Coinbase is insured against hacking, internal theft, and accidental loss in an amount that covers maximum value of bitcoin we hold in online storage at any given time.
When marketers advertise in bad faith, you could end up with a bad product. In this case, however, you could end up losing your money.
Unless you have multisig control over your coins, do not put large sums into this exchange unless you want to lose your money.
98% of customer bitcoin is stored entirely offline.
This means the vast majority of users don't have multisig control over their coins, since multisig-protected coins can't be put into offline storage.
Let's recap Coinbase's technical problems over the years:
Here's a Coinbase engineer saying "there are a few lingering issues" in response to transactions being delayed for days (sometimes over a week) and BTC not being able to be withdrawn: https://news.ycombinator.com/item?id=5427985
And now they're trying to pretend like your coins are completely safe. They're not. If Coinbase becomes insolvent and goes bankrupt, you won't get your coins back. It happened to Mt. Gox, it sucked for me, and if it happens to Coinbase it's going to suck for you.
Don't put more than a few bucks into this, or whatever you're comfortable with losing.
I think having healthy reservations about trusting central services is a good thing (read: don't hold all your money in a single place), but I also don't see centralized services going away. We can talk about "decentralizing exchanges" all we want, but at the end of the day, you need direct access to the ACH/banking networks to streamline transfers between the system everybody uses today, and the only way to do that is with a centralized service. Anybody that thinks the banking system is going to let a decentralized service pull money out of people's bank accounts needs to stop grinding up their copy of Atlas Shrugged and smoking it.
I have my concerns about some of their tech choices (NONE of which involve security, except the simple fact of control of private keys), and I wasn't happy with the way they handled their tech interviews (I'm not going there, everybody learned from it, it's not relevant anymore).
But I also see them doing a pretty good job overall, and I see all the other exchanges screwing up really badly. This move makes sense. They need a stable exchange service, they have the capacity to build one, and there's demand. So why not? I would have done the exact same thing.
This also adds a lot of context to the recent raise, of course. Another less obvious thing that adds context is that Coinbase is now a very programmable fiat bank account, which is something that could, with a little work, put a serious dent into Paypal and the rest of the banking industry, which still does not provide good APIs for their banking services.
Coinbase might not be a Bitcoin wallet (the provider not being able to read the private key is my personal standard for this), but Coinbase is becoming one hell of a Bitcoin/fiat bank account. And we need those, too.
Even if Bitcoin fell apart, a pivot to a highly programmable fiat bank would be a cake walk for them, and there's plenty of money to be made. Probably worth the investment at this point in the game.
> Anybody that thinks the banking system is going to let a decentralized service pull money out of people's bank accounts...
I don't think that's completely clear. There will certainly be co-ordinated resistance from many entrenched interests, but that resistance also creates a profit-opportunity to break ranks to provide the service to customers who want it. It's more likely we'll see a split amongst banks and their policies to digital/alternative banking services.
I don't think this is reasonable. They have their online coins insured, so if they lose them, they can reimburse you.
This is a serious, professionally-run company backed by a lot of VCs we all recognize, plus banks and the NYSE. And regulated. They also have an overall good track record for a small company (all such companies have some growing pains).
They have everything to gain by honesty and everything to lose by committing fraud, including prison (and dishonesty is the only reason they would become insolvent).
The whole situation could not be more unlike Gox, and it is not reasonable to judge them by that standard.
They have their online coins insured, so if they lose them, they can reimburse you.
That's a little irrelevant, because their hot storage wallet (their online coins) should be a small subset of their total coins. The whole point of a hot storage wallet is that if you lose them, it doesn't matter. So insuring those is pointless except as a marketing stunt to confuse people, which is why saying "We're insured" is bad faith.
This is a serious, professionally-run company backed by a lot of VCs we all recognize, plus banks and the NYSE.
Indeed, and if Coinbase loses all the coins, none of those people will step in to replace them, because nobody is going to put up hundreds of mullions or a billion dollars just to reimburse customers.
They have everything to gain by honesty and everything to lose by committing fraud, including prison (and that is the only reason they would become insolvent).
I disagree that technical problems can't make them insolvent. All it would take is an unhappy accident in their cold storage procedures.
But beyond tech problems, consider a thought experiment: If you're a gambling person, would you trade 20 years of your life in exchange for becoming a billionaire?
Banks are nice because if someone takes money, the money can be retrieved. Not the case for bitcoin. Someone is in charge of the cold storage procedures, so that person is in control over all the coins. If they decide to take all of them, there's nothing anyone can do about it except throw them into prison.
Obviously, bitcoin may be completely irrelevant by the time you're out of prison. In fact, emptying Coinbase's cold storage reserves might even cause that. But money does strange things to people, and this technology has changed the power dynamic. Some of those changes are good. But are you sure you want to trust a single person with your entire fortune? Worse, you're trusting multiple people where any single person can take your fortune. Even if they require several people to sign off, that's a very small number of people in complete control of your fate.
