Hacker News new | comments | ask | show | jobs | submit login
Coinbase introduces Vault (coinbase.com)
183 points by mihar on July 2, 2014 | hide | past | web | favorite | 62 comments

How about fixing the web app before adding more features? Their Ajax page loading hangs most of the time. Going straight to the URL works immediately, but it's not always possible.

I thought I was the only one experiencing this. My feeling is that the sometimes extreme slowness of their website is not unintentional, kind of like their arbitrary canceling or delaying of transactions and blaming it on false positives in their "high risk detection algorithm".

I honestly doubt that. For example, I tried to create a new wallet yesterday. The line indicator bar took its time (over 5 minutes) and never completed. Refreshed the page, it was there. Renamed another wallet - same thing. I'm not sure how this UI that never confirms that some operation completed can be intentional! This always happens to me - at least on Firefox as haven't used Chrome recently. Switching from Buy to Sell, for example, is the same. Any navigation, which is using history.pushState(), obviously, takes minutes, and almost never completes. I just know the routes by heart and key them in (no kidding), or click to get the route updated and then refresh. Honestly, I can't wait for Circle to grant me access... or Buttercoin or whatever alternative as we need redundancy. expresscoin seems nice, but its fees are much higher.

This. And the API.

Hi, Craig here from Coinbase. What changes would you like to see to the API?

A short list:

- Trying to making small payments is terrible; the only way to tell whether a transaction requires fees is to try it, see it fail, and parse the error message to figure out the fee amount.

- The "order" abstraction is bad because it assumes customers will always pay the exact order amount, which is false because users make mistakes (especially since the order page instructs the customer to add miner's fees, and if they do, the amount will be wrong and the order gets reported to us as "mispaid"). I had to put a lot of time into writing our own documentation about how order statuses work, particularly mispaid orders - from trial-and-error that unfortunately had to include some bad customer experiences. Perhaps the worst problem is that when a customer makes multiple payments on an order, they show up in the web interface, but not in the API.

- When you request an email address on the payment page, Coinbase doesn't check that it's a valid address.

- choose_price on orders doesn't work.

- The API just needs more consistency. There are entities with statuses named "complete", "completed", and "Complete". There are things called "hash" and "hsh". The order API gives a number of confirmations for a transaction, but the transaction API doesn't.

I'm assuming the vault doesn't improve security at all in the event that coinbase gets hacked and loses all of their btc?

Probably not as much as they'd like it to.

Brian Armstrong, CEO of Coinbase once said in an interview (http://techcrunch.com/video/coinbase-founder-brian-armstrong...) that they are dividing their bitcoins in hot and cold wallets.

A hot wallet only contains about 5% of the bitcoins the company has. Meanwhile, the other 95% of bitcoins they're holding are stored savely in a key-split cold wallet.

Now, the problem is: if some user wants a large amount of his bitcoins out of coinbase, the guys owing their part of the split private key need to take action to transfer that amount of bitcoins from the cold to the hot wallet, assuming the amount is > 5%.

So what I think "Vault" does is give them a better architecture for planing and organizing their hotwallet-coldwallet-process.

Multisig might.

"To complete the Coinbase Vault offering, we will be adding multi-signature (“multi-Sig”) technology in the coming weeks to enable customers to manage their own vault security."

It's not clear exactly how that will work, but if it's, say, 2-of-3 and Coinbase only holds one of the keys then it would.

Multisig would be good, especially if it's actually a address keypair, as it would allow you to verify the balance held exists.

If they truly have cold storage of their btc - yes, this system does improve security, as their cold-storage bitcoins aren't subject to electronic hacking, just physical intrusion. And, the use of encryption and HSMs can mitigate against even a physical intrusion as well.

Sometime in the next couple years, someone is going to come up with a relatively fool proof vault storage for bitcoins, we just haven't see it yet. (And Coinbase isn't sharing enough details yet for us to know whether they've put one together)

What makes you so sure that Coinbase even has all of our bitcoin in the first place?

I said all of their bitcoin. Coinbase certainly doesn't have all of my bitcoin.

