There are hybrid systems which offer the best of both worlds. For example, the open source Muun wallet uses a 2-of-2 key system[0] in which Muun only has access to one of the two keys so, unlike a traditional bank or a custodial exchange like Coinbase, they can't spend any funds without your signature. Your Muun wallet app also only has one key, so authentication with the Muun service is necessary to complete transactions—this allows Muun to disable the wallet in the event the phone is lost or stolen, by refusing to countersign its payments. A recovery code kept offline, on paper, allows you to set up a new Muun wallet and recover your funds in the event that the phone holding the original wallet becomes unavailable for any reason. Finally, for complete self-custody you can export a PDF with encrypted versions of both keys plus some additional data ("output descriptors") which, together with the offline recovery code, can be used in an emergency to transfer your funds to a new wallet without any involvement from Muun.

This does involve using a centralized service to an extent, but the amount of trust you are asked to extend is limited. They can't unilaterally take your funds, and they can't stop you from moving them to another wallet which you fully control. At the same time, you can safely use the wallet online with the additional convenience and safeguards provided by Muun, and it would be difficult to lose your funds permanently from "one small mistake".

[0] https://blog.muun.com/muuns-multisig-model/

That backup defeats the 2 of 2 multi-sig, though. Users really still are their own bank in this model. If their backup is stolen, the thief can empty their wallet. It’s just not kept online. Not much different from using a hardware wallet in that respect.

> That backup defeats the 2 of 2 multi-sig, though. Users really still are their own bank in this model.

As I said, it's a hybrid—so it has some elements of "being your own bank" as well as elements of a custodial system. The point of the multi-sig model is to allow the wallet to be used for day-to-day transactions like a "hot" wallet or a custodial exchange without the risk of carrying the complete keys everywhere on an Internet-connected device and without giving up control over the funds. The backup and the 2-of-2 multi-sig each serve important functions; neither "defeats" the other.

> If their backup is stolen, the thief can empty their wallet.

And no one ever has their traditional bank account emptied due to poor password hygiene or a vulnerability in the bank's 2FA system? Transferring custody to a third party doesn't mean you can stop worrying about security. If you don't have something equivalent to this offline backup then it's true that there is one less way for a thief to gain access to the account, but then you risk being unable to prove that you are the authorized owner of the account and losing your funds that way.

> Not much different from using a hardware wallet in that respect.

Hardware wallets have a different set of trade-offs. Personally I don't like to carry mine around with me like a ordinary wallet (or my phone) for use in daily payments. It's probably secure enough that I could do that safely, but there's always the risk of losing it, and for small, everyday payments it's just not as convenient as using an app on your phone. Also, Muun works with the Lightning network, which requires an online component; I'm not aware of any hardware wallets which can fill that role.

Let me ask you something quick and think about it for a second.

Could a scam system be made that seemed to work, be advertised, and otherwise identical up until the point of failure as muun?

That's a reasonable concern. You can easily verify for yourself that the recovery process works, and you can audit the source code for the Android client (and build it from the audited code) to ensure that it handles the keys as advertised. If this were your typical proprietary system then I might be worried, but Muun is pretty transparent.

The biggest potential point of failure, if you installed pre-built binaries from a third party such as Google Play or the Apple App Store, is that it could be updated to a new version which leaks the wallet-side private key. Which is a potential concern with any wallet software you don't audit for yourself. Of course you're also trusting the system software provider (i.e. Google or Apple) to run the application properly, as with any software running on their respective operating systems.

Personally I trust it with funds comparable to what I would normally keep in a wallet for daily use, not a safe or a bank vault. For larger amounts where the inconvenience of cold storage is justified I use a hardware wallet (Trezor).

There are ways to mitigate, such as multisig wallet. For day to day, use a wallet with a small amount. When it's balance runs low, you can replenish the amount from your vault, that requires at least 2 signatures. Crypto is not about completely eliminating trust from the system, but rather being able to choose whom you trust and control, what a trusted party can do.

> "being your own bank" is actually a terrifying and merciless burden

It's amazing how many smart people take so long to realize why banks exist.

It’s also amazing how many smart people are completely ignorant of the common and routine failure modes of banks, and why hundreds of millions of people might want an alternative to that.

I just had to physically cross an ocean twice because my bank won’t send wires for more than $25k via their website, and that’s one of the gentler failure modes.

Here are some examples: https://old.reddit.com/r/fatFIRE/comments/pycgjx/what_in_the...

Retail banking in the USA is terrible.

It's really similar to running your own email server.

The benefits of the banking system I would propose to be self-explanatory, though your parent comment recaps them well.

It's the reason to do the crypto part at all that's more confusing. Unless of course we all just admit that gambling is unbelievably popular and fun and has been a continued hit throughout human history.