- Trying to making small payments is terrible; the only way to tell whether a transaction requires fees is to try it, see it fail, and parse the error message to figure out the fee amount.
- The "order" abstraction is bad because it assumes customers will always pay the exact order amount, which is false because users make mistakes (especially since the order page instructs the customer to add miner's fees, and if they do, the amount will be wrong and the order gets reported to us as "mispaid"). I had to put a lot of time into writing our own documentation about how order statuses work, particularly mispaid orders - from trial-and-error that unfortunately had to include some bad customer experiences. Perhaps the worst problem is that when a customer makes multiple payments on an order, they show up in the web interface, but not in the API.
- When you request an email address on the payment page, Coinbase doesn't check that it's a valid address.
- choose_price on orders doesn't work.
- The API just needs more consistency. There are entities with statuses named "complete", "completed", and "Complete". There are things called "hash" and "hsh". The order API gives a number of confirmations for a transaction, but the transaction API doesn't.
Brian Armstrong, CEO of Coinbase once said in an interview (http://techcrunch.com/video/coinbase-founder-brian-armstrong...) that they are dividing their bitcoins in hot and cold wallets.
A hot wallet only contains about 5% of the bitcoins the company has.
Meanwhile, the other 95% of bitcoins they're holding are stored savely in a key-split cold wallet.
Now, the problem is: if some user wants a large amount of his bitcoins out of coinbase, the guys owing their part of the split private key need to take action to transfer that amount of bitcoins from the cold to the hot wallet, assuming the amount is > 5%.
So what I think "Vault" does is give them a better architecture for planing and organizing their hotwallet-coldwallet-process.
"To complete the Coinbase Vault offering, we will be adding multi-signature (“multi-Sig”) technology in the coming weeks to enable customers to manage their own vault security."
It's not clear exactly how that will work, but if it's, say, 2-of-3 and Coinbase only holds one of the keys then it would.
Sometime in the next couple years, someone is going to come up with a relatively fool proof vault storage for bitcoins, we just haven't see it yet. (And Coinbase isn't sharing enough details yet for us to know whether they've put one together)
I didn't intend to make a conspiracy theory out of my question.
I assumed he was talking like they had just spent the bitcoin (Mt Gox stylee). Even if they were hacked, I would expect Coinbase to disclose that information--to presume that they've been hacked, lost bitcoin, and are hiding that from everyone is a pretty wild theory in my book.
Edit: I presume that Coinbase still holds on to all of the private keys for Vault accounts. Can someone verify otherwise?
For example: The economist said I should consider my "BATNA" or GPS receivers measure "pseudoranges".
Just as using jargon can indicate you are part of an group, putting quote marks around jargon indicates you stand apart from that group.
And there's going to be even more copycats than there already are. Making APIs on top of Bitcoin's API is going to get way, way more competitive because that's basically the first idea that every player entering the market has. It's extremely low capital to spin up a new API, so everyone and their mom's dog have been doing it. Transaction fees will be driven down by the copycats, and many of them will probably cut their transaction fees to zero for a long time (ahem, Coinbase).
At least as far as a whole system goes including the soft squishy components designing, developing and operating it.
Even for cryptography the only absolute proven secure method is the one time pad which has very real practical flaws and risks if you try to operate it in the real world.
Consider a traditional USD/EUR bank account. If your bank offers you a "vault" option to store your large balance to offer better reassurance that it won't get stolen from your "regular account"/wallet, aren't you going to have some serious concerns about security of the regular account? Instead of offering a "more secure account" why don't think just work on the fact that people feel that their regular accounts are insecure. This seems like a bandaid on the problem rather than the proper fix.
It's also overcomplicated. Now I have two account types and have to worry myself over what the differences are for accessing my money in each and how to use each. They're increasing the amount of friction it takes to get started rather than basing their model off a bank's model of "your account is as secure as it needs to be, just use one".
I've used it on overstock.com and it's pretty incredible. I think it's the least amount of information I've ever had to enter to buy something online. All I entered was the shipping address and my email address.
- An exchange is definitely a huge opportunity and a valid direction regardless of whether it'd be useful to you. and one that would make wall street more interested in Bitcoin which would push it mainstream.
- I feel this "vault" stuff won't do much to convince people it's secure. who knows whether the security is even different? just more terminology to learn = greater friction. keep it simple.
- does their button even support mobile?