It probably sounds like I'm anti-Coinbase. I'm not. I'm pro-consumer. As soon as Coinbase insures all of their coins or offers true protection to consumers (by default!) then I'll be their biggest fan, because they'll have become an awesome bank.
"But are you sure you want to trust a single person with your entire fortune? Worse, you're trusting multiple people where any single person can take your fortune."
Coinbase is hopefully not entrusting individual employees with cold storage keys. Their security page suggests they're using Shamir's Secret Sharing or similar (https://www.coinbase.com/security), though multisig would be even better.
Shamir's Secret Sharing and multisig Bitcoin transactions support arbitrary n-of-m pieces/keys, e.x. a 3-of-6 scheme would require 3 of the 6 pieces to reconstitute the key/sign a transaction, so any 3 pieces could be lost.
2-of-3 is common for end-user multisig. Generally you'd have 1 key physically backed up on paper in a secure place, 1 key on one of your devices (phone or computer), and 1 key either on another device (hardware wallet or phone) or controlled by a 3rd party that does risk analysis/fraud detection on your transactions.
> So insuring those is pointless except as a marketing stunt to confuse people, which is why saying "We're insured" is bad faith.
I don't think it's in bad faith. Bitstamp just lost its hot wallet recently, and people were panicking, because they didn't know what the situation was. Now, with Coinbase, if that happens, we don't have to panic. It's hard to tell people something that is true and have it be "in bad faith."
> I disagree that technical problems can't make them insolvent.
I agree with you here, I just think the chance is so low that it's not worth mentioning. I don't have any insider info, but I seem to recall reading a post a long time ago where they explained having some kind of x-of-y system of paper wallets stored in bank safety deposit boxes all over the country with a lot of redundancy.
If you are willing to assume they have even a minimal level of common sense and competency, they have an offline storage system that is very robust.
> But beyond tech problems, consider a thought experiment: If you're a gambling person, would you trade 20 years of your life in exchange for becoming a billionaire?
I think this is an interesting thought experiment. I don't completely disagree, but I am still willing to trust coinbase with my money.
Well, Bitstamp was incompetent enough to keep $5M USD (almost 20k BTC) in their hot wallet. That's half their most recent funding round, so the panic is probably warranted.
I think we're at an impasse because you believe in Coinbase's competency. That's commendable, but I saw firsthand how incompetent an exchange can be without anybody noticing. If I'd researched Mt. Gox, I would have found a history of tech problems not dissimilar to Coinbase's, so the goal with my original comment was to remind people that this situation is very similar to Mt. Gox. They're based in the US, they have good investors, but still fundamentally similar to Mt. Gox.
Don't get me wrong, making an exchange is a hard problem, so it's pretty amazing that Coinbase has gotten this far with "only" four or five high-profile issues. Everyone loves a story of some small group of people surmounting a difficult problem. But when that problem puts people's livelihoods at risk, we need to make sure everybody is fully informed about the risks.
I also want to thank you for the interesting conversation. Much appreciated!
> They're based in the US, they have good investors, but still fundamentally similar to Mt. Gox.
I just don't agree with that. Those two things make them fundamentally different than Mt. Gox. The other fundamental difference is that they are not run by Mark Karpeles. I have to believe Karpeles is an exceptionally immoral/careless (or something, I'm not exactly sure) person, not anywhere close to the average.
But there is definitely some validity in what you are saying. I mean, nobody should trust to any bitcoin exchange more than they can afford to lose.
> I also want to thank you for the interesting conversation. Much appreciated!
I'm not sure I would call Bitstamp incompetent for keeping $5M USD worth of bitcoin in their hot wallet.
A hot wallet needs to contain enough to cover the largest reasonably-sized transaction which a user may want to withdraw (and then some), and a global exchange like Bitstamp would have many institutional customers who may withdraw that much on a weekly basis.
I am the biggest loser at 4700+ BTC. Screenshot from a few days ago for the purposes of record keeping.http://imgur.com/IDbM0BP
This behavior isn't uncommon. Check out the rest of the thread. Everyone is expressing their faith in Coinbase's competence, so if that's your position, trusting your fortune to them wouldn't seem unreasonable. It's how I lost money on Mt. Gox.
A whopping third of people surveyed had more than 20-30% of their net worth in bitcoin. I wonder how many of those people are storing it themselves vs storing them with Coinbase or some other exchange?
You can hurt yourself with a powertool, even a kitchen knife or a kettle. Do more damage than you ever could with bitcoin. That doesn't mean the manufacturer should buy you healthcare insurance.