I didn't intend to make a conspiracy theory out of my question.

The question means all of our Bitcoin at Coinbase. He's not making a conspiracy theory out of it - he's asking a legitimate question about whether or not Coinbase has all deposits accounted for or not.

Perhaps legitimate, but not in response to my comment.

That's a rationalization around the original blaming statement you made. You asked how we should know if they are secure. He said how do you know they haven't been hacked already? Both legitimate, up to the point you said he was making conspiracy theories.

I think it's a jump to say "hacked already."

I assumed he was talking like they had just spent the bitcoin (Mt Gox stylee). Even if they were hacked, I would expect Coinbase to disclose that information--to presume that they've been hacked, lost bitcoin, and are hiding that from everyone is a pretty wild theory in my book.

You can make sure that Coinbase has none of your bitcoins if you transfer them to your own wallet as soon as possible.

They're all offline, stored in real safety deposit boxes and bank vaults...

The keys are stored offline, but the BTC are always online. They are relatively safe against someone compromising your computers remotely. Against physical intrusions or insider attacks, not as much.

Physical intrusions can be dealt with by encrypting the keys, which I hope they are doing. Using a secret sharing scheme with physical tokens (e.g. smartcards) carried by chosen employees should reduce the danger of both of those attacks.

They claim the physical copies are encrypted [1].

[1] http://blog.coinbase.com/post/33197656699/coinbase-now-stori...

That's a terrible assumption.

Why is multi-sig in quotes? Is Coinbase providing its users with a '3' address that is on-block chain, or does this "multi-sig" approach still reside entirely off-block chain.

Edit: I presume that Coinbase still holds on to all of the private keys for Vault accounts. Can someone verify otherwise?

Some people use quotes to imply "this is not my term" - this is sometimes used for jargon and words you won't find in a dictionary.

For example: The economist said I should consider my "BATNA" or GPS receivers measure "pseudoranges".

Just as using jargon can indicate you are part of an group, putting quote marks around jargon indicates you stand apart from that group.

Multi-sig is a very powerful innovation for corporate use of bitcoin. Not because you can have arbitrarily many M of N signing a transaction, but that you can outsource complex policy in a trusted way. E.g., create policy that lower level employees can control a small percentage of a company's holdings, while higher level employees can control a higher percent. It allows you to implement flexibility that exists in the credit system, without giving up the trust/control that comes from the blockchain system.

What's up with the cold storage? That is absolutely no security, it is purely an operational detail on Coinbase's side. You are still trusting them with all your coins. Once they get multi-sig, that might actually be something interesting. For all we know, the "Vault" might just be a new menu item and some css.

I wonder how well Xapo is doing - because this seems like a copycat.

> I wonder how well Xapo is doing - because this seems like a copycat.

And there's going to be even more copycats than there already are. Making APIs on top of Bitcoin's API is going to get way, way more competitive because that's basically the first idea that every player entering the market has. It's extremely low capital to spin up a new API, so everyone and their mom's dog have been doing it. Transaction fees will be driven down by the copycats, and many of them will probably cut their transaction fees to zero for a long time (ahem, Coinbase).

Same with BitGo.

Actual launch page and a video about how it works https://coinbase.com/vault

If it's not insured, what's the point?

From a customer's perspective a false sense of security. From Coinbase's point of view, it decreases their need for liquidity and their chances of a run.

If this is their jumping-off point for multi-sig I'd be interested.

Is this where Tim is going to store his coins?

Obviously not if he bought them to provide liquidity for competitor Vaurum.

Is anyone else picturing the digital equivalent of this Al Pacino snl video? http://kristenwiigdaily.tumblr.com/post/27009841161/mygiftis...

In other news - "use vault, the regular wallet is insecure".

Yes, there shouldn't be degrees in security - a system is either secure or not.

Well then nothing is secure.

At least as far as a whole system goes including the soft squishy components designing, developing and operating it.

Even for cryptography the only absolute proven secure method is the one time pad which has very real practical flaws and risks if you try to operate it in the real world.

