How to Choose a Wallet-as-a-Service Provider (WaaS)

When a team prices out building wallet infrastructure from scratch, the list is long: node management, key custody, signing systems, multi-chain integration. Most reach the same conclusion: outsource it. The harder question is which Wallet-as-a-Service provider to choose.

The crypto custody provider market reached $3.28 billion in 2025 and is projected to reach $7.74 billion by 2032. Competition is intensifying, and most WaaS providers claim identical capabilities: non-custodial architecture, MPC security, modular APIs. The differences surface only when you ask specific questions about production readiness, signing authority, and what happens when the relationship ends.

This guide covers seven criteria that separate production-ready WaaS from platforms that look capable on a sales call. CoinsDo is one provider referenced throughout: non-custodial, deploys wallets in under three minutes, keeps private keys in the client's environment even after the contract ends.

1. Key ownership and signing authority

This is the deal-breaker. Every other criterion is secondary if you get this wrong.

The question is specific: when a transaction is submitted for signing, who controls the private key and who executes the final signing action? If the answer is "the provider," even partially, the platform is custodial regardless of how it's marketed.

Most WaaS providers operate under one of three models. In custodial arrangements, the provider holds signing authority. In shared custody (MPC), key shards are split between client and provider. In non-custodial WaaS, the provider runs orchestration while the client retains full signing authority and the private keys never leave their environment.

What you need to verify, not just be told: can the provider execute a transaction without your authorization? Does signing happen client-side or on provider infrastructure? Are approvals cryptographically logged for independent audit? If key sovereignty isn't guaranteed by the architecture, no other feature compensates.

2. Security architecture

A capable WaaS provider can walk you through exactly how security works. A weak one gives you vocabulary: "zero trust," "bank-grade encryption," "institutional-grade MPC." The job is to turn vocabulary back into architecture.

Ask for a signing flow diagram. How does a transaction request travel from submission to execution? What happens if the provider's infrastructure goes offline? Does the client lose access to funds, or does signing stay operational? Who can modify approval rules, and what's the audit trail?

A provider with a mature security architecture walks through this without hesitation. A provider that redirects you to a white paper or defers to an absent security team is showing you something. Specifically look for: tamper-proof approval trails with verifiable digital signatures (RSA, HMAC-SHA256), separation between orchestration and signing infrastructure, and a documented process for a compromised approval key.

3. Operational maturity

Generating a wallet address isn't difficult. Handling 50,000 transactions in a single day, some hitting mempool congestion, one landing during a chain reorg, is a different problem.

The questions that reveal production readiness: What throughput does the platform support per chain, measured in production? How does the provider handle stuck transactions or fee-spike conditions? What is actual withdrawal latency at your expected volume? Is the SLA in the base contract or a paid tier?

A provider that answers with specifics has measured these in production. A provider that gives you round numbers without qualification, or pivots to "we'll connect you with a technical specialist," hasn't.

4. Workflow coverage

The right frame isn't "what features does this platform have?" Every platform has feature lists. The real question is: when something breaks, who fixes it?

A WaaS platform that genuinely reduces your operational footprint absorbs the work your team would otherwise own: deposit address generation, asset sweeping and routing, withdrawal processing, approval governance, gas fee controls, retry handling, webhook notifications, and reconciliation signals. When they're described as features but require your team to handle error recovery and monitoring, the platform is redistributing the work, not absorbing it.

Test this directly. Walk through a failure scenario: a batch withdrawal gets stuck. Who identifies it, who resolves it, what's the escalation path? If the answer involves your engineers picking up a ticket, the platform's workflow coverage is partial.

5. Compliance and identity integration

Wallet operations touch compliance at multiple points: KYC at onboarding, sanctions screening on counterparty addresses, audit logging for every approval action, and role-based permissioning. When these are spread across multiple vendors, the fragmentation compounds: inconsistent data models, manual reconciliation, duplicate tooling. It surfaces most visibly during audits.

The right question isn't "does the platform support KYC?" Most do, through integrations. It's "how is identity verification connected to the signing and approval layer?" A platform where KYC, approval authority, and audit logging are native to the same system produces a cleaner compliance posture than one where a third-party identity wrapper runs independently of the transaction governance layer. Also confirm: are audit logs exportable without transformation, and is sanctions screening applied at approval or only at onboarding?

6. Integration flexibility

Integration flexibility determines whether the platform fits your architecture, or whether you'll spend months bending your architecture around theirs.

