Is Coinbase Safe?


A complete guide

Updated 01/24/2020


When you start out in crypto, your immediate impulse is to store your coins on the exchange you buy them from.


Coinbase is one of the well-known and popular places to buy Bitcoins.


Because of this, many people buy their coins there and never move them...but is this safe?


  • Will they keep your coins secure?
  • Will they let you withdraw them?
  • And will they respect your privacy

When you start out in crypto, your immediate impulse is to store your coins on the exchange you buy them from.


Coinbase is one of the well-known and popular places to buy Bitcoins.


Because of this, many people buy their coins there and never move them...but is this safe?


  • Will they keep your coins secure?
  • Will they let you withdraw them?
  • And will they respect your privacy
Find out everything you need to know about Coinbase and its history and security practices in this complete guide.

Introduction

In spite of Coinbase's good record with fund management and suffering no significant losses since its October 2012 launch, there are still reasons to question the exchange’s security and safety.

This article breaks down three perspectives from which Coinbase might be vulnerable to attack or act in bad faith. We attempt to explain why choosing the more costly and inconvenient self-custodianship of your coins is preferable to handing that responsibility to Coinbase.

Ultimately, though, it’s up to you to decide whether you prefer to trust a bank with your Bitcoins, or you’re ready to take the first step towards financial sovereignty with a Billfodl and a hardware wallet.
Here is what we are going to cover in the following chapters - you can click each one to scroll directly to that chapter.

Is Coinbase a Safe Place to Store Bitcoins?

In a blog post from 2016, Coinbase CEO and Co-Founder Brian Armstrong has boasted about storing about 10% of bitcoins available in circulation.

Since then, the number of Coinbase users and corresponding investments has grown so much that the company generated billion dollar revenues just a year later. 

While this might look like a good sign from a functional perspective, there are still reasons to feel doubtful and concerned.
In a blog post from 2016, Coinbase CEO and Co-Founder Brian Armstrong has boasted about storing about 10% of bitcoins available in circulation.
Since then, the number of Coinbase users and corresponding investments has grown so much that the company generated billion dollar revenues just a year later. 

While this might look like a good sign from a functional perspective, there are still reasons to feel doubtful and concerned.

Hacking Coinbase

Just because something is trusted by millions of users doesn’t mean that it’s secure and safe to be your custodian.

At the end of the day, trusted third parties are security holes and the whole point of Bitcoin is to participate in a permissionless system which grants you financial sovereignty.

Bitcoin history shows that titan custodians are bound to fall. 

Though Coinbase didn’t lose funds in its first seven years of existence, its security should still be questioned and scrutinized.

The Bitcoin space still echoes with stories of financially ruinous events on exchanges.
Just because Coinbase hasn't been hacked yet doesn’t mean that it’s invulnerable in the future.

The good record is just an indication of a better performance than the rest. Large amounts of bitcoins being stored in hot wallets for quick trades are perceived as honeypots for hackers.
The scariest part is that malevolent cyber attackers don’t even have to target the wallet encryption of an exchange like Coinbase: sometimes it’s enough to steal the sensitive user data and extort the exchange.

In a recent case, a hacker demanded for 300 BTC after breaking into Binance’s KYC (Know Your Customer) database and threatening to publish hundreds of pictures of users holding their national IDs for verification.

When negotiations failed, the attacker simply dumped the data in a Telegram group and exposed the kind of sensitive information that can be exploited by bad actors. 

Furthermore, as a licensed American company, Coinbase must comply with both federal and state laws. If the US Government decides that bitcoins are illegal assets and all exchanges should freeze funds and stop trading, then it will have to act against the financial interest of its customers.

And even if financial compensations are given in USD (much like the case of the Gold Reserve Act of 1934) in exchange for the seized BTC, you still lose due to receiving a highly inflationary and depreciating asset that can be confiscated and censored by the government.

This is just hypothetical, but not impossible.

How is Coinbase Insured?

Since November 2013, Coinbase has insured user funds through Aon, the world’s largest insurance broker.
Furthermore, on the exchange’s support page it’s clearly stipulated that amounts up to $250.000 are insured and will be returned to customers in the event of a hacking or failure.

