Cryptocurrency exchange Coinbase shops its clients’ bitcoin offline, using an elaborate process that breaks apart encryption codes and stores them on paper.
It has more than 20 million accounts and looks after billions of dollars worth of bitcoin, Ethereum, and other cryptocurrencies for its customers. Now it wants to lure billions more from conventional financial institutions, such as hedge and investment funds.
Coinbase generates the encryption keys that control clients’ cryptocurrency within a tent, which blocks perceptible signs to avoid snooping.
The organization’s pop-up Faraday tent and everything occurs inside is essential to this offering. Realtors are subject to regulations which require them to put clients’ assets with a”qualified custodian.” The Securities and Exchange Commission indicated earlier this year that it is thinking about how to apply this rule to cryptocurrency. Coinbase founder Brian Armstrong wants his firm to be ready. “There’s a lot of institutional money considering the cryptocurrency area,” he says. “But they want a skilled institution to work as a custodian.”
Coinbase’s shielded ceremony is at the heart of that service. Ownership and control of a digital pile of bitcoin or other cryptocurrency comes down to possession of cryptographic keys, one of which might look something like this: 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa. Every now and then, the company pitches its shiny tent inside a randomly chosen secure location in San Francisco to generate and print out thousands of keys. “It takes a lot of a day, and we are in there till it is completed,” says Philip Martin, Coinbase’s head of security. Custody clients transfer their assets to one of the new keys when opening an account.
Martin’s is not the only team hoping to attract Wall Street’s crypto-assets. Some institutions already send their bitcoins to Murray, Kentucky, where a small financial company called Kingdom Trust was early to offer cryptocurrency custody services. Japanese investment bank Nomura started offering its own in May. Bloomberg reported this month that Goldman Sachs is exploring doing the same. A spokesperson for the bank says the company hasn’t decided on its cryptocurrency-related offerings.
Martin and his team came up with their key-generation and storage scheme because, while cryptocurrency transactions use cryptography to prevent the same money from being spent twice, funds are still easily defrauded or stolen. The rise of bitcoin, since its creation in 2008, can be tracked by the parade of heists in which exchanges have been hacked. Computer security company Carbon Black estimates that more than $1 billion of cryptocurrency was stolen in just the first half of 2018.
In conventional finance, transactions such as bank wires can be undone for a period after they take place. Cryptocurrency security has to be more sophisticated because there is no undo function, according to Nicholas Weaver, a security researcher at the University of California at Berkeley. “Because cryptocurrency is oblivious of contemporary fiscal fraud reduction, you simply can not keep it on a web connected computer,” he says.
Philip Martin, Coinbase’s head of security, seals the flap of the tent with metal mesh in its fabric.
This power supply in the tent is designed to hide power fluctuations that could leak clues about what’s happening.
Coinbase’s mechanism for taking internet money off the internet begins with Martin’s security team pitching its tent and running a shielded power supply inside. This smooths out power fluctuations that can leak clues as to what’s happening. Then the team sets up a folding table with a printer on it, and gets to work.
Fittingly, the ceremony starts with the flip of a coin issued by the US Mint. It and everything that follows are captured on video to allow for auditing later. The coin toss determines which of two new laptops with their hard drives and Wi-Fi cards removed will be used to generate the keys.
Coinbase staff boot up a Linux-based operating system on the hobbled laptop from a USB drive. They use custom software to generate new encryption keys that will control customers’ funds, and divide those keys to multiple encrypted bits encoded into a collection of QR codes.
Then the complex but plausible procedure appears to require an unnecessary diversion: The QR codes have been moved onto an Apple laptop. Why? “It’s just way easier printing from a Mac,” says Zak Blacher, a part of Coinbase’s safety team who plays the service.
For the notebook used to create the keys, this is actually the conclusion of the trip –that the unit is destroyed to stop escapes. The newspaper using QR codes is set into binders and kept in a safe centre someplace in San Francisco–in which, in concept, hackers can not attain it. Backups are scattered round the planet on USB and hard drives if, as Martin puts it,”a small asteroid hits San Francisco.”
Concerning the irony of saving billions of money on piles of newspaper, Martin says it is just very good security technology –an evolution of the bank vault, not a throwback. “Cryptocurrencies have a threat model that’s fundamentally different from what’s come before,” he states. “We’re taking the lessons from the past about physical security and blending them with well structured cryptography.”
Clients may request access any time of night or day, but normally recover their funds within a couple of days, which makes it unsuited to slinging bitcoin forth and back minute by minute. (Coinbase has another trading support for institutional investors.) The procedure starts with a customer logging in to Coinbase’s site using a USB security key to ask for a move. The details are assessed by a staff who subsequently need video calls using the approvers recorded in an account, since Coinbase is cautious of people or applications mimicking its clients’ voices. “We wish to understand a live individual and socialize together,” Martin adds.
After that, a quorum of employees known as sages–a name inspired by videogame The Legend of Zelda–verify the request. If it all looks above board, they use encryption keys of their own to inform a team of “librarians” with access to the stored paper that they need to scan the multiple QR codes needed to put the key controlling the client’s funds back together. At last, the money can move.
Alex Lindgren, a lawyer who works with cryptocurrency companies and investors, expects custody services like Coinbase’s to usher additional billions of dollars into cryptocurrencies over the next few years. They will help institutional investors feel more comfortable with cryptocurrency markets, he says.
He also acknowledges that the current technology seems clunky. Lindgren is hopeful elaborate third-party storage services become less important over time, as new mechanisms emerge to trade cryptocurrencies. Just because using and storing bitcoin can be bizarrely complicated today, doesn’t mean it will always be that way. “Carts and horses had been far more effective than automobiles for a little while after [automobiles ] came out,” he notes,”but it it became apparent that was much more practical.