Moreover, Coinbase has insurance that protects your assets against Coinbase getting compromised (FDIC for USD and an insurance policy through Lloyd's of London for crypto). If _you_ are at fault for your account being compromised (ie someone steals your password) then you are not protected by these insurance policies.
That's why this new vault functionality is so important, it protects your assets from personal negligence.
With these new features, all your bases are covered.
I'm not associated with Coinbase so my knowledge extends to that same article you linked. You appear to be correct so far as the text of the article goes.
In the future I imagine crypto wealth will be secured by breaking it into multiple wallets stored in vaults controlled by different organizations. That protects you from total asset loss due to institutional failure. And this type of failure isn't limited to crypto (see Bernie Madoff's hedgefund).
When they say vaults, they're actually vaults. 98%, according to them, of their funds are stored offline.
The only attack vectors are cryptographically, which you can pretty much rule out (safe for human error), and some kind of human attack. (blackmail, social engineering etc) But there's procedures in place there, too. The offline keys are multi-signature, requiring multiple executives in multiple locations to clear industry security protocols, then come together and commit a crime.
The remaining 2% of online funds are insured.
If anything goes wrong, it's extremely likely to be on the customer side. They offer the usual secure connections, multisig etc, and the vault adds an extra 48h withdrawal period ontop.
If you know the basics of bitcoin's cryptography, it's pretty trivial to store bitcoins on private keys that never saw the light of day, using a bunch of dice and an offline open source bit of software. But if you have to use a service, I'd say Coinbase is pretty damn secure. Just make sure your side's clean. Accessing secure systems from compromised phones/laptops is a losing battle, and as there's no real recourse with bitcoin, that's usually where things go wrong even when using secure services.
> If anything goes wrong, it's extremely likely to be on the customer side.
Since this is also true of their ordinary wallet product, I think "security theatre" isn't totally unfair here. The only thing this really adds is the 48 hour delay.
Anyone have any idea of the specific mechanics they use to withdraw from the vault? Do several executives meet in a special room at a certain hour, with their keys on paper/usb, and type them into an air-gapped machine one-by-one?
I wonder how they handle a lost key, do they have to move $1 billion+ of Bitcoin to a new wallet each time?
If you have control over your own keys (such as in the case of the "old" Coinbase vault) those things are a non-issue. But with the way how the new vault works a hardware wallet looks like a better solution.
Well until CoinBase is hacked and there is nothing left FOR you to withdraw.
Just as with fiat USD, depositing it into any third party that is not FDIC is silly. Same here, however there is no FDIC like entity to return your money, so the only true secure way is to only hold them yourself.
Of course that makes mass adoption much more difficult...
Until Gov. Treasuries and central banks really jump into the game...
This feature will not make your coins more secure or prevent coinbase from being hacked. However your coins will most likely be moved to "Cold storage" which will make your coins extremely difficult to steal in the event that either coinbase or your account is breached.
As far as cryptocurrency exchanges go, Coinbase is among the most secure, practicing what they call "Paranoid Security".
If it makes your coins extremely difficult to steal in the event that either coinbase or your account is breached, isn't that by definition making your coins more secure?
I don't believe they use the traditional cold storage methods anymore(Usb/Device in a phyiscal vault or paper in a physical vault etc). They generate the keys offline and split the keys using a secret sharing method among a quorom of keyholders. So they are geographically dispersed and if one subset on keys were to be lost, there's still a possibility of regenerating by obtaining the other sets from the Quorom
> This feature will not make your coins more secure
It does make your coins more secure, by requiring 48 hours and additional confirmation emails before they can be withdrawn.
If a hacker manages to get your password and (if enabled) the Google Auth app on your phone, they will now additionally have to wait 48 hours, while you are receiving email warnings about the withdrawal, before they can withdraw any of your vaulted coins.
This is incorrect, customer funds go to cold storage regardless of whether they're in a vault or wallet. This feature is intended to protect against account takeover, not the Coinbase hot wallet getting hacked.
What kind of software engineers are they hiring? I'm senior CS student and want to work in this space (crypto). Could you recommend any subject to dive into?
