Have you ever heard the phrase "Not your keys, not your coins"?
This saying refers to the custody of one's funds, and is an important topic in the world of digital assets.
Before the advent of decentralized exchanges (DEXs), centralized exchange (CEX) platforms were the primary means of trading tokens. The majority of these CEXs were custodial, meaning that the exchange itself holds the keys to all of its users' wallets. This is similar to the existing traditional banking system. With the holding of user's funds, CEXs took (and still take) on the great burden of making sure funds don't get lost, stolen, or used for illegal activities.
From the users' perspective; however, there are both advantages and disadvantages to this approach. On one hand, the user doesn't have to worry about managing their own funds or maintaining security for them. On the other hand, the user also takes on a variety of risks, including the possibility of exchange hacks, providing sensitive identification information to "trusted" entities, freezing of withdrawals (bank run), and other 3rd party risks as well.
By fundamental design, the entire 1inch platform and its wallets are non-custodial. This gives users 100% control (and responsibility) over their money, and prevents 1inch Network from accessing or moving funds without permission. It gives users the freedom to partake in all of the protocols that 1inch Network consists of, while simultaneously relieving 1inch Network of the burden to store its users' data and funds.
What are "Your Keys"
When you create a wallet in the 1inch app (or any other non-custodial wallet software), you are given a private key and a 12- word Recovery phrase. Without one of these items, accessing the funds within that wallet address is virtually impossible. The private key and phrase are only issued once, and cannot be changed or altered. It is strongly recommended to keep a copy of either the key or the recovery phrase offline for security purposes.
All activities involving 1inch Network protocols require the user to sign each transaction within their own wallet using their private key. This signature is recorded on the blockchain, and publicly proves that the user has granted access to their tokens. To take things even further, an approval transaction is required for all first-time token transactions (with the exception of a few select permit-712 tokens).
Unlike the private keys in the 1inch Wallet, the keys of CEXs are never seen by the user. The CEX itself creates the key/wallet, and the user must then create an account (if they are eligible) to access, deposit, and withdraw funds within it. When these 3rd parties hold custody of their users' funds, they have full control over when, how, and where the funds are spent.