The questions that reveal lock-in risk are the exit questions. If you change providers in two years, what does migration look like? Do your wallet addresses remain usable, or do you need to regenerate them, disrupting every user who saved a deposit address? Is there a non-standard signing protocol that would require rewriting your transaction layer?

Standards-based signing, modular API design, and explicit wallet address portability on contract end are the markers of a provider that doesn't rely on lock-in as a retention mechanism. A clear answer to "how would we exit?" is a confidence signal. Vagueness is the answer.

7. Pricing transparency

Pricing is operational risk. WaaS platforms frequently publish headline rates while burying real costs in per-chain fees, custody tier thresholds, SLA overages, and compliance features separated into premium tiers.

Before signing, ask: Are fees tied to actual usage or a tiered plan with opaque ceiling limits? Are uptime SLAs in the base contract or a paid upgrade? Are there charges for adding new chains? Are audit logging and compliance features bundled?

One practical test: ask for a sample invoice from a client running at your expected transaction volume. A provider confident in their pricing will produce one. A provider that redirects to a pricing page or requires a sales qualification call to get to per-unit costs is telling you something.

Where CoinsDo fits

CoinsDo is built on the non-custodial model. The platform never holds client private keys. They stay in the client's environment from day one, and wallet addresses remain usable if the contract ends. There's no mechanism for CoinsDo to execute a transaction on your behalf without your authorization.

Transaction approvals run through CoinSign, using RSA and HMAC-SHA256 digital signatures to produce a tamper-proof, unforgeable authorization trail.

Approval flows are configurable: reviewer tiers, thresholds, and escalation logic are all set by the client. Signing infrastructure runs separately from orchestration.

External validation: ISO 27001 and ISO 27701 certified, FinCEN registered, KNF licensed, penetration-tested by CertIK.

The platform is modular.

• CoinGet handles deposit infrastructure — address generation, auto-sweeping (configurable by time, balance, or custom rule), cold storage routing, and real-time deposit notifications.
• CoinSend handles outbound withdrawals with configurable approval flows and gas-fee controls.
• CoinFace covers KYC natively: document OCR (99.9% accuracy), liveness detection, facial recognition, blacklist and fraud screening, all connected to the same approval layer as transaction governance.

Wallets deploy in under three minutes. No proprietary signing protocol. Wallet addresses are portable on exit.

Request a technical walkthrough

Frequently asked questions

What is the difference between custodial and non-custodial WaaS?

In a custodial model, the WaaS provider holds the private keys and can execute transactions on your behalf — if the provider is compromised, your assets are at risk. In a non-custodial model, the client retains the private keys and signing authority. The provider handles infrastructure but can't move funds independently.

What is MPC, and how does it differ from HSM?

MPC splits a private key into cryptographic shards across multiple parties, so no single party holds the complete key. HSMs store private keys in tamper-resistant hardware with strict access controls. The relevant question isn't which technology: it's where the key material lives and who has signing authority.

How do I verify a WaaS provider is genuinely non-custodial?

Ask for a signing flow diagram showing where the private key lives, who can initiate a signing request, and what the authorization chain looks like before execution. A genuinely non-custodial provider walks through this in under an hour. If the answer is a marketing document, that's the answer.

Can I migrate my wallets if I switch WaaS providers?

With non-custodial WaaS, wallet addresses remain usable because your private keys stay in your environment. With custodial or MPC arrangements, migration can require regenerating wallet addresses, disrupting users who saved deposit addresses. Ask directly: "Will our existing wallet addresses still work after we leave?"

What is the difference between WaaS and building wallet infrastructure in-house?

Building in-house means owning the full stack: nodes, key management systems, signing infrastructure, multi-chain support, and the engineering team to maintain it. WaaS absorbs that layer via API. Most teams choosing WaaS have priced out the build option and concluded the overhead doesn't justify it.

How long does WaaS integration typically take?

Basic wallet functionality can be live in days on API-first platforms. Full production integration (deposits, withdrawals, governance, KYC, compliance logging) typically takes several weeks to a few months depending on customization and internal security review.

What compliance certifications should a WaaS provider carry?

Minimum: ISO 27001. For institutional operations: ISO 27701 and registration with relevant regulators in your jurisdictions (FinCEN in the US, FCA in the UK, MAS in Singapore). For high-volume flows, ask about third-party penetration testing history and when the last audit was done.

What are the most common hidden costs in WaaS pricing?

Per-chain fees, custody tier overages, SLA thresholds priced as a premium tier rather than the default, and compliance features sold as add-ons. Ask for a sample invoice from a client at your transaction volume before signing anything.