You seem to misunderstand my statement. Let me explain a little further please.
Your coins are not safe/secure while they are with coinbase, and will never be because you do not own the private keys. It does not prevent you from losing your money in the event of worst case scenarios, it just makes it harder for someone to steal your money while it is in the care of coinbase.
> However your coins will most likely be moved to "Cold storage"
This is the part I was responding to. It sounds like you're saying that using the vault feature will move your coins into cold storage. In fact, they were always in cold storage.
If I recall correctly, vault is used for them to plan how much coins to store between cold storage and hot wallet. Not just an account level authentication.
So this almost made me register for a Coinbase account to finally buy some Bitcoins. That is until I got to the ID verification section. Am I wrong to be worried about uploading a picture of my passport to a US company?
Well you sortof for legal compliance of "know your customer" laws. I wouldn't be too worried...there are many other things to be worried about...I don't think this ranks too high in the grand scheme.
I wouldn't use Coinbase to buy BTC. The IRS already tried to obtain all customer data before, and they conceded with "only customers who spend over $20,000".
Even outside of privacy issues, Coinbase goes down during critical periods often. Price crashing and you want to buy/sell quick? The site will likely be down.
Outside of accessibility issues, Having Bitcoin on coinbase is more like an I-O-U and defeats the purpose of cryptocurrency imo, which is having the private keys to your funds which only you control.
I recommend this guide to set a multisignature wallet through CoPay and Glidera. And managing your keys with a password manager like Enpass.
I switched from Coinbase to Gemini. Their verification process is very quick and their customer service is too. Coinbase never responded to my ticket when I asked them why my purchase was pending for over a week.
You make good points, but you can still buy BTC with Coinbase and then transfer them to your private wallet that you control.
This is very useful if you want to set up a long term investing strategy. For example you can set your debit card or bank transfer to automatically buy $500 of BTC each week, then monthly or quarterly transfer those coins to your private wallet based on your individual risk tolerance/free time.
If you're not using illegally obtained funds to acquire coins, who cares if they get you "on the record"? This is only relevant if you want to evade capital gains tax at some point, which would be illegal anyway.
I've never quite understood people leaving their cryptocurrency in wallets held by exchanges. Exchanges are good for exchanging. Any time I've dealt with bitcoin (bought 10 when they were ~$3.30/ea, that was probably the best investment I'll ever make and was done on a lark for an online game) the coins spent only a couple minutes in the wallet on the exchange. Transfer to that wallet, sell, or buy then immediately (well once the transaction is confirmed, an ever-growing amount of time...) transfer to my personal wallet. And after Mt.Gox went away with $1200USD in my account with them (but 0 btc), I get the USD into a personal account ASAP as well. I'm surprised no exchanges have been made which only do this. Holding onto coins just seems like inviting trouble.
My biggest fear is identity fraud, but perhaps I can trust CoinBase enough for that not to be a problem. Still, I would much rather not upload a picture of my passport if I can help it.
My passport scan has a lot of real information about me: my birthday, my place of birth, my passport number, my PESEL, my nationality. That's a hell of a lot of information that could fall into the wrong person's hands.
I tried to sign up for Coinbase back in July and kept running into problems during the id verification step (at some point, they thought I was under 18). I tried to work through their customer support, but only received automated messages.
I tried to sign up for an account there as well. Process and verification were just garbage. Never worked with a dozen tries, different IDs, etc. Wouldn't recommend.
> Am I wrong to be worried about uploading a picture of my passport to a US company?
As opposed to? I mean, if you travel anywhere, the US government has a scan of your passport.
Surely the bigger concern here is not the passport but the money you desire to give away to any company in exchange for a database entry that assigns you a fraction of a nascent digital currency.
If you do sign-up - and you should if you believe in Bitcoin's future - make sure to buy Bitcoin on Gdax. It's Coinbase's trading platform. Buy your coins there and you avoid the outrageous fees (as you're making the trade yourself rather than paying Coinbase to do it for you).
Wow, at first I was impressed because I have used Coinbase's multi-sig BTC vaults in the past and those were the real deal. As in, they allowed for security and convenience. One key with Coinbase, one key with user, and the third key in your bank vault or somewhere hard to reach. All generated client-side. It protected against Coinbase being hacked, but still offered convenience.