Storing 4700BTC with an exchange is far, far beyond intended use. My position is that you shouldn't be doing it.
I understand the pro-consumer position. Yes, maybe the exchange should push you into cashing out. But this is starting to turn into padding every room.
We allow people to speculate on forex. We allow them to play carpenter. I don't see why this shouldn't extend to bitcoin.
My intent wasn't to argue that Coinbase should be illegal. That would be silly. My goal was to show that regardless of how we feel consumers should act, those links show how they do act.
Consumers take risks far beyond what's reasonable. It's up to Coinbase to protect them, and for them to inform consumers if they can't. But Coinbase is doing just the opposite: they're advertising that they're insured while handwaving the fact that they only insure 2% of their coins. And so on.
I guess the question is, why are they making such a big deal about their insurance, if it's both unnecessary and not useful? It sounds like they're trying to run the exchange as you say (with the vast majority of assets not insured) but trying to convince people that it's a safe place to store any amount ("we are insured").
The insurance covers the riskiest part of their operation: hot wallets. And it's meant to convince people that it's a safe place to exchange money. Seems rather straight-forward to me.
If it matters, then you're keeping too much in your hot wallet. The definition of "hot wallet" is "we keep a small enough assets here to cover day-to-day operations, but not so much that we're in trouble if they disappear." There's no other reason to have a hot wallet.
Insuring their hot wallet might let Coinbase increase its size, but it offers no extra protection for consumers. None whatsoever.
You're crazy. How easily you can lose the funds in a hot wallet is not part of the definition.
Also, I feel safer using a business that can't lose 3% of its assets in seconds, no matter if it would be stable either way. I'm surprised that you don't. (And yes, safety is the same thing as protection.)
I agree that this definition of a hot wallet is wacky. The definition of a hot wallet is easy: it's a wallet that's online and can be accessed by automated systems without human intervention. How you use it is entirely up to you, and nothing says you can't put 100% of your assets in a hot wallet, it's just a really bad idea.
However, I still think it's really odd to only insure the hot wallet and to call so much attention to the fact that it's insured. Imagine if your bank called attention to the fact that they were insured with large, high-rated insurers for any conceivable loss... and then they mention at the end that the insurance only covers what's in the tellers' drawers, not what's in the vault. Personally I'd run far, far away if I saw something like that.
The analogy is tricky, because in many banks the vault is effectively the hot wallet. Most of the money is in the form of debts or loans, and the vault only holds enough cash for normal withdrawals.
It's bad that they have no insurance on the cold storage, but that's something you can't really get anywhere as far as I know. I take it more as a risk of bitcoin in general.
A whopping third of people surveyed had more than 20-30% of their net worth in bitcoin. I wonder how many of those people are storing it themselves vs storing them with Coinbase or some other exchange?
I imagine most of these people saw a medium sized investment increase in value significantly, which made it a larger part of their net worth as opposed to putting 25% of their net worth into bitcoin.
I bet the $ value is insured. Will that be at the price they were when they were stolen or at the price they are when they pay out your claim? I'm betting which ever is the cheapest.
What I mean is if they are stolen today priced at $200, let's say you have 100btc on there,that is $20k. You claim but it is 2 months later any payout is made. Now bitcoin is only worth $100 each so you they give you $10k to rebuy your 100btc or do they give you the $20k it was worth when it was stolen. How about if the price of btc goes up? 100btc might now cost $200k to replace, so now they want to give you the dollar value at the time it was stolen.
I would not want the be the person putting it to the test regardless of the outcome.
What about the vast majority of large, publicly-traded American companies that are honest and do good business?
Pointing out Enron is cherry-picking. I can point out 499 other business on the Fortune 500 that aren't Enron.
The point is, they, maybe Coinbase is just as corrupt and shady and incompetent as Mark Karpeles (i.e. Mt. Gox), but there is just no reason to assume that. Its a leap of faith. It's much more likely that they are not exceptionally shady/incompetent/dishonest/whatever Karpeles is.
The point isn't to decide whether they are good people or not; it's about the protections in place that should make that irrelevant. I buy all sorts of stuff from some surely shady characters, but I do so through amazon who I'm confident will make things right when they go wrong.
Coinbase is promising that if something goes wrong, they can make as much as 2% of it right. Let's hope that when something goes wrong, it's with that 2%.
> They're trying to pretend like your coins are completely safe. They're not.
Nothing is completely safe, not even traditional banks. FDIC insurance has many limits and restrictions (eg. it does not cover safe deposit boxes). In 2014 the national bank in Bulgaria had a catastrophic bank run who left depositors like you and me unable to access their money (to this day they still don't have their money - http://www.forbes.com/sites/francescoppola/2014/08/18/the-bu...). In 2013 customers of the bank of Cyprus lost between 50% and 100% of their deposits over 100 000 euros (http://www.bloomberg.com/news/2013-07-30/cyprus-sets-levy-on...). And so on. It is a good reminder that a crisis causing you to lose money can happen at ANY financial institution. Every year there are millions of people losing money who thought was "safe".
