Author Topic: Coinbase Multisig Vault Brings Together Security and Usability  (Read 1049 times)


  • Founder of the ColossusCoin Foundation
  • Administrator
  • Hero Member
  • *****
  • Posts: 643
  • Karma: +83/-0
  • Welcome to our ColossusCoin-Forum!
    • View Profile
Coinbase Multisig Vault Brings Together Security and Usability
« on: November 02, 2014, 03:03:22 PM »
The introduction of Coinbase’s Multisig Vault is huge news for the Bitcoin community. Multisig transactions are a cornerstone of Bitcoin security – especially since pay-to-script hash (P2SH) transactions were standardized in Bitcoin Improvement Proposal (BIP) 16. Coinbase is one of the most popular and easy to use ways to get, store and spend bitcoin. Many first-time Bitcoin users will start by buying coins through Coinbase, so making the security of multisig transactions available to these users is good news for everyone that wants to see Bitcoin succeed.

There are many use cases for multisig wallets. Earlier this year, the Copay multisig wallet from BitPay brought an easy-to-use multisig solution to Bitcoin users wishing to share a wallet among several people. Copay differentiated itself from other multisig options — such as GreenAddress and BitGo — by giving users a wallet that does not rely on a third party. Instead, all Copay data is processed and stored locally. The Coinbase Multisig Vault does support sharing keys among several people, but that is not the main purpose the wallet is designed for. Instead, the main point of it is that users do not need to trust Coinbase.

Cryptocurrency Must Be Trustless

While Coinbase has been one of the most popular ways to get, store and spend bitcoin since the service launched, there has always been vocal opposition to online wallets. Trusting third Bitcoin market roundup Coinbase Multisig Vault Brings Together Security and UsabilityBitcoin market roundupBitcoin-market-roundupCoinbaseparties to secure bitcoin funds goes against the very benefits that make cryptocurrency attractive.

Private keys stored on a live server are susceptible to security breaches and abuse by service administrators. So far, Coinbase has proven itself secure and trustworthy, but that is no reason to voluntarily give up the safety and security that defines cryptocurrency. The Coinbase Multisig Vault puts that security and safety back in the hands of users by putting them in complete control of their private keys.

A minimum of three private keys are generated for Coinbase Multisig Vaults. One of these keys is only known to the user, and one of these keys is encrypted with a password. Since two keys are necessary for completing a transaction and Coinbase only knows one key, this means that Coinbase has no control over bitcoins that are stored in a Multisig Vault. Even if a Coinbase server were broken into, hackers could not gain enough information to steal any funds stored in Multisig Vaults.

Not only does this take control of funds away from Coinbase, it also enables Coinbase users to make transactions without involving them. The open source Coinbase multisig tool ( ) gives users a way to send funds to any Bitcoin address without even accessing Coinbase.

Usability is definitely one of the features currently keeping Bitcoin out of the mainstream. Services like Coinbase go a long way towards solving the user-friendliness problem, but they sacrifice some security along the way. The new Multisig Vault does not compromise on usability. If users lose their password, they can recover funds using their private user key. If users lose their private user key, funds can be recovered using their password-protected shared key. If users have trouble with Coinbase, they can conduct transactions using their shared key and user key, without having to deal with Coinbase at all.

Not Perfect But Still Important

For bitcoin users with hardcore security requirements, the Coinbase Multisig Vault is not the perfect solution. Using the Multisig Vault still requires users to trust the JavaScript code delivered to the browser by Coinbase. Along with this, private keys are generated while online; a situation that will never match the security of generating keys on a trusted air-gapped machine.

Despite these drawbacks, the Coinbase Multisig Vault is still a serious development that will contribute to further Bitcoin adoption. Before the Multisig Vault, Bitcoin users either had to put in the time and effort to acquire technical expertise or they had to trust a third party to safely store their funds. With only these two options available, a huge amount of people are left with no practical way to use Bitcoin. Bitcoin early adopters are enthusiastic and technical, but for Bitcoin to grow, it needs to reach a skeptical and non-technical user base. The Coinbase Multisig Vault is a fairly easy to understand bridge between completely trusting a third party and completely trusting your own technical competence.

With any luck, Coinbase will not be the final word on bringing together usability and security. The greater the number of competing online wallets, the better things will be for Bitcoin users. While Coinbase competitors are something to look forward to, the company deserves recognition for fantastic efforts to make Bitcoin available to mainstream users, which benefits everyone in the Bitcoin economy.


October 30, 2014/ by Roger Filie
« Last Edit: November 02, 2014, 03:07:52 PM by Sudo23 »
Donation Addresses:

BTC: 1GGF7vjv1dLEu2oYg9AsRxWavAKSguv6Jh
ETH: 0xbd86fdb353cdc900584ff49c1bed03cecf637f44