Virtual
Any balanceFree — no monthly, no application fee
In Apple Pay and Google Pay the moment you’re approved.
- FX spread0.5%
- Per transaction$100,000
- Daily$250,000
- To join the listNo documents1
- Hardware walletRequired
Every other crypto card asks you to send your coins to them. FLINT asks you to send them to an account only your Ledger controls — and then leaves them there until the second you tap.
Signs with
Any device that holds an EVM key and signs typed data.2
The custody question isn’t a matter of opinion. It’s written down, in public, in each company’s own documents. Here is what they say.
KAST Terms of Service
Their terms of service, under Custodial Management of Virtual Assets, put it
without ambiguity: The Virtual Assets
transferred by users into KAST are sold to KAST and thereafter held by a Custodian.
A deposit is a sale. After it, you don’t own coins — you hold a claim against a company.
Their terms also spell out what that claim is worth if things go wrong:
In case of failure, bankruptcy or
liquidation by us, you won’t be protected by the Consumer Act in your local
jurisdiction, thus, there is a risk you won’t recover your money or cryptocurrency
paid to us.
KAST Terms of Service Read it yourself — that’s the point.
RedotPay Customer agreement
Their default account routes your assets to a third-party custodian. The terms describe
the chain of command: the custodian is obligated
to act upon such instructions of the Group
— the Group being RedotPay, not you. The
assets are contractually segregated, which is genuinely better than nothing, and the same
terms confirm the account is not a deposit
account
and is not qualified for protection
by the Deposit Protection Scheme.
They also offer a self-custody option alongside the custodian account, so calling RedotPay simply custodial would be lazy. The default is what most people end up on, and the default is the custodian.
RedotPay customer agreement Read the custody terms yourself.
ether.fi Cash Cardholder agreement
Credit where it’s due: their cardholder agreement says
Ether.Fi Cash Inc. will not, in any circumstance, be
holding custody of your Collateral
, and they mean it. Your collateral sits in a
smart contract you own. That is a real product and an honest claim, and we won’t
pretend otherwise.
The difference is the signer. Their key is generated and held inside a service-operated secure enclave, so the thing that authorises your account is infrastructure you rent, not the device in your drawer. FLINT’s difference isn’t that we’re non-custodial and they aren’t. It’s whose hardware holds the key.
ether.fi Cash cardholder agreement Their help centre and legal terms differ on FX — see note 3.
No hand-waving. This is the actual mechanism, including the part most of this industry would rather you didn’t think about.
This is the step most pages skip, so let’s be plain about it: your coins do move. You send USDC from your hardware wallet’s address into a smart contract account whose only owner is that same address. It’s an on-chain transaction and you pay the gas for it.
What doesn’t happen is the part that matters. The destination is yours, not ours — you can read the account on a block explorer, and no one but your device can move what’s in it. USDC only, for now. If everything you hold is BTC, this isn’t your card yet.
One signature at setup grants FLINT a narrow, revocable permission: pull USDC, up to a daily limit you choose, and only to the settlement address. Nothing else is permitted — not a different token, not a different destination, not a cent over your limit. Then your Ledger goes back in the drawer.
The card network gives a programme roughly two seconds to approve or decline. We read your balance, answer the terminal, and pull exactly what you spent. A licensed issuing partner would settle with the network at the end of the day.
Change the daily limit or tear the permission out entirely, any time, from your own device. We can’t stop you and we can’t undo it. That is the whole of your leverage — and it’s the part that’s real.
0.15% on the exchange rate. A million a day. Free at any ATM. Engraved with whatever you want on the front, and a phone number that a person answers.
We make money on the spread and nothing else. There’s no annual fee, no application fee, and no membership tier to buy.
Free — no monthly, no application fee
In Apple Pay and Google Pay the moment you’re approved.
Free — no monthly, no application fee
Machined metal, engraved to order. Ships in 5–7 days. Includes the virtual card immediately.
Limits shown are the programme ceilings for each card. Your own daily limit is the one you set on your wallet permission, and it can be lower — never higher — than the ceiling above.
Fee schedules, terms of service and help centres, read in July 2026. Where a company doesn’t publish a number, we’ve left it blank rather than guess.
| FLINT | RedotPay | ether.fi Cash | KAST | |
|---|---|---|---|---|
| Who holds the funds | You | A custodian, instructed by RedotPay | You — per their agreement | KAST — deposits are sold to KAST |
| Hardware wallet as signer | Yes | No | No — key held in a hosted enclave | No |
| FX spread | 0.15% metal · 0.5% virtual | — | 0–0.5% by tier3 | 0.5%–1.75%, rate not published |
| Per transaction | $100,000 | $100,000 | — | Unlimited |
| Daily ceiling | $1,000,000 metal · $250,000 virtual | $1,000,000 | $30,000 entry → $100,000 top | Unlimited |
| Card fee | None | $10 virtual · $100 physical | None | $0 · $1,000/yr · $10,000/yr |
| ATM | Free on metal | 2–3% | 2%, capped $750/day | $3 + 2%, capped $750/day |
| Identity checks at issuance | Documents, same as everyone1 | Documents | Documents | Documents |
Scroll the table sideways for the rest — the row labels stay put.
Sources: KAST Terms of Service and fee schedule; RedotPay fee schedule effective 1 December 2025 and customer agreement; ether.fi Cash help centre, fees and limits page, and cardholder agreements. Figures change — check theirs before you decide, as we did.
This isn’t a growth tactic dressed up as exclusivity. The architecture requires a device that can hold a key and sign for it. If your coins live on an exchange, there’s nothing here for you to own, and nothing for us to build on — you’d be better served by any of the cards on this page.
It does mean the people we serve are a narrow group: they own the device, they know what a signature is, and they’ve already decided that custody is worth the inconvenience. We’d rather build one good thing for them than a general-purpose card for everyone.
