Yep, and storing any valuable data creates an incentive for someone to hack in to get it so it's best to avoid it.

Interesting. The legal analysis sounds accurate, but who needs to push the boundaries in this environment? 

siggy47

I talked to another founder whose lawyers said it is non-custodial - legally at least. I think because you can unilaterally revoke their ability to spend on your behalf, and it's permissions to spend but you don't hold the money. Still, it's a honeypot. It's like storing credit card info.