Multisignature at Coinbase! – Bits & Pieces #2

In the future, I'll probably avoid writing about two topics so similar, two weeks in a row, but events worked out darn near perfect this time. Last week, I described how multisgnature Bitcoin addresses work and why they are so useful. Just two days later, Coinbase announced a new feature called Multisig Vault. You can now control your own keys when using Coinbase and the company has no ability to run off with your protected funds.

Why It Matters

This is huge. Until now, users have been forced to completely trust Coinbase with their money. While many did so (including myself), the practice is dangerous. You probably remember the MtGox debacle. Coinbase could have easily caused similar problems. In fact, the company could still steal funds, since many users are unwilling to put up the effort to actually create a multisig vault, but at least they have the option.

How It Works

Vaults can be created for multiple users, but most will be intended for an individual. In this case, three private keys are generated and transactions require two signatures. One key is given directly to you, one is held by Coinbase, and an encrypted version of the third is held by both parties. Only you know the password to decrypt the jointly held key, so theoretically, Coinbase should never be able to come up with two of the three keys to sign a transaction that you do not approve.

When you create a multisig vault, you will be asked to save your own key and the encrypted key. Because this is so important, Coinbase will ask you to reenter your own key later, ensuring that you really did back it up.

Most multisig transactions will use Coinbase's own key and the encrypted key to create the two needed signatures. Your own key should generally remain offline and unused, but what happens if Coinbase goes down for some reason? There's an open source tool for that. It enables you to decrypt the jointly held key, combine it with your own, backed up key, and sign transactions without any participation from Coinbase.

It's Not Perfect

One thing that I must say in closing is that this new feature is still far from ideal. Sure, it gets your coin out of Coinbase's reach, but that isn't enough. Your machine still has to be online to generate keys, create your password, etc. At least this is all done in your own browser (not on some server in the cloud), meaning the information should be safe from some attacks, but that still isn't enough. You could easily have a virus that locates your keys or reads them as they are created. Plus there's the matter of actually keeping your own keys safe over time, which can be difficult.

Bottom line: Multisig Vault is helpful and should be used in some circumstances, but there's no substitute for a fully offline wallet created by fully offline hardware. Those keys are friggin' hard to steal.

Leave a Reply

Your email address will not be published. Required fields are marked *