That's why it is always a good advice to diversify, to not keep all your eggs in one basket, etc. Bitcoin is no exception.
With that said, it is fair to remark that Coinbase is still probably one of the safest places to keep your coins "online" for day to day usage.
Diversification is a great idea and I think your advice is sound, but I'd also like to point out that there are limits to it. FDIC doesn't quite belong in the same category as Bulgaria or Cyprus. When small countries have a shock like that, it's bad for the people with money in their banks. If the same thing happened in the US, it would either happen because of a massive worldwide economic crisis, or it would cause one. I'm not sure there's anywhere you can diversify and be safe with something like that.
> This means 98% of customers don't have multisig control over their coins, since multisig-protected coins can't be put into offline storage.
What makes you think you can't use multi-sig and offline storage at the same time? That's just false. You don't need an internet connection to sign a multi-sig transaction.
But I agree on everything else: 98% of funds aren't insured, and to me Coinbase has always been just another Rails startup (not necessarily a bad thing, but they made tons of mistakes typical of having web developer talent only).
Well, the goal of multisig is to retain control over your own coins. If someone can take your coins offline, then you no longer have control over them.
Multisignature escrow works as follows. When Alice wants to send $20 to Bob in exchange for a product, Alice first picks a mutually trusted arbitrator, whom we’ll call Martin, and sends the $20 to a multisig between Alice, Martin and Bob. Bob sees that the payment was made, and confirms the order and ships the product. When Alice receives the product, Alice finalizes the transaction by creating a transaction sending the $20 from the multisig to Bob, signing it, and passing it to Bob. Bob then signs the transcation, and publishes it with the required two signatures.
In this case, Bob is Coinbase and Alice is you. Alice plus Martin always retain control over the coins, so Bob alone can't take them offline.
The way that a multisignature wallet works is simple. Instead of the Bitcoin address having one private key, it has three. One private key is stored semi-securely, just as in a traditional Bitcoin wallet. The second key the user is instructed to store safely (eg. in a safety deposit box), and the third key is stored on the server.
Basically, the user would be the one storing it in offline storage, not Coinbase. But since Coinbase is claiming 98% of coins are stored offline, that means at least 98% of coins aren't using multisig.
EDIT: Thank you to kanzure's comment below. Updated.
The goal of multi-signature is to decentralize the ownership (or control) of the coins. In the case of Coinbase's offline storage, they could very well be using multi-signature (and they probably are) so that no single employee can run with the coins. Instead, every time they need to refill their hot wallet, the three or five or whatever employees needed to sign the the transaction have to agree and provide their signature.
I agree that Coinbase itself should be using multisig, but the point of my comment is that if customers themselves aren't using multisig, their coins' fate is completely in Coinbase's hands. And Coinbase multisig won't save those coins from tech problems, willful theft, or a breach in their security model. Multisig offers you no benefits if you're not the one in control.
Are you sure you want to trust your fortune to three or five employees?
> Multisig offers you no benefits if you're not the one in control.
That's a little extreme. I would trust a lot more in five employees than in one. If done right, each one of them could even not know who the other employees are.
> Are you sure you want to trust your fortune to three or five employees?
I wouldn't trust anyone with my precious coins :p. I'm just saying the same way we (supposedly) decentralize control on nuclear bombs, we can decentralize control on bitcoins. I feel safer knowing that no single soldier can launch a nuclear bomb, even if I don't have any control over that.
What happens if one of the five employees loses their key? Aren't you increasing the risk of bricked coins with each signature that you require? Do you really want your coins to be at risk of brick by three or five CoinBase employees?
Then make the scheme 4 of 5, or 3 of 5. Besides, the company could keep a backup of the keys in physical locations, and secure them with traditional physical security.
> But since Coinbase is claiming 98% of coins are stored offline, that means at least 98% of users aren't using multisig.
Almost... you should say instead: "that means at least 98% of coins aren't using multisig" because without having their internal account metrics it is wrong to assume to that 98% of Coinbase users deposited 98% of BTC at Coinbase...
> . . . to me Coinbase has always been just another Rails startup (not necessarily a bad thing, but they made tons of mistakes typical of having web developer talent only).
Re-read that with the word 'internet' in place of the word 'Rails.'
I read it as "a bunch of front-end devs who have no idea what the back-end is doing."
Which, in many cases, is A-OK. If lots of developers don't ever learn to write their own SQL queries, that's not that bad. There are lots of things to learn out there, and by necessity any professional is going to have lots of stuff she doesn't know. Doctors and lawyers specialize out the wazoo.
