What Is Hot Wallet in Crypto?

A hot wallet is a crypto wallet whose keys are stored on an internet-connected device — typically a phone, a computer, or a browser extension. MetaMask, Rabby, Trust Wallet, and Phantom are all hot wallets. They offer the fastest UX for DeFi interaction but carry the highest ambient risk because key material is accessible to any malware running on the device.

Also known as: software wallet, online wallet

Ask Stingray anything about Hot Wallet

How hot wallets work

The wallet app holds encrypted key material in device storage (browser local storage for extensions, app-sandbox storage for mobile, filesystem for desktop). When you sign a transaction:

  1. The app prompts for a password to decrypt the key.
  2. The transaction is signed in-memory.
  3. The signed transaction is broadcast.
  4. The key is re-encrypted and/or cleared from memory.

The core distinction from hardware wallets: the key material exists on a device that runs arbitrary software. Any process with access to the device’s memory (or the browser’s local storage) can potentially extract the key.

Major hot wallets

  • MetaMask — the dominant Ethereum-ecosystem wallet. Browser extension + mobile app. ~30M monthly active users. Broad chain support, strong dApp compatibility.
  • Rabby — fork-ish of MetaMask with better transaction preview (shows impact before signing). Increasingly popular with advanced DeFi users.
  • Phantom — the dominant Solana wallet. Also supports Ethereum and Polygon. Excellent mobile UX.
  • Trust Wallet — Binance-owned mobile wallet. Broad chain support.
  • Rainbow — Ethereum-focused mobile wallet with friendly UX.
  • Frame — desktop-first, designed for hardware-wallet pairing.
  • Coinbase Walletself-custody wallet distinct from the Coinbase exchange account.

When hot wallets are appropriate

  • Small active-trading balances — enough for the operations you want to run, not enough to care deeply about if compromised.
  • Airdrop farming accounts — dedicated addresses for claiming drops and using protocols to qualify for future airdrops. The assets there are mostly forward-looking speculation; if one wallet gets drained, you lose less.
  • DeFi experimentation — trying new protocols you haven’t validated, testing new tokens.

For anything long-term or large-balance, a hot wallet alone is insufficient security.

Risks and considerations

The specific risks worth understanding:

  • Phishing approvals — you connect to a malicious dApp, sign a setApprovalForAll transaction, and the attacker drains your tokens later. The #1 retail loss pattern.
  • Drainer malware — browser extensions or compromised sites that replace transaction payloads between your click and the signing prompt. Rabby’s preview helps catch these; MetaMask’s default UX doesn’t always.
  • Clipboard swapping — malware that replaces addresses copied to the clipboard with attacker addresses. You paste, confirm, send to the wrong address.
  • Compromised recovery — if you back up your seed phrase to cloud storage that’s later breached, the attacker has your keys.
  • Supply-chain attacks on the wallet itself — compromised extensions, fake app-store listings, malicious NPM packages affecting wallet codebases.

Practical hot-wallet hygiene:

  1. Use multiple hot wallets for different purposes — don’t mix airdrop farming with trading with long-term holdings.
  2. Regularly review and revoke token approvals (Revoke.cash, Debank’s approval scanner).
  3. Verify URLs before signing. Bookmark trusted dApps.
  4. Use Rabby or similar tools that preview transaction impact before signing.
  5. Never paste your seed phrase anywhere except the wallet setup flow.
  6. For significant balances, graduate to hardware wallets paired with a hot-wallet UI.

Related terms

Cold Storage Cold storage is crypto custody where keys never touch an internet-connected device. Hardware Wallet A hardware wallet is a dedicated physical device that stores crypto private keys and signs transactions in an isolated environment. Wallet A crypto wallet is a tool that stores private keys and signs transactions on behalf of a user. Phishing Phishing in crypto is an attack where someone tricks you into revealing your seed phrase or signing a malicious transaction.