Subscribe to the Non-Human & AI Identity Journal

Hot Wallet

A hot wallet is a cryptocurrency wallet connected to the internet and used for active transactions. Because it is online, it can move funds quickly but also exposes signing authority to compromise if approvals, keys, or connected systems are abused.

Expanded Definition

A hot wallet is an internet-connected wallet that can sign and broadcast cryptocurrency transactions with low friction. In NHI terms, it is closer to an always-available signing identity than a passive store of value, because its private keys or approval path remain reachable by connected systems. That makes the wallet operationally useful, but also more exposed to phishing, malware, compromised endpoints, and abuse of automated approval flows.

Usage in the industry is still evolving because some teams treat hot wallets as purely operational finance tools, while others manage them like privileged machine identities. NHI Management Group recommends the second view, since the security posture depends on key custody, approval governance, transaction policy, and monitoring of every connected actor. This aligns with the risk-based approach in the NIST Cybersecurity Framework 2.0, which emphasizes protecting high-value access paths rather than assuming trust based on function alone.

The most common misapplication is using a hot wallet for routine operations without strict separation of duties, which occurs when the same online signing authority is reused across multiple systems and approvers.

Examples and Use Cases

Implementing hot wallet controls rigorously often introduces operational friction, requiring organisations to weigh transaction speed against tighter approval and monitoring requirements.

  • Crypto exchanges use hot wallets for customer withdrawals, while keeping larger reserves in offline storage to limit exposure if a live signer is compromised.
  • Payment and treasury teams use hot wallets for daily settlement, where thresholds and policy checks determine which transactions can be approved automatically and which require human review.
  • DAO and Web3 operations teams use hot wallets for routine governance actions, but pair them with hardware-backed keys and multi-approver workflows to reduce single-point compromise.
  • Incident responders may temporarily isolate a hot wallet after suspicious signing activity, then review transaction logs and connected tooling for signs of key theft.
  • For broader NHI context, the patterns around exposed signing authority mirror issues seen in the Schneider Electric credentials breach, where compromised access pathways can cascade quickly once online credentials are abused.

Why It Matters in NHI Security

Hot wallets matter because they concentrate high-value signing authority in a system that is intentionally online. That creates an NHI security problem, not just a crypto custody problem: if the wallet, its API hooks, or its approval workflow is compromised, an attacker can move assets or authorize actions faster than many teams can detect and contain them. The risk is amplified when secrets are stored outside controlled vaults, when approvals are weak, or when wallet access is embedded in CI/CD and automation paths.

NHI Management Group data shows that 96% of organisations store secrets outside of secrets managers in vulnerable locations, and 79% have experienced secrets leaks, with 77% of those incidents causing tangible damage. Those findings are highly relevant to hot wallets because online signing authority is only as safe as the controls around its keys, approvals, and connected identities. In practice, hot wallets should be governed like privileged non-human identities with explicit lifecycle controls, rotation, and revocation discipline, as reflected in Ultimate Guide to NHIs and the control intent of NIST Cybersecurity Framework 2.0.

Organisations typically encounter the real cost of a hot wallet only after a signing key is abused or a withdrawal path is drained, at which point the wallet’s status as live NHI infrastructure becomes operationally unavoidable to address.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10 and OWASP Agentic AI Top 10 address the attack and risk surface, while NIST CSF 2.0, NIST Zero Trust (SP 800-207) and NIST SP 800-63 set the governance and control requirements practitioners need to meet.

Framework Control / Reference Relevance
OWASP Non-Human Identity Top 10 NHI-02 Hot wallets depend on protecting secrets, keys, and approval paths from exposure.
NIST CSF 2.0 PR.AA Hot wallet access and signing authority require strong identity and authentication controls.
NIST Zero Trust (SP 800-207) Zero Trust treats wallet access as continuously verified, not inherently trusted.
NIST SP 800-63 AAL2 Assurance levels inform how strongly wallet approvals should be protected.
OWASP Agentic AI Top 10 AGENT-04 Agentic workflows can misuse online signing authority if tool access is overbroad.

Continuously validate every wallet transaction path and remove implicit trust from connected systems.