But when it comes time to realize that you had the wrong version of SQLAlchemy installed and now strangers can pass in arbitrary SQL code via any LIMIT parameter you exposed, and you are sitting there wondering "huh? whu?", well, that's probably not the end of the world for your cat-picture site. But if you are handling money, you need to know what's going on.
For example: You can only have so much security if you don't have security experts. Same with every other area. I don't remember the details now, but their first iterations were pretty lame.
The insurance situation confuses me. The linked page seems to indicate that only their online coins (i.e. 2% of the total) are insured. If I then click "Read More" I get: "Coinbase is insured against employee theft and hacking in an amount that exceeds the average value of online bitcoin it holds at any given time." I think this means that the 2% is not insured, but that the 98% in offline storage is. What's going on?
"Coinbase is insured against hacking, internal theft, and accidental loss in an amount that covers maximum value of bitcoin we hold in online storage at any given time."
"Coinbase is insured against employee theft and hacking in an amount that exceeds the average value of online bitcoin it holds at any given time."
Those statements seem mostly consistent to me. The only question is whether the insurance is always more than is in their hot wallet, or exceeds the value on "average" (whatever that means).
I suspect it would be difficult to guarantee the insurance would always exceed the value of online bitcoins, perhaps because the insurance is issued on the USD value and prices can fluctuate wildly, or perhaps because they can't predict when large deposits will be made (though I'm unsure if deposits go directly to hot or cold wallets)
I got confused between what kinds of losses the insurance covers versus how much it covers. Details in the reply to your sibling comment. I see what it means now.
Just looking at what you've quoted, I don't see what is confusing. Both statements say that the 2% that is stored online is insured. Specifically, in an amount that exceeds the average value at any given time.
That average bit is a bit nebulous, but it doesn't make me think they are insuring the 98% but not the 2%.
How could they lose online bitcoins beyond what they actually hold? Is the idea that if they normally hold X, and one day they hold 2X and it gets ripped off, they can get X back from insurance? Sounds pretty worthless if that's all it is.
Edit: OK, I see where my confusion lies. I kept thinking that "insured... in an amount that exceeds the average value" means that they the insurance only applies to losses that exceed the average value, but they mean that the amount of insurance coverage is greater than what they typically hold in online storage, so insurance should cover any possible losses of online coins.
In that case it all makes sense, although it seems crazy that their offline coins aren't also insured. (If offline means there's little risk of loss then the insurance should be cheap, right?)
I am just a regular guy, but I would guess it would be super expensive and borderline impossible to insure offline coins.
(a) Who in the "custom" insurance business would be comfortable with that and find it to be worth their time? Why not stick with well-understood risks, like insuring throats, fingers, humongous diamonds, and stuff like that?
(b) More importantly, stealing bitcoins that are insured is almost the perfect crime. There is too much of an incentive for the insuree to steal the bitcoins and claim insurance.
I do think these things could be overcome by an enterprising insurance agency, but insuring a huge amount of bitcoins is still going to be extremely costly.
b) it may be expensive, but most likely cheaper on a pro-rata basis than the online coins. If it's "cost-prohibitive" offer it as a market driven "add-on" service. Two products, insured and noninsured.
Your arguments apply equally well to that which is insured, unless I Am misunderstanding something somehow.
a) the same person would need to be able to take almost 50x as large a loss
b) I don't think that makes sense because I don't think having insurance for offline coins is something reasonable people are worried about, except a very, very small number. I think it's something people are bringing up to criticize Coinbase because they want to find ways to criticize them.
a) That's true but I don't think it matters here. Coinbase is small fry. Heck, all of Bitcoin is small fry. There may be theoretical cases where that insurance is impractical because of this, but there should be no problem finding an insurer that can fully insure Coinbase. For example, I'd wager that Coinbase's total assets are less than the cost of a new A380, and airlines have no trouble insuring their airplanes.
b) Why is it unreasonable to want insurance for offline coins? They're safer but they're hardly going to be invulnerable. Collusion, theft, or accidental loss can still happen. I'm not trying to find ways to criticize them (I have pretty much no opinion about them aside from what I've seen here, and a single Bitcoin transaction I tried with them once that went completely smoothly), I just find it weird that a financial company would go to such lengths to point out that they're insured, but only insure 2% of their total assets, to the point where it sounds dishonest to me.
a) yeah, but if coinbase and bitcoin are successful, that won't be true for long. I'm sure those guys are hoping Wall Street money will start coming in. If the bitcoin price spikes again, they may then have to stop being insured, which is worse than just not having it. Still, fair point.
b) Why unreasonable? Because only a really foolish person would keep a humongous amount of value stored on an exchange. There just isn't any reason to use an exchange like a bank exept laziness. The only exception here would be market makers and maybe big-time day traders who actually have a reason to keep a ton of money on the exchange at all times. Of course, those are the most valued partners/customers for an exchange. I would think it would make sense for Coinbase to make deals with such people to give them "priority" in case of any solvency problems, or to ensure them somehow on an individual basis, but I don't know for certain that that is legally viable.