This product is the opposite! One-key. Same security (in terms of Coinbase being hacked) and less convenience than the regular wallet! In fact they even took the multi-sig BTC wallet away. You used to be able to create more than one multi-sig BTC wallet in your Coinbase account. Now I only have one and I don't see an option to create another.
Maybe in practice, the risk of people getting phished is much higher than the risk of Coinbase getting hacked.
They have MFA at the account level. Serious question: is what you described more secure than that? These vaults mean they take coins offline, so it becomes a physical security task to secure them.
Yes, a multi-sig wallet is more secure. With the multi-sig wallets, even if someone infiltrated Coinbase's offline coins, the hacker STILL would not be able to steal the coins. With these new "multi-email" wallets, the hacker would. This is all assuming that the user can manage his two keys better than two email accounts.
In fact, the multi-sig wallets were nice too because you could retrieve your coins even in the case where Coinbase went away completely. e.g. if they pulled a Cryptsy or a BTCe
Didn't have a multisig BTC wallet before (created one in the past, but deleted it months ago) and I don't seem to be able to add another multisig wallet - only those multi-email-confirmation-required wallets.
Not holding the keys for my own coins is not an option (see https://www.youtube.com/watch?v=vt-zXEsJ61U for why), but at least there are alternatives such as Ledger hardware wallets.
Just to warn folks, if they for whatever reason do something that makes want to get your money out, like not supporting a fork, the withdrawal delay on vaults can hinder your ability to get your funds out in time. Make sure if you do this that you stay on top of any future time-sensitive announcements they make so you can withdraw in time.
Cryptocurrencies are so volatile that there's a non-negligible risk that locking away a large sum for 48 hours could potentially cost you nearly all of it.
And they're so hackable that not putting a time delay on withdrawals could also potentially cost you all of it.
Safety deposit boxes are subject to many problems, most notably human error. Death certificate fraud is far more common that you'd imagine. I would bet that far more has been stolen from safety deposit boxes through social engineering and fraud than from hacking cold storage systems.
65 comments
[ 3.1 ms ] story [ 57.3 ms ] threadThat's why this new vault functionality is so important, it protects your assets from personal negligence.
With these new features, all your bases are covered.
I thought Coinbase had insurance that only covered the online portion but not offline vaults, where most of the 'money' is stored?
If an offline vault is compromised through their system then what? The promise of keeping things separate doesn't guarantee anything.
'All digital currency that Coinbase holds online is fully insured.
'Coinbase holds less than 2% of customer funds online. The rest is held in offline storage.'
They only insure less than 2% of their coins. This does nothing to protect private keys that go missing or are destroyed in their offline wallets.
I would love to know that I'm wrong.
https://support.coinbase.com/customer/portal/articles/166237...
In the future I imagine crypto wealth will be secured by breaking it into multiple wallets stored in vaults controlled by different organizations. That protects you from total asset loss due to institutional failure. And this type of failure isn't limited to crypto (see Bernie Madoff's hedgefund).
The only attack vectors are cryptographically, which you can pretty much rule out (safe for human error), and some kind of human attack. (blackmail, social engineering etc) But there's procedures in place there, too. The offline keys are multi-signature, requiring multiple executives in multiple locations to clear industry security protocols, then come together and commit a crime.
The remaining 2% of online funds are insured.
If anything goes wrong, it's extremely likely to be on the customer side. They offer the usual secure connections, multisig etc, and the vault adds an extra 48h withdrawal period ontop.
If you know the basics of bitcoin's cryptography, it's pretty trivial to store bitcoins on private keys that never saw the light of day, using a bunch of dice and an offline open source bit of software. But if you have to use a service, I'd say Coinbase is pretty damn secure. Just make sure your side's clean. Accessing secure systems from compromised phones/laptops is a losing battle, and as there's no real recourse with bitcoin, that's usually where things go wrong even when using secure services.
Since this is also true of their ordinary wallet product, I think "security theatre" isn't totally unfair here. The only thing this really adds is the 48 hour delay.