Own something we haven’t listed? Tell us the model on the form. Any device that can hold an EVM key and sign typed data is a candidate, and we’d rather hear about it than guess.
Tell us where you are and what you’re holding. Nothing here is verified on-chain and we don’t ask you to connect a wallet — it’s how we sort the queue, not a test you can fail.
Fifty thousand and up goes straight to the metal card and skips the queue entirely.
You’re on the list
Within the rules you set, yes — that’s what makes it a card rather than a wallet. The permission you sign is scoped to one token, one destination, and a daily ceiling you choose. We cannot exceed any of those, and you can revoke the whole thing from your device without asking us.
If that trade isn’t acceptable to you, no card is — and we’d rather you keep your coins in cold storage than sign something you’re not comfortable with.
You’re thinking of the widely reported Gnosis Pay incident earlier this year, where a signature-verification flaw in a shared permission module reportedly let an attacker drain a number of card-linked accounts at once. It’s the right thing to ask about, and we’re not going to tell you we’re immune.
The honest reading is that pooling users onto one permission contract means one bug reaches many people simultaneously — that’s a structural property of this design, not a one-off. It’s the strongest argument against the whole category, including us. What we can tell you is the daily ceiling you set is also the blast radius, and that we’d rather show you this question on our own page than let you find it elsewhere.
A fair question to ask before handing anyone your phone number, and the honest answer today is: not enough. FLINT is pre-launch. There is no incorporated entity to name yet, no issuing partner signed, and therefore no licence to point you at. Anyone at this stage claiming otherwise is describing a plan as though it were a company.
What that means for you: this list is a statement of interest, not an account. We hold your email, phone and answers, nothing else, and you can have them deleted by replying to any message or writing to [email protected]. Before a card is ever issued, the entity, its jurisdiction and the issuer of record will be named on this page — because by then they’ll legally have to be.
No, and neither does anyone else. The network allows about two seconds to approve a transaction. Your device is in the setup path, not the checkout path — it signs once to authorise the permission, and after that it stays wherever you keep it.
For the waitlist, we could — a signature proving you control an address costs nothing and no gas, and reading that address’s balance is a cheap lookup. We’ve chosen not to because it’s a queue, not a credit decision, and making you connect a wallet to join a list is a worse trade than trusting your answer.
For the card itself, a balance proof would be worthless anyway. A balance is a snapshot, not a lock: proving you held funds a second ago binds nothing about the second after. That’s precisely why the mechanism uses a revocable pull permission instead of a proof.
To join the list we ask for your email, phone, country, which hardware wallet you hold, and a balance range you pick yourself — plus a shipping address if you want the metal card. No documents, and we verify nothing on-chain at this stage. That’s genuinely all it is, because a waitlist isn’t a card. Before a card is issued to you, the identity checks required in your country will apply, and we’ll tell you exactly what they are before you commit to anything.
Anyone promising a card at these limits with no identity checks at all is either not issuing on a major network or not telling you the truth.
We don’t have a date, and we’re not going to invent one. The United States is the hardest market for this product, not the easiest — it needs an issuer of record plus state-by-state licensing, which is why competitors’ US coverage looks like a patchwork and why one of the largest self-custodial cards reportedly paused new US sign-ups.
Joining the list is how you get told the day it opens, and how we prove to a partner that the demand is there. That’s the honest description of what you’re signing up for.
The spread. We take 0.15% on the metal card and 0.5% on the virtual one when your spend needs converting, and that’s the entire business model. No application fee, no annual fee, no membership tier, and no cashback scheme with a cap buried in a separate document.
If you never spend abroad, we make almost nothing from you. That’s the deal.
Freezing the card doesn’t need your device. Tell us and we kill it at the issuer in seconds — a stolen card is a card-network problem and we solve it the way any bank does. Your funds were never on the card anyway; a thief holding it can spend up to your daily ceiling until we stop it, which is the same exposure as any debit card in your pocket.
Revoking the permission itself is the part only your Ledger can do — that’s the whole point of the design, and it’s a real inconvenience on the day you’re standing in a car park without it. This is the argument for setting your daily ceiling to what you actually spend rather than to what you own. The ceiling is also the blast radius.
Very possibly, and we’re not going to be coy about it because it’s the reason some people shouldn’t take this card. In several of the countries we’re opening in, spending a crypto asset is a disposal — you’re selling USDC for goods, and a disposal is a reportable event whether or not there’s a gain on a dollar-pegged token.
We’re not your accountant and this isn’t tax advice. What we will do is give you a complete, exportable record of every transaction, because the one thing worse than owing the tax is not being able to show your working.
We can’t yet, and we’d rather write that sentence than a paragraph that sounds like we can. There is no deployed contract address to read, no completed third-party audit to link, and no funded bounty programme — because there is no shipped product. A pre-launch page linking a repository as if it were a security guarantee is doing theatre.
What you’re entitled to hold us to: the contract address, the audit in full including whatever it finds, and a funded bounty will be on this page before a single card is issued — not after. Given question two on this list, anyone who ships this category without all three is asking you to take a risk they haven’t priced.
Any device that holds an EVM key and can sign typed data: the current Ledger line (Nano S Plus, Nano X, Stax, Flex, Nano Gen5), the Trezor Safe series (3, 5 and 7), Keystone, BitBox, GridPlus, NGRAVE, OneKey and Tangem among others.
Bitcoin-only devices can’t sign for an EVM account, so a Coldcard or a Jade won’t work here no matter how good they are at what they do. If you’re holding something we haven’t named, put the model on the form.
You bought the device, you moved the coins, you wrote down the words and put them somewhere sensible. The card is the easy bit. It should never have cost you your keys.