So in my point (b), in some ways, I'm vindicating what you are saying. But still, for the vast majority of people in bitcoin-land, there is no reason to have more value stored in Coinbase than what you need to do whatever you are doing.
For example, for me personally, if I transfer $10k to Coinbase, I'm not paranoid enough to be worried about their offline coins being insured. And I wouldn't transfer a large enough amount of money to really impact me financially regardless. At least, not all at once; if I really wanted to do that, I would do it in stages.
The fact is, consumers behave in foolish ways, and it's up to Coinbase to protect them. Yet their default protections don't. In fact, Coinbase advertises the opposite: their advertising about "insurance" gives a false sense of security.
You're smart. That's good. I wasn't, and I suffered for it.
There just isn't any reason to use an exchange like a bank exept laziness. The only exception here would be market makers and maybe big-time day traders who actually have a reason to keep a ton of money on the exchange at all times.
Not even big-time day traders. I was a day trader, and the reason to keep money on the exchange was because it took a long time for a deposit to be recognized by the system. Longer than the market opportunities existed. As far as I know, this is true for almost all exchanges due to bitcoin requiring several minutes to confirm transfers. That's why people keep a large amount on exchanges.
I'm an aspiring trading tech nerd and would love more details on how this was built --- particularly, how it was tested. What kind of test data used? How were test orders matched and executed? Were there simulated traders on both ends?
I've actually seen how this is done on a couple major US exchanges and was surprised by how minimal the tooling was. It created major (but fun) challenges for security testing.
I can't speak as to how coinbase tested their specific exchange, but having written 4 trading systems and some exchange code, I can probably answer many of the questions you have.
could I ask a quick question here ? I have written a few ecommerce payment carts and reconciliation systems - I have built the maker checker processes and batch processes that account for refunds/erroneous txns, etc.
I have two big specific questions in exchanges :
1. injecting new inventory - But I could probably think of an exchange built using a couple of queues in rabbitmq and a few python workers... but this will not give me subsecond latency. What would you choose to build a super low latency eventing system using current off-the-shelf components ?
2. the order matching system. does the choice of programming language make a difference ? probably the matching system is where you need strong type checking.
I suppose that the maker-checkers and EOD reconciliation remains the same.
@tptacek - I dont understand your question about testing. do you refer to testing of sub-microsecond latencies/race conditions ? Is there even a way to simulate that (Jepsen?)
Alabama, Arkansas, Delaware, Georgia, Idaho, Iowa, Kansas, Mississippi, New Hampshire, New Jersey, North Dakota, Puerto Rico, Washington, West Virginia
Sounds like they haven't updated that page because I was able to login and I'm in NYC.
Alabama (AL)
Arkansas (AR)
California (CA)
Delaware (DE)
Georgia (GA)
Idaho (ID)
Illinois (IL)
Indiana (IN)
Iowa (IA)
Kansas (KS)
Massachusetts (MA)
Mississippi (MS)
Missouri (MO)
Montana (MT)
New Hampshire (NH)
New Jersey (NJ)
New Mexico (NM)
New York (NY)
North Dakota (ND)
Puerto Rico (PR)
South Carolina (SC)
Washington (WA)
West Virginia (WV)
Wisconsin (WI)
The USD Wallet List is the list of states in which they claim to have licenses. The list at https://www.coinbase.com/legal/licenses seems to be the list of where they actually do. I checked NY and CA yesterday, and Coinbase isn't a listed money transmitter in either state.
Such pseudo-compliance is troubling. It suggests other problems. Remember, over half of Bitcoin exchanges have failed, usually taking user deposits with them.
> The USD Wallet List is the list of states in which they claim to have licenses.
No, it's the list of states that the wallet supports. Essentially, it's a list of states in which they believe they have the right to operate legally. Several of those states listed, for example, have no money transmission license requirements.
And I believe NY has said that any enforcement will only happen after the Bitlicense is in place.
I'm sure Coinbase has problems we're not aware of (any rapidly growing business does), but they're clearly striving for legal compliance, arduous and farcical though those legal requirements may be.
The legal requirements are hardly "farcical", considering the "take the money and run" business practices of the more than half of Bitcoin exchanges that have gone bust. California does have requirements for money transmitters, and Coinbase is not on the list. The list: (http://www.dbo.ca.gov/Licensees/money_transmitters/money_tra...).