I wonder how they handle a lost key, do they have to move $1 billion+ of Bitcoin to a new wallet each time?
If you have control over your own keys (such as in the case of the "old" Coinbase vault) those things are a non-issue. But with the way how the new vault works a hardware wallet looks like a better solution.
Just as with fiat USD, depositing it into any third party that is not FDIC is silly. Same here, however there is no FDIC like entity to return your money, so the only true secure way is to only hold them yourself.
Of course that makes mass adoption much more difficult...
Until Gov. Treasuries and central banks really jump into the game...
This feature will not make your coins more secure or prevent coinbase from being hacked. However your coins will most likely be moved to "Cold storage" which will make your coins extremely difficult to steal in the event that either coinbase or your account is breached.
As far as cryptocurrency exchanges go, Coinbase is among the most secure, practicing what they call "Paranoid Security".
Brian has written about it in the past. https://engineering.coinbase.com/how-coinbase-builds-secure-...
It does make your coins more secure, by requiring 48 hours and additional confirmation emails before they can be withdrawn.
If a hacker manages to get your password and (if enabled) the Google Auth app on your phone, they will now additionally have to wait 48 hours, while you are receiving email warnings about the withdrawal, before they can withdraw any of your vaulted coins.
(I worked at Coinbase a little while back)
I'm sure crypto projects and experience are a plus :)
Your coins are not safe/secure while they are with coinbase, and will never be because you do not own the private keys. It does not prevent you from losing your money in the event of worst case scenarios, it just makes it harder for someone to steal your money while it is in the care of coinbase.
This is the part I was responding to. It sounds like you're saying that using the vault feature will move your coins into cold storage. In fact, they were always in cold storage.
An exchange that doesn't follow KYC laws is at the very least under threat of being shut down by the US.
It's part of the reason why I like coinbase so much, they are clearly following all the required laws.
Even outside of privacy issues, Coinbase goes down during critical periods often. Price crashing and you want to buy/sell quick? The site will likely be down.
Outside of accessibility issues, Having Bitcoin on coinbase is more like an I-O-U and defeats the purpose of cryptocurrency imo, which is having the private keys to your funds which only you control.
I recommend this guide to set a multisignature wallet through CoPay and Glidera. And managing your keys with a password manager like Enpass.
https://gist.github.com/paOol/d6c78c339cc5c4df6dd745d3bc2cc5...
This is very useful if you want to set up a long term investing strategy. For example you can set your debit card or bank transfer to automatically buy $500 of BTC each week, then monthly or quarterly transfer those coins to your private wallet based on your individual risk tolerance/free time.
(answer is nothing)
Eventually, I gave up and went somewhere else.
As opposed to? I mean, if you travel anywhere, the US government has a scan of your passport.
Surely the bigger concern here is not the passport but the money you desire to give away to any company in exchange for a database entry that assigns you a fraction of a nascent digital currency.
If you do sign-up - and you should if you believe in Bitcoin's future - make sure to buy Bitcoin on Gdax. It's Coinbase's trading platform. Buy your coins there and you avoid the outrageous fees (as you're making the trade yourself rather than paying Coinbase to do it for you).
What? The government makes the passports.
This product is the opposite! One-key. Same security (in terms of Coinbase being hacked) and less convenience than the regular wallet! In fact they even took the multi-sig BTC wallet away. You used to be able to create more than one multi-sig BTC wallet in your Coinbase account. Now I only have one and I don't see an option to create another.
Maybe in practice, the risk of people getting phished is much higher than the risk of Coinbase getting hacked.
In fact, the multi-sig wallets were nice too because you could retrieve your coins even in the case where Coinbase went away completely. e.g. if they pulled a Cryptsy or a BTCe
Not holding the keys for my own coins is not an option (see https://www.youtube.com/watch?v=vt-zXEsJ61U for why), but at least there are alternatives such as Ledger hardware wallets.
Cryptocurrencies are so volatile that there's a non-negligible risk that locking away a large sum for 48 hours could potentially cost you nearly all of it.
And they're so hackable that not putting a time delay on withdrawals could also potentially cost you all of it.