rigid they really are. These wallets are engineered to serve the lowest common denominator of use cases, optimizing for ease of deployment over customizability.
Want to add an upstream worker process to feed information into the wallet engine? Trying to integrate the wallet with your internal systems and data flows? Most SaaS wallet providers don’t care to perform custom work for specific customers, so your own engineering team starts sinking lots of time and resources into building less than ideal workarounds.
You hope these workarounds are temporary, and that the vendor will build a permanent solution, but proves to rarely be the case. If this sounds familiar, you’re not alone: institutions from Jump Trading to SwissBorg have experienced the same pain points and made the switch.
2. Engineering Workarounds Lead to Vendor Lock-In
Once you've spent months contorting a SaaS wallet into working the way you need, switching becomes almost unthinkable. The upfront investment—custom scripts, API bridges, data exports—anchors you to the vendor, even when you're no longer happy with the service.
What’s worse is that these vendors rarely act as long-term technology partners. Feature requests get lost in the shuffle. Roadmap visibility is minimal. And when it’s time to renew your contract, that’s when the vendor suddenly reappears—with a big price hike!
This dynamic locks institutions into subpar products, eroding operational flexibility and innovation. In our earlier post on the pitfalls of Wallets-as-a-Service, we explored how this cycle plays out and why institutions are demanding more control.
3. Opaque and Risky Key Generation Practices
Cryptographic key generation is one of the most sensitive processes in digital asset custody. Typically, a SaaS wallet will market its solution to provide true self custody, but you will often find a lack of clear assurances that private keys created on the vendor platform have no residual exposure to the vendor. To mitigate this concern, you would need to get into the nitty gritty of evaluating their entropy sources, randomness functions, and cryptographic hygiene. It’s one thing to evaluate the process in a satisfactory manner, but do you really want private key generation to be a task residing in the vendor’s environment? Financial institutions don’t accept this level of risk taking.
Even a small lapse in this process can have devastating consequences. One notorious example is the use of the Profanity tool, which seeded a 256-bit private key with just a 32-bit vector to generate vanity addresses. This weakened key strength dramatically and left many wallets exposed to brute-force attacks.
Even if you assume the vendor has perfect practices, how is the private key transferred to your environment? Is there a secure, auditable transport mechanism? How do you know they haven’t retained a copy of the key material? If you can’t answer these questions with confidence, your infrastructure is built on a high-trust model that contradicts the principles of modern cybersecurity.
For a deeper dive into how Zero Trust principles apply to digital asset custody, check out our Zero Trust Security guide for financial and crypto institutions.
4. Your Policy Logic Lives Outside Your Control
Even if your institution holds one of the private key shares in an MPC model, policy control is often dictated by the vendor. In many SaaS custody platforms, the policy engine—a critical system that enforces transaction approvals, user roles, and transfer rules—is hosted by the provider. Sometimes, this logic is stored in something as simple (and vulnerable) as a SQL database.
This raises fundamental governance and security issues, particularly around how keys are used (or mis-used!). If the vendor controls the database, you are vulnerable to a bad actor outside of your lifelines modifying transaction thresholds and/or manipulating your policies. Equally, even if you believe it to be a secure setup, what assurances do you have that the policy rule you are calling is in fact the one you think it is?
You might think you have "shared custody" because you hold one of the two keys. But if you rely on the vendor to be online—or worse, to approve your transactions—you’re not fully in control. Without enforcing policies locally, you’re effectively outsourcing policy administration to the vendor, which defeats the purpose of shared custody.
What if you could keep that control in-house?
5. Poor Data Portability and Regulatory Risk
Data lock-in is another hidden cost that becomes apparent too late. If you're a regulated institution, you're likely subject to retention requirements—often five years or more—for your books and records which includes digital asset transaction logs.
If you leave the vendor, can you still retrieve your old records? Can you respond to an audit or regulatory inquiry on how a particular transaction occurred if you already offboarded from the wallet provider? The inability to access your own operational history is not just a technical problem, it's a compliance failure.
6. Security Trade-Offs You Can’t Mitigate
Many institutions accept the risks inherent in SaaS wallets under the assumption that the vendor has stronger security expertise. But what happens when you uncover a flaw, or when the vendor’s roadmap doesn't prioritize the safeguards you need?
Since you don’t control the infrastructure, you can’t harden it beyond what the vendor offers. You can’t patch it. You can’t validate it. And you certainly can’t ensure it aligns with your internal security policies.
With self-hosted solutions like Cordial Treasury, you get full visibility and control. You can implement your own secure enclave, define fine-grained access rules, and even inspect source-available code to validate security practices.
7. Missed Opportunities from Slow Blockchain Support
When your wallet provider can’t support a new chain in time, you don’t just lose time—you lose business.
For OTC desks, this might mean being unable to help a client trade down a large position in an esoteric asset. For VCs, it might mean missing the opportunity to stake SAFT investments the moment a new chain goes live. For custodians, it means losing competitive deals because you can’t support the latest chain as quickly as the next provider.
SaaS wallets can take months to add new blockchain support—sometimes as long as 3–6 months. By contrast, Cordial Treasury can add most new chains in just 1–2 weeks thanks to its modular, open-source crosschain architecture.
Rethinking Custody: Toward Self-Hosted Infrastructure
The convenience of SaaS wallets comes at a cost—often one that institutions only fully understand once it's too late. From hidden engineering effort and vendor lock-in to governance risk and audit failure, the long-term price of convenience is steep.
Cordial Treasury was designed to eliminate these trade-offs by enabling institutions to:
- Host their own MPC wallet infrastructure
- Retain full ownership of keys, policies, and data
- Deploy in their jurisdiction of choice
- Align digital asset operations with internal security and compliance frameworks
- Onboard new blockchains in 1–2 weeks (not 3–6 months)
If your SaaS wallet is limiting your ability to grow, comply, or adapt—maybe it's time to run your custody infrastructure your way.
Explore how Cordial Treasury puts you back in control. Contact us today for a demo.