The list on line is current. I just called the California Department of Business Oversight to check. Coinbase is not a licensed money transmitter in California. (When I mentioned Coinbase, the Business Oversight asked "did you just call about that"? I hadn't; others are asking them about Coinbase.)
Trying to run an exchange with just a money transmitter license is sleazy. Especially for a business hiding behind a mail drop in SF's homeless district. They need to be a registered broker/dealer to be taken seriously.
Today, the California Department of Business Oversight issued a warning on Coinbase:
“Numerous press accounts about Coinbase’s Jan. 26 launch of Coinbase Exchange erroneously reported the Exchange has received regulatory approval from the State of California. The California Department of Business Oversight has not decided whether to regulate virtual currency transactions, or the businesses that arrange such transactions, under the state’s Money Transmission Act. California consumers should be aware Coinbase Exchange is not regulated or licensed by the State.”[1]
Let's hope they aren't using MongoDB to power the exchange platform. The Coinbase careers page seems to suggest they still use MongoDB[1], though to be fair, it also lists postgreSQL (I'm only aware of Toshi[2] using postgreSQL at the moment).
I'm not saying it'd be impossible for MongoDB to be used effectively for a trading platform, but it'd be a lot more difficult than other options.
Not trying to spark a debate here about MongoDB (it's great for certain applications). This has, however, been brought up previously as a concern about Coinbase (and they've denied accusations of lost money relating to it). Whether or not it's actually been a real problem in the past, I believe the concern is still valid.
EDIT: Downvoters - care to explain why such a key piece of infrastructure for an application like this isn't a valid topic for discussion, or at least why my opinion isn't valid?
Yeah it's an odd choice considering they cannot be at a scale where they'd need the supposed benefit of sharding. Any real ACID database would work fine. Not that this means they have problems, just that they need more code to deal with things they could trivially have their DB enforce otherwise.
Verifying my identify by asking me cross streets near residences that I haven't lived since I was 2 or 3 years old is a REALLY poor way to establish what my identity may be, especially since I have previously verified my bank account.
I promptly failed it, and was told to wait 24 hours.
What kind of child has the spatial awareness to memorize cross streets near their first homes at that age? I could have perhaps inquired with the folks who owned those houses when I was a child (my parents), had the queries not been partnered with a 4 minute timer..
This identity verification is nearly as bad as coin.mx's random address lookup verification, but at least that one fails me all together without making me guess at cross streets like an ass.
Grrrr, not available in TN. Of course. What specifically should we petition our representatives for? What kind of licensing does Coinbase need? Money transmitter, currency exchange, etc?
Using Google Chrome, I had to turn off "Click to play" Plugins and switch back to the default of "Run all content" in Chrome's Content Settings, otherwise visiting https://exchange.coinbase.com/trade (while logged into my Coinbase account) showed nothing but a blank page with a background color (i.e., there were no grey boxes where I could "Click to play", as I would've expected).
But they will charge a 1% fee on the exchange, which in this case would be 2.78. Another difference (I think) is that they often cancel your order as brokers (many people have complained of buying, and then when the price goes up Coinbase rejects their buy order), but not as exchange.
/trade was initially a blank page, but after allowing both gravatar.com and olark.com to run 3rd party javascript, it loaded up. It seems that blocking them again after loading the page once doesn't affect it.
The exchange currently trades BTC-USD, which means you must have a USD balance, and for that to be allowed you must be in one of the above listed states. If you live in a state which is not yet supported, you can write to your state representatives and let them know your wishes.
You need to provide an address in a supported state. The fact that they tell you up-front based on your IP before you waste your time signing up is just a convenience they are doing you.
Consultant to a competing exchange in an unofficial capacity here.
My impression is that Coinbase is basically operating in their previous (non-exchange) business in a manner that is not at all to the letter of current US law; the 'beg for forgiveness' model. A lack of regulatory enforcement of their position, combined with expansion in to other business areas basically points toward the corruption of the US regulatory system. At this point I'd bet that some calls using pre-established relationships between their investors / board members and regulators are going on. This is the reason why other companies do not like doing business in the US: government meddling / selective enforcement, arbitrary decisions, painfully expensive/slow moving licensing and approvals processes, ultimately resulting in an unfair market.
On both sides of the Atlantic, it is only a little overstated to say that we preach individualism and competitive capitalism, and practice socialism. - Milton Friedman, 1994, from the introduction to The Road to Serfdom by F.A. Hayek.
Cool! I've place a sell order for 0.94495180 at $300 ... lets see if it fills... A few things I noticed that could be improved.... 1) an easier way to enter orders for qty and price (like a way to copy my BTC balance to the sell box or a dial) ... 2) I didn't like the price indicator on the right of the chart, how it jumps around when you mouseover the chart its confusing... the price should follow the cursor and the rightmost price should show the current price
I'm wondering what the lifetime of an order is. On the stock market, many orders are canceled if they're not fulfilled in that trading day. An exchange like this works a bit different. Could anyone shed some light?
