[jerguismi]

Which makes me wonder... The keys are generated in-browser. What if the users computer is compromised, and a malware succeeds in capturing the keys + bip38 passphrase? I don't know if this product will be pain in the ass for coinbase, if the user funds start disappearing from these multisig addresses.

All the best luck for this product, though.

[adrianmacneil]

If the computer is infected, then yes it would be possible to steal both the private keys, and the passphrase. To avoid this attack scenario, we're investing pretty heavily in technologies such as CSP.

However, this can be mitigated with our group multisig vault, where separate users create their own keys. For malware to steal these, it would require infecting multiple computers.

[icebraining]

Seems like the next step would be to allow the users to store their copies on a smart card instead of a PC.

[wcoenen]

Like the Trezor[1] hardware wallet.

[1] http://www.bitcointrezor.com

[icebraining]

Yes, but maintaining the encrypted copy on Coinbase's servers, to ensure that losing the card doesn't mean losing the wallet.

[wcummings]

CSP?

[floatrock]

Content Security Policy -- http://en.wikipedia.org/wiki/Content_Security_Policy

basically headers that can tell the browser not to execute stuff that leads to injection like inline javascript or inline styling, allows for whitelists of domains (so the browser won't run script src="http://hackercdn.com/malicious.js"), etc.