Crypto Risk Management

Crypto has all the same risks as traditional trading plus an entire layer of risks unique to digital assets. Understanding and managing these risks is the difference between building wealth and losing everything.

Risk Categories in Crypto

1. Market Risk

Same as any market — prices go down. But crypto amplifies this:

• Volatility: 20-30% drawdowns are routine in crypto (even for Bitcoin)
• Correlation: In a crash, everything drops together — including "safe" alts
• 24/7 markets: No closing bell to stop the bleeding
• Leverage liquidations: Cascading liquidations amplify moves beyond fundamentals

Mitigation:

• Position sizing: Never risk more than 1-2% per trade
• Use stops: Always have a defined exit
• Reduce or eliminate leverage during extreme volatility
• Don't assume any crypto is "safe"

2. Exchange Risk (Counterparty Risk)

Your funds on a centralized exchange are only as safe as that exchange.

Real examples:

• Mt. Gox (2014): ~850,000 BTC stolen — users lost everything
• FTX (2022): $8B+ in customer funds misappropriated — exchange bankrupt
• Countless smaller exchanges: Hacked, exit scammed, or froze withdrawals

Mitigation:

• Only keep on exchanges what you're actively trading
• Use reputable, regulated exchanges
• Store long-term holdings in self-custody (hardware wallet)
• Diversify across multiple exchanges if needed

3. Smart Contract Risk

DeFi protocols run on code. Code has bugs.

Real examples:

• The DAO (2016): $60M exploit on Ethereum
• Wormhole (2022): $320M bridge exploit
• Numerous DeFi hacks: Billions lost to smart contract bugs

Mitigation:

• Only use audited protocols
• Start with small amounts in any new protocol
• Check the protocol's track record and TVL
• Revoke token approvals after use
• Avoid being a first-week user of new protocols

4. Scam Risk

Crypto's permissionless nature means anyone can create a token or project.

Common scams:

• Rug pulls: Team drains liquidity pool, token goes to zero
• Honeypots: You can buy but the contract blocks selling
• Phishing: Fake websites/emails that steal your wallet keys
• Social engineering: "Send me 1 ETH, I'll send 2 back" (no, they won't)
• Fake airdrops: Tokens in your wallet that, when interacted with, drain your funds

Mitigation:

• Never click links from DMs or unknown sources
• Always verify URLs manually (bookmark official sites)
• Never share your seed phrase — with anyone, ever, for any reason
• Research tokens before buying (see Token Analysis lesson)
• If it seems too good to be true, it is

5. Regulatory Risk

Crypto regulation is evolving and varies by jurisdiction.

Risks:

• Your country could ban crypto trading
• Exchanges could be forced to exit your market
• New tax laws could impact your strategy
• Certain DeFi activities could become restricted

Mitigation:

• Stay informed on regulations in your jurisdiction
• Use compliant exchanges
• Keep records for tax purposes
• Diversify exchange usage across jurisdictions if relevant

6. Wallet & Key Management Risk

You are your own bank — which means you're also your own security team.

Risks:

• Lost seed phrase = lost funds forever (no recovery)
• Compromised private key = funds stolen
• Clipboard malware = copied addresses changed to attacker's
• Physical theft of hardware wallet (if no passphrase)

Mitigation:

• Store seed phrase offline in multiple secure locations
• Never store seed phrase digitally (no photos, no cloud, no notes app)
• Use a hardware wallet for any significant holdings
• Enable additional passphrase (25th word) on hardware wallets
• Double-check recipient addresses before sending
• Test with a small amount before large transfers

Crypto-Specific Position Sizing

Traditional 1-2% risk per trade applies, but consider:

For Spot Trading

• Individual altcoins: Max 5-10% of portfolio per position
• Bitcoin/Ethereum: Can justify larger allocations (15-25%)
• New/unproven tokens: Max 1-2% of portfolio

For Leverage Trading

• Calculate liquidation price BEFORE entry
• Keep leverage low (2-5x maximum for swing trades)
• Account for funding costs over time
• Never let a leveraged position be your largest allocation

Portfolio Allocation (Example)

| Category | Allocation | Risk Level | |----------|-----------|-----------| | Bitcoin | 30-40% | Lower | | Ethereum | 20-30% | Lower-Medium | | Large cap alts | 15-25% | Medium | | Small cap / DeFi | 5-15% | High | | Cash (stablecoins) | 10-20% | Lowest |

Security Checklist

Exchange Security

• Enable 2FA (authenticator app, NOT SMS)
• Use a unique, strong password
• Enable withdrawal address whitelist
• Set up anti-phishing codes where available
• Use a dedicated email for crypto exchanges

Wallet Security

• Hardware wallet for holdings over $1,000
• Separate hot wallet for active DeFi use (limit funds)
• Regularly revoke unnecessary token approvals
• Never store seed phrases digitally

Operational Security

• Use a VPN on public WiFi
• Beware of screen-sharing (never show wallet or keys)
• Don't discuss holdings publicly
• Verify all URLs before connecting wallet

Emergency Plan

If you suspect your wallet is compromised:

1. Don't panic — act quickly but carefully
2. Transfer remaining funds to a new, clean wallet immediately
3. Revoke all approvals on the compromised wallet
4. Check all connected accounts for unauthorized access
5. Document everything for potential insurance or legal claims
6. Never reuse the compromised seed phrase

Key Takeaway

The biggest risk in crypto isn't picking the wrong token — it's losing your funds entirely through negligence. Self-custody security, exchange risk management, and scam awareness are non-negotiable skills. Protect your capital first; everything else is secondary.