Hacker News new | ask | show | jobs
by jafaku 4157 days ago
The goal of multi-signature is to decentralize the ownership (or control) of the coins. In the case of Coinbase's offline storage, they could very well be using multi-signature (and they probably are) so that no single employee can run with the coins. Instead, every time they need to refill their hot wallet, the three or five or whatever employees needed to sign the the transaction have to agree and provide their signature.

Edit: Actually, apparently they aren't using multi-signature internally: https://news.ycombinator.com/item?id=8948337
1 comments
sillysaurus3 4157 days ago
I agree that Coinbase itself should be using multisig, but the point of my comment is that if customers themselves aren't using multisig, their coins' fate is completely in Coinbase's hands. And Coinbase multisig won't save those coins from tech problems, willful theft, or a breach in their security model. Multisig offers you no benefits if you're not the one in control.

Are you sure you want to trust your fortune to three or five employees?

link
jafaku 4157 days ago
> Multisig offers you no benefits if you're not the one in control.

That's a little extreme. I would trust a lot more in five employees than in one. If done right, each one of them could even not know who the other employees are.

> Are you sure you want to trust your fortune to three or five employees?

I wouldn't trust anyone with my precious coins :p. I'm just saying the same way we (supposedly) decentralize control on nuclear bombs, we can decentralize control on bitcoins. I feel safer knowing that no single soldier can launch a nuclear bomb, even if I don't have any control over that.

link
jsprogrammer 4156 days ago
What happens if one of the five employees loses their key? Aren't you increasing the risk of bricked coins with each signature that you require? Do you really want your coins to be at risk of brick by three or five CoinBase employees?
link
jafaku 4153 days ago
Then make the scheme 4 of 5, or 3 of 5. Besides, the company could keep a backup of the keys in physical locations, and secure them with traditional physical security.
link