While this is definitely great, you should keep in mind that what you’re getting is infinitely inflatable fiat, not scarce bitcoins.

If your bits of digital gold get lost, it definitely won’t be Bitcoins that Coinbase and Aon send you as a form of compensation.

US dollars can be inflated at an arbitrary rate which is dictated by circumstance, while bitcoins are issued according to a schedule and will only exist in a total amount of 21 million.

If you believe in Bitcoin’s success, it’s probably not a good idea to trust Coinbase with your funds. 

Past events are not always relevant for the future, but they can serve as informal education to prevent history from repeating itself.

If you choose to hold your bitcoins on Coinbase, you trust that the company has learned its lessons from the failures of its peers.

On the other hand, if you choose to become your own bank by embracing financial sovereignty, you prove that you have learned the most important lesson about Bitcoin: never trusting third parties with your money.   

Is Coinbase Safe for Mass Withdrawals?

Bitcoin was created as a response to a fiat culture which generates arbitrary inflation rates and fractional reserves (where only a fraction of customer’s money is actually available for withdrawals).

When you go to a bank and request to withdraw a large sum of money, it’s likely that the institution will be unable to make the payment on the spot

Instead, they will enforce a daily withdrawal limit on you.
Bitcoin was created as a response to a fiat culture which generates arbitrary inflation rates and fractional reserves (where only a fraction of customer’s money is actually available for withdrawals).

When you go to a bank and request to withdraw a large sum of money, it’s likely that the institution will be unable to make the payment on the spot

Instead, they will enforce a daily withdrawal limit on you.
A run on a bank during the great depression - everyone struggles to withdraw their money

Coinbase Withdrawal Limits

When you deal with Coinbase, you must be absolutely certain that the exchange is able to let you withdraw the amount of Bitcoins you bought and hold in their custodial wallet.

Right now, there are no restrictions in regards to how much you can withdraw at one time (at least according to Coinbase’s website).

However, you can never tell when regulations get stricter and it becomes very hard to get your coins out of the exchange due to the increased demands and verification.

Your Bitcoin is Subject to International Relations

If you’re a non-US citizen from one of the supported countries and the United States government ends up having bad diplomatic relations with your national government, then it’s very likely for your funds to get frozen all throughout the conflict.

This happened to Iranian users who were trading on Bittrex and who were affected by the sanctions of US Treasury Department’s Office of Foreign Assets Control (OFAC).

They didn’t get a fair deadline to withdraw their coins and could only hope that the conflict ends as soon as possible and the records don’t get rigged.
Conversely, Coinbase operates in over 100 countries and you can never tell when yours gets targeted by the global financial enforcement of Uncle Sam.
As an American company, Coinbase will have no choice but to comply with the orders given to them by OFAC.

Therefore, it’s unreasonable to assume that the exchange will act in your best interest – especially if you’re not an American citizen and your country can get in conflict with the USA.

Proof of Keys Movement

In order to challenge the power that exchanges have over users and revitalize the ideas that Satoshi Nakamoto introduced to the world, prominent Bitcoiner Trace Mayer organizes an annual event which encourages community members to withdraw all funds from exchanges.

The name of this movement is “Proof of Keys”, takes place on January the 3rd (the same day when Bitcoin’s genesis block was mined) and is meant to be a way of keeping exchanges accountable and honest.

Unfortunately, the numbers reported by exchanges were never threatening for their regular affairs, which means that there are still very few individuals who learned their lessons from the Mt. Gox story.

Proof of Reserves Movement

There is also a movement called “Proof of Reserves” which aims to hold exchanges accountable by demanding for greater transparency.
You can read more about proof of reserves here.
In the case of Coinbase, we don’t know for certain how many bitcoins they own, which means that it’s hard to tell whether or not they engage in fractional reserving.

To this day, the only exchange which conducted and passed a proof of reserves audit is Kraken, and the event took place in 2014.

This situation won’t improve if we choose to blindly trust our exchanges, as they are holding scarce money that can’t be restored if stolen.

The blessing and curse of Bitcoin is that all transactions are irreversible, and it’s better to be on the side which uses the feature in a beneficial way for yourself when you become completely sovereign. 

If you’re holding bitcoins on Coinbase right now, it’s better to move them to your own wallet while you still can do unrestricted withdrawals.

In the future, limits may be imposed by financial or political actors beyond your control.

And if you’re not managing your own private keys in a non-custodial wallet like a Ledger or a Trezor, then your coins aren't really yours.

As they say, "Not your keys. Not your coins."

Does Coinbase Protect Your Privacy?

One delicate topic in the Bitcoin space concerns KYC/AML practices.

Ideologically, most bitcoiners oppose such means of data collection, as they are against the pseudonymous nature of Bitcoin.

However, there are also security reasons to avoid the collection of private data: once the picture of your national ID gets uploaded to a server, it contributes to the reinforcement of a honeypot for hackers.
One delicate topic in the Bitcoin space concerns KYC/AML practices.

Ideologically, most bitcoiners oppose such means of data collection, as they are against the pseudonymous nature of Bitcoin.
However, there are also security reasons to avoid the collection of private data: once the picture of your national ID gets uploaded to a server, it contributes to the reinforcement of a honeypot for hackers.
As presented earlier in the article, Binance has had a big issue with a hacker who managed to download the data of hundreds of users and wanted to extort bitcoins from the exchange.

In the case of Coinbase, you really have no choice but to provide the data.

But if your purpose is to buy some bitcoins and get out, then you can also delete your account and request the company to erase your records – which is a net positive for your privacy and sovereignty. 

Furthermore, you should never expect a company to respect your financial privacy in relation to the government.

Legislative changes can happen at any time, and the jurisdiction under which Coinbase operates (the state of California or the Federal Government) can acquire any data at any moment.

This happens a lot in relation to the IRS: in November 2017, Coinbase was ordered to inform the taxman which users have accumulated more than $20.000 in annual transaction volume; within four months, the American exchange also had to send the IRS full personal information and transaction records of users who used the platform between 2013 and 2015. 
If you care about financial privacy as a way of protecting yourself from the actions of a government (which once confiscated gold holdings), as well as the greed of people who might try to rob or hack you, then it’s better to be cautious with your digital footprint and the amount of personal data you put in honeypots like Coinbase.

It’s better to move your coins to your own wallet, run a full node, learn about managing UTXOs, and try mixing your BTC with applications such as Wasabi Wallet whenever you want to eliminate links to the sender and acquire some plausible deniability.

Bitcoin is not entirely private, but Coinbase is a financial panopticon which allows governments to track and surveil the kind of currency that they cannot control.
In a panopticon "a guard can see every cell and inmate but the inmates can't see into the tower." (source)
Speaking of tracking and surveillance, in 2019 Coinbase acquired blockchain analysis start-up Neutrino in order to better track transactions and associate the data with other individuals and entities.

The most concerning issue, outside of the Orwellian nature of Coinbase, is that Neutrino’s founders have connections with Hacking Team – a company whichprovided surveillancetechnology to authoritarian governments that infringe fundamental human rights.
This information reveals a lot about Coinbase’s consideration for liberal values and protection of individuals against state oppression. 

The safest kind of data is the one that isn’t being processed by any kind of third party.

When it comes to Coinbase, it’s better to regard the platform as a necessary evil and a place that you enter and exit whenever you need.

However, it is not recommended to keep your coins on any exchange for reasons that concern your financial privacy and the security of your coins. 

Whenever you are ready to move your bitcoins from Coinbase and enjoy the benefits of financial sovereignty, Billfodl is here to offer you a secure and sturdy way of keeping your private keys offline and away from the eyes of bad actors. Before you make up your mind, find out more about our products. 

Conclusion

How you store your coins is a game of tradeoffs.

On the one hand, storing them yourself requires learning about key management (and that presents its own risks).

On the other hand, while it is easier to let Coinbase hold your coins, in many cases, this defeats the purpose of Bitcoin in the first place.
With our team of experts here at Billfodl guiding you, it is possible to keep your coins safe all on your own.

Let us show you how...

Leave a comment

Comments will be approved before showing up.

x