HomeNews

Coinbase Multisig Vault – Multisig Wallet through Coinbase

Coinbase Multisig Vault – Multisig Wallet through Coinbase

Coinbase offers a type of advanced Multisig vault where the users have control of their private keys. This is achieved in a unique way, by generating 3 keys. One is held by Coinbase, one is held by you, and the other is a shared key encrypted with a passphrase. This is one of the only Online wallets i will ever advocate long term storage of funds with, due to how it works.

WARNING: IF YOU FORGET YOUR PASSPHRASE AND LOOSE THE PRINTED USER KEY, YOUR COINS ARE LOST FOREVER, EVEN COINBASE CANNOT RECOVER THEM FOR YOU, AND NO AMOUNT OF PLEADING WILL BRING THEM BACK, NO MATTER HOW BIG OR SMALL THE AMOUNT! USE THESE SERVICES RESPONSIBLY, STORE THE PRINT OUT IN MULTIPLE PLACES AND SET UP ON A SECURE MACHINE. ALSO, AS THESE VAULTS HAVE THEIR PUBLIC ADDRESSES HELD BY COINBASE WITH YOUR ACCOUNT, DO NOT DO OR STORE ANYTHING YOU WISH TO KEEP PRIVATE FROM YOUR COUNTRIES LEGAL SYSTEM, THIS VAULT IS NOT A WAY TO SQUIRREL AWAY MONEY! KEEP IT LEGAL FOLKS!

You print out the vault backup which stores the user key and encrypted shared key (you need your passphrase to move the coins without coinbase). This is more secure than a traditional paper wallet and can be recovered using the multisig recovery tool which is open sourced. You use the vault through coinbase and it has timed withdrawals, you enter your passphrase and it decrypts the shared key client side and signs the transaction. Coinbase wait 48 hours before signing with their key and sends you multiple notifications over this period with a link to cancel at any time.

If your passphrase is forgotten, you can supply the printed ‘user key’. In your writer’s time of using one of these vaults, coinbase had a withdrawal bug, and i needed access to the funds to move house having been saving for a rainy day (and the value increased in that time, cashing out at the peak of the mid-2016 post-halving price rise). Due to delays which coinbase did later rectify (it was a bug in the vault software), i used the user key and shared key (with my passphrase) to move the funds using the recovery tool, see my post here. KEEP THE PRINT OUT and do your utmost best to remember your passphrase, as it saved me a little bit of hassle having control over my keys. It is the ONLY online wallet i will ever advocate using, although you can never guarantee the client side code would stay that way which could help coinbase if they turned nab your passphrase, but for the most part it is more secure than most online wallets but as it is set up client side it must be set up on a SECURE system that is not infected, but once set up you have a ‘paper’ wallet that is more secure than a normal paper wallet, a potential way for family to get funds if you die combining with coinbase’s key with the user key and a way to get funds out if coinbase was bust if you know your passphrase. I would check this with coinbase, however to be sure before using it as a potential option.

I recently used another one as a review vault and to diversify some of my holdings, most of which are on hardware or electrum 2FA wallets, but somehow had mistyped the passphrase twice upon initial set up and was unable to get the coins out while testing (about £30 GBP) (always test a vault or wallet before moving large quantities of coins to it). To recover from this, you can supply the ‘user key’ which I had printed to Coinbase in the passphrase box, who will wait the 48 hours before signing with their key. This was done without anymore effort on my part so having tested both recovery features of this vault in my time, both using the user key and my long passphrase without coinbase and supplying the user key, it works as advertised.

Essentially what you get is control of your keys, and if you forget (or in my case, a stuck key as i later discovered on my old laptop) mistype the passphrase upon initial set up which happened with the above review vault, you can recover using the printout. If coinbase goes bust AND you forget your passphrase to the shared key, the user key alone is not enough as you would need Coinbase’s key, so be aware of this fact. Always as I did test passphrases before moving large holdings to any wallet, as only a small amount of funds were in this vault when i came to testing the passphrase i had just set. And even those were not lost due to the ‘user’ key which i had taken the time to print out.

The 3 keys are as follows:

  1. User (on your print out only)
  2. Shared (encrypted with your passphrase, held by both you and coinbase and only decrypted client side so coinbase never sees the raw key)
  3. Coinbase (held by coinbase only)

 

Move funds with coinbase: 2 + 3 (the usual way), move funds without coinbase 1+2, move funds if you forget your passphrase 1+3. Provided it is set up on a secure machine, malware trying to swipe your coins cannot get at coinbase’s key. If you use the user key, use it on a known trusted system that is clean or an offline system dedicated for transaction signing.

This print-out could help you as a power of attorney or if someone else dies help coinbase sign a transaction combined with the user key to get funds out of the wallets for someone who is deceased. This vault also refuses to allow the setting of passwords which are too weak. During vault creation when it asks you to verify the user seed, don’t just copy/paste it without printing it out, actually print it out a couple of times! This mistake has been made far too many times by uninformed users. The print-out saved £32 GBP of test Bitcoin, which for me is a weeks food shopping. You have been warned, it can happen to anybody, even advanced users. Do not play with encryption unless you will remember your passphrase or have a way to recover if you don’t that does not compromise it’s security. I have yet to forget an important passphrase, but it is the first time I messed up like that mistyping it twice. Good vault service, use it wisely!