Yes exactly, I'm wondering the same as well...stock trading platforms generally have "good to cancel" GTC or expires at the end of the day, I'm assuming GTC??
Why would they insure the online bitcoins, or at least--why do that without insuring the offline bitcoins?
The offline bitcoins are more secure, by almost any measure, and so should be easier and cheaper to insure. Further, they're the overwhelming majority of the bitcoins, and a 98% loss would sure hurt worse than a 2% loss.
Insurance prices are usually based on the maximum possible loss as well as the probability of loss. Insuring only the online bitcoins means your maximum loss is 50 times less than if you had insured all. Insurance will be much cheaper.
You argue that the probability of loss of the offline bitcoins should be much smaller, but I don't think insurance companies will go along with this argument. Insurance companies are skeptical and conservative by nature. And they have absolutely no trust in human beings. And from the point of view of human intervention offline bitcoins are about as vulnerable as online ones.
Probably insurers don't have enough cryptography expertise have a hard time quantifying the difference between the two types, pricing all insured Bitcoin types in a similar way.
I see many comments about what's wrong with Coinbase. What would a secure bitcoin exchange look like? A few of the features have been thrown out, e.g., little or no hot storage, two-factor authentication, (some) insured deposits, multisig-protection, decentralized services, etc.
Wow, just looked over the API, this api method GET /currencies, gives me hope that in the later future Coinbase will provide exchange rates for foreign currencies. That would be amazingly awesome!
The site looks good but seems to have a ton of stability issues. The order book keeps blanking out and when I tried to deposit some money, it froze. I think I'll just stick with Circle for now.
If you want Coinbase Exchange in Ohio, you should write to your elected representatives and discuss it with them. You can find a list and a map of them here: https://www.govtrack.us/congress/members/OH
Completely off topic and likely to be downvoted (ugh)... but those stock blue buttons and website format is being used more and more for for vaporware type products/projects... I noticed today that I get an immediate negative reaction to seeing this style.
Anyone else think bootstrap stock format (is that what this is?) has turned into a negative connotation?
Are you saying that because of your knee jerk negative reaction to the default bootstrap styles that you think that you might be having a negative feeling about Coinbase's site? That's kind of interesting given that obviously Coinbase has a legitimate design team.
I try to be forgiving about the use of bootstrap with the default styles when it is obviously an experiment or new side-project (as I've done it myself more than once) but I think there is a part of me that can't help but have a little negative reaction to it.
> Anyone else think bootstrap stock format (is that what this is?) has turned into a negative connotation?
For the very small proportion of the population who both are designer/developers and care about it, perhaps.
For the general public, it's no different than the fact that many apps on their computers and smartphones share similar looking UI elements and they really don't care at all.
>Anyone else think bootstrap stock format has turned into a negative connotation?
Yes, but that isn't the case with Coinbase. Blue is their chosen brand color so they use it everywhere. Bootstrap just happens to also use blue by default so now blue buttons have become synonymous with it.
Yea, that's actually what I was thinking from your comment and the response. Something to consider though, has your target market seen many stock bootstrap sites. Unless you are targeting other developers, chances are they have seen stock bootstrap far less than we have. I've shown a lot of "regular" people sites I spun up using bootstrap with just slight changes and I've actually gotten a lot of comments about how nice it looks. My assumption was that they had no idea what Bootstrap from Twitter was and had seen very few sites that employed it.
When marketers advertise in bad faith, you could end up with a bad product. In this case, however, you could end up losing your money.
Unless you have multisig control over your coins, do not put large sums into this exchange unless you want to lose your money.
98% of customer bitcoin is stored entirely offline.
This means the vast majority of users don't have multisig control over their coins, since multisig-protected coins can't be put into offline storage.
Let's recap Coinbase's technical problems over the years:
Here's someone who sent $35k to Coinbase and never received coins until they made a big deal about it on HN: https://news.ycombinator.com/item?id=6929705
Here's someone with the same story, but $10k instead of $35k: https://news.ycombinator.com/item?id=6933360
Here's Coinbase leaking emails and full names: https://news.ycombinator.com/item?id=7507493
Here's a Coinbase engineer saying "there are a few lingering issues" in response to transactions being delayed for days (sometimes over a week) and BTC not being able to be withdrawn: https://news.ycombinator.com/item?id=5427985
And now they're trying to pretend like your coins are completely safe. They're not. If Coinbase becomes insolvent and goes bankrupt, you won't get your coins back. It happened to Mt. Gox, it sucked for me, and if it happens to Coinbase it's going to suck for you.
Don't put more than a few bucks into this, or whatever you're comfortable with losing.