Coinbase Quietly Makes Largest Cryptocurrency Transfer in History

California-based Coinbase is currently the 18th largest cryptocurrency exchange by daily trade volume, sitting just behind Kraken in terms of volume. In what appears to be the highest-value cryptocurrency transfer in history, Coinbase has reported that more than $5 billion in a variety of cryptocurrencies was moved in mid-December. According to the report, the move included around 25 percent of all Litecoin (LTC), 8 percent of all Ethereum (ETH) and 5 percent of all Bitcoin (BTC) in circulation. At the time writing, these figures equate to approximately 15 million LTC, 8.3 million ETH, and 870,000 BTC — making it perhaps the largest absolute transfer in market history. It certainly dwarfs the largest previously identified transaction of 500,000 BTC in May 2015. The reason for the transfer was a relatively simple one, with the exchange moving its funds in cold storage to an even more secure cold storage system — moving funds from its third generation to its fourth generation cold storage infrastructure.

Earlier this month, Coinbase moved 5% of all BTC, 8% of all ETH, and 25% of all LTC in circulation to our next-gen secure cold storage. Here’s how we did it. https://t.co/8TJ6S97BnW

— Coinbase (@coinbase) December 19, 2018

The news comes shortly after Coinbase announced the addition of no-fee Paypal withdrawals, raised more than $300 million in series-E funding in October and listed four additional altcoins to its cryptocurrency trading platform.

Offline Storage Saves Lives

In the context of cryptocurrency, cold storage is the process of storing the cryptocurrency private keys in an offline environment — often detached from any devices capable of accessing the internet. For the typical cryptocurrency investor or enthusiast, cold storage typically means simply holding its crypto portfolio on an offline wallet, such as a hardware wallet or a paper wallet comprised of just the private key and public key printed on a piece of paper. Generally considered to be the safest method of storing cryptocurrency, cold storage has quickly become the storage method of choice for those with a high worth cryptocurrency portfolio. The offline storage of private keys protects the balances from hacks and theft that are typically only made possible because of the internet. To date, more than $2 billion has been lost due to theft, brought about through a variety of different exploits and hacks. Most commonly, lax security over user funds is to blame, with the vast majority of stolen funds being taken from exchange hot wallets.

Storage at Absolute Zero

Coinbase, like the vast majority of modern cryptocurrency exchanges, uses cold storage to protect user funds from theft. According to the company, Coinbase typically keeps around 98 percent of its funds in cold storage, with the remaining two percent kept in a “hot wallet” to allow for instantaneous withdrawals. When the exchange first started out with cold storage, its methods were rudimentary, with its first cold storage system simply being the storage of private keys on several USB thumb drives locked away in a safety deposit box. Since then, however, Coinbase has taken the concept of cold storage a step further, not content that a simple safety deposit box would be sufficient to store the billions of dollars it currently holds in user funds. By the fourth version of its cold storage protocol, Coinbase had massively stepped up the bar of security, making it practically impossible to compromise. The latest version of its cold storage protocol implements as much randomness as possible and involves several security steps aimed to minimize the possibility of collusion, glitches, and weakness. The pipeline for the key generation ceremony is described as follows:

1. The Coinbase team pitch a tent in a randomly selected location and set up two brand new laptops that have had their wi-fi card and storage drives removed to a shielded power supply.
2. A coin is tossed which determines which of these laptops will be used to generate the private keys, and Linux is booted up on the chosen laptop via a USB drive.
3. The private keys are generated and divided into several fragments using Shamir’s secret sharing, a method of splitting private keys that enables the full keys to be reconstructed even if some of the parts are lost.
4. These keys are saved as QR codes and printed, before being put into binders and locked away in a secure vault. The laptops used to generate and print the keys are destroyed to prevent any data recovery.
5. Key holders are geographically dispersed and have their identities verified during the key signing protocol.

In our limited experience, the Coinbase cold storage protocol is the most thorough we have yet seen and should be sufficient to protect user funds against almost every conceivable scenario. We are, however, left wondering whether other exchanges are taking such precautions with user funds. What is your opinion on cold storage? Are there any additional layers of security you would like to see exchanges implement? Let us know your thoughts in the comments below!