The threat model here is people leaking their own Coinbase passwords (via phishing, compromised PC, etc.), so the 48-hour delay and out-of-band verification ought to actually help.

So, 72-hour delay is even more secure?

Yep, and if you dump all your coins into an account with no private key, nobody can get your bitcoins ever, so that's really what everybody should do.

All sarcasm aside, Bitcoin is becoming more and more centralized everyday.

Of course that's not true. Convenience / security trade-offs are common, and lie on a spectrum.

Hardly a valid point if it's money related, but that's just me then, as the downvotes imply.

Even if it's money related. Carrying physical cash around with you is convenient, but not as secure as storing it in a bank.

I disagree with the direction Coinbase is going. Of all the things they could have built next, this is what they chose? Why not develop a button that says "Pay with Bitcoin by Coinbase" that allows one-click payments on third party websites/mobile apps? Or why not compete with Bitstamp and btc-e on the exchange front? There's definitely tons of room for competition there.

Consider a traditional USD/EUR bank account. If your bank offers you a "vault" option to store your large balance to offer better reassurance that it won't get stolen from your "regular account"/wallet, aren't you going to have some serious concerns about security of the regular account? Instead of offering a "more secure account" why don't think just work on the fact that people feel that their regular accounts are insecure. This seems like a bandaid on the problem rather than the proper fix.

It's also overcomplicated. Now I have two account types and have to worry myself over what the differences are for accessing my money in each and how to use each. They're increasing the amount of friction it takes to get started rather than basing their model off a bank's model of "your account is as secure as it needs to be, just use one".

They have the pay with bitcoin button


I've used it on overstock.com and it's pretty incredible. I think it's the least amount of information I've ever had to enter to buy something online. All I entered was the shipping address and my email address.

That's essentially the same as having a Paypal account, though.

Oh really, didn't realize that. I guess I should have done more research before posting! That's awesome!

I don't see how this is complicated or confusing and I completely disagree with you. I think this is absolutely the right direction to be going if coinbase (and bitcoin) want to become mainstream. An exchange is mainly for traders and most people like myself don't want to look at candlestick charts to know when to purchase or make a bid without any certainty of obtaining coins or worse compete with bots. On the other hand many people I know have kept away from bitcoin because of how seemingly complicated and confusing it is to supposedly keep secure -don't keep coins on exchange, use paper wallet, encrypt backups of private keys. This is definitely a step in the right direction towards attracting a more mainstream audience. As for a 'Pay with Bitcoin' button, are you kidding, how do you think overstock, newegg etc accept bitcoin payments - this is one of the first things they did.

Yeah I think we just disagree.

- An exchange is definitely a huge opportunity and a valid direction regardless of whether it'd be useful to you. and one that would make wall street more interested in Bitcoin which would push it mainstream.

- I feel this "vault" stuff won't do much to convince people it's secure. who knows whether the security is even different? just more terminology to learn = greater friction. keep it simple.

- does their button even support mobile?

I don't really agree here. A bank is safe because your money is FDIC backed even if a robber raided their coffers, BTC doesn't have that level of security yet and given the number of thefts in the last few years, I think security is something that is on everyone's minds when they choose a bank to hold their coins.

This is a good point. I guess what I should say is that I'm looking forward to the day when Bitcoin banks are FDIC backed and we can move on from being paranoid about security.

Bank's don't have that model. Any sane person would have a separate savings account that doesn't really get used. The checking account is meant for variable balances, because your account number is more than likely floating around via checks/online ACH transfers which results in the potential for a security breach.

So then why don't they just call it a savings account and a checking account? Wallet is an implementation detail at this point that the average user shouldn't have to learn when there's already a word in their vocabulary.

Because having Bitcoin deposited doesn't net you interest?

LOL neither does having USD deposited with interest rates nowadays...

also differentiating between the products/services traditional finance uses and the bitcoin ecosystem offers is a good idea.

the average user might have to learn a few extra words to understand bitcoin, "bitcoin" being one of them.

I am at a loss as to why you think this is the thing they built.

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact