A behind the scenes have a look at the largest (and quietest) crypto switch on report

Coinbase not too long ago moved 5% of all BTC, 8% of all ETH and 25% of all LTC in circulation (amongst many different property) in what we consider is the most important crypto migration on report. Our VP of Safety is publishing the case examine under to make clear the particular methods we construct safety into our platform at each stage — in addition to have interaction with the neighborhood round sharing finest practices for crypto safety.

On the planet of cryptocurrency, safety should be a core worth and high precedence of any group seeking to serve prospects over the long-term. At present, we’re sharing what we discovered from our latest migration of crypto with the broader ecosystem in an effort to construct belief for the whole business.

At Coinbase, our dedication to safety is expressed in plenty of methods, from client safety protections to inside improvement practices to third-party audits and checks. Our most important accountability is the safety of the property that our prospects entrust to us. The gold commonplace of cryptocurrency asset safety is offline, or “chilly,” asset storage. Coinbase shops 98% or extra of our buyer property in our chilly storage system. Coinbase’s chilly storage has gone via plenty of evolutions via the years because the cryptocurrency house has developed and matured.

Final week we efficiently accomplished an on-blockchain migration of roughly $5 Billion (as valued the week ending Dec. 7, 2018) of cryptocurrency from Technology Three to Technology 4 of our chilly storage infrastructure. To our data, that is the most important motion of cryptocurrency (actually in USD phrases, probably in absolute phrases) ever undertaken.


Chilly storage can cowl plenty of storage methods, starting from HSMs to bunkers within the Swiss Alps. Belongings positioned in chilly storage are utterly offline and disconnected from any automated system. As with many phrases in a quickly growing business like cryptocurrency, there isn't any clear commonplace for chilly storage.

Coinbase’s commonplace for actually chilly storage is that a number of geographically separated people in the true world needs to be pressured to carry out bodily actions to allow a transaction after reviewing transaction particulars. If that isn’t true, we don’t suppose it’s truly chilly storage.

Coinbase’s chilly storage has been via plenty of iterations over the past six years. The primary model, as we’ve talked about previously, was keys in a security deposit field.

Coinbase chilly storage, circa 2012

Whereas that was tremendous for again then, as asset values elevated and cryptocurrencies began to diversify, we would have liked to construct a system that ensured broad consensus on actions from chilly storage and will flexibly assist many kinds of property. In our latest version, which initially rolled out with Coinbase Custody and now handles all chilly storage at Coinbase, we begin with a safe basis with a extremely managed and audited key era course of and proceed with a globally distributed key storage and transaction approval system.


This method protects in opposition to key loss, key misuse (together with insider menace and software stage assaults) and helps world class key governance and audit whereas being foreign money agnostic. Which means we will retailer any cryptocurrency utilizing the identical system, with out making compromises within the stage of safety offered to any single cryptocurrency.

The thought of transferring $5 Billion on-blockchain was one we approached with a really excessive diploma of warning. Whereas we consider within the safety of the blockchain, the variety of transferring elements mixed with our absolute accountability to make sure the safety of funds in our custody meant that we would have liked to cowl each doable state of affairs.

We started planning months earlier than the precise transfer date and concerned nearly each crew at Coinbase within the course of. We performed threat assessments, honed monitoring plans and performed check migrations till we had been optimistic that the stay migration would go off and not using a hitch.


One of many dangers we recognized early on within the course of was the potential for our migration to be mistaken for an trade breach or a big dealer making ready to promote a major quantity of cryptocurrency. Both approach, we had been anxious that the market uncertainty would end in worth actions. On the opposite aspect of the equation, we had been anxious that giving potential attackers an excessive amount of discover would allow them to plan for and execute assaults throughout the migration. As soon as we had been able to conduct the migration, we put out a quick blog post to calm fears with out making a gift of an excessive amount of details about our plans. This piece helped steer a major quantity of the ensuing dialogue on on-line boards and in commerce blogs (like this one).

After that weblog publish was out, we proceeded to revive our current chilly storage addresses one after the other, ready till the earlier handle had been swept to the brand new chilly storage earlier than transferring the subsequent handle. This strategy made the migration take longer (it lasted four working days), however resulted in a lot larger assurance that our prospects’ funds had been safe each step of the approach.

In the long run, what all this implies is that we’re persevering with to push the tempo of the business in offering safe, auditable, asset-agnostic offline storage for cryptocurrency. Our prospects reap the rewards when it comes to higher safety, extra assurance and quicker asset additions. This new chilly storage system is a core a part of our technique to increase our asset choices whereas by no means compromising on the extent of safety we offer our prospects. If that seems like an attention-grabbing set of challenges, we happen to be hiring

A behind the scenes look at the biggest (and quietest) crypto transfer on record was initially revealed in The Coinbase Blog on Medium, the place individuals are persevering with the dialog by highlighting and responding to this story.

Leave a Reply

Your email address will not be published. Required fields are marked *