[sillysaurus3]

Well, the goal of multisig is to retain control over your own coins. If someone can take your coins offline, then you no longer have control over them.

Here's an explanation of multisig: https://bitcoinmagazine.com/11108/multisig-future-bitcoin/

Multisignature escrow works as follows. When Alice wants to send $20 to Bob in exchange for a product, Alice first picks a mutually trusted arbitrator, whom we’ll call Martin, and sends the $20 to a multisig between Alice, Martin and Bob. Bob sees that the payment was made, and confirms the order and ships the product. When Alice receives the product, Alice finalizes the transaction by creating a transaction sending the $20 from the multisig to Bob, signing it, and passing it to Bob. Bob then signs the transcation, and publishes it with the required two signatures.

In this case, Bob is Coinbase and Alice is you. Alice plus Martin always retain control over the coins, so Bob alone can't take them offline.

The way that a multisignature wallet works is simple. Instead of the Bitcoin address having one private key, it has three. One private key is stored semi-securely, just as in a traditional Bitcoin wallet. The second key the user is instructed to store safely (eg. in a safety deposit box), and the third key is stored on the server.

Basically, the user would be the one storing it in offline storage, not Coinbase. But since Coinbase is claiming 98% of coins are stored offline, that means at least 98% of coins aren't using multisig.

EDIT: Thank you to kanzure's comment below. Updated.

[jafaku]

The goal of multi-signature is to decentralize the ownership (or control) of the coins. In the case of Coinbase's offline storage, they could very well be using multi-signature (and they probably are) so that no single employee can run with the coins. Instead, every time they need to refill their hot wallet, the three or five or whatever employees needed to sign the the transaction have to agree and provide their signature.

Edit: Actually, apparently they aren't using multi-signature internally: https://news.ycombinator.com/item?id=8948337

[sillysaurus3]

I agree that Coinbase itself should be using multisig, but the point of my comment is that if customers themselves aren't using multisig, their coins' fate is completely in Coinbase's hands. And Coinbase multisig won't save those coins from tech problems, willful theft, or a breach in their security model. Multisig offers you no benefits if you're not the one in control.

Are you sure you want to trust your fortune to three or five employees?

[jafaku]

> Multisig offers you no benefits if you're not the one in control.

That's a little extreme. I would trust a lot more in five employees than in one. If done right, each one of them could even not know who the other employees are.

> Are you sure you want to trust your fortune to three or five employees?

I wouldn't trust anyone with my precious coins :p. I'm just saying the same way we (supposedly) decentralize control on nuclear bombs, we can decentralize control on bitcoins. I feel safer knowing that no single soldier can launch a nuclear bomb, even if I don't have any control over that.

[jsprogrammer]

What happens if one of the five employees loses their key? Aren't you increasing the risk of bricked coins with each signature that you require? Do you really want your coins to be at risk of brick by three or five CoinBase employees?

[jafaku]

Then make the scheme 4 of 5, or 3 of 5. Besides, the company could keep a backup of the keys in physical locations, and secure them with traditional physical security.

[kanzure]

> But since Coinbase is claiming 98% of coins are stored offline, that means at least 98% of users aren't using multisig.

Almost... you should say instead: "that means at least 98% of coins aren't using multisig" because without having their internal account metrics it is wrong to assume to that 98% of Coinbase users deposited 98% of BTC at Coinbase...