>"We will be depositing funds into your account equal to the value of the currency improperly removed from your account at the time of the incident. Some customers have already been reimbursed -- we will ensure all customers affected receive the full value of what you lost. You should see this reflected in your account no later than today."
I sympathize with the "Not your keys, not your coins" crowd, but you have to admit that you are far more likely to be compensated in the event of an attack if you are using a large exchange. Not guaranteed, of course, but Coinbase has an image to maintain.
I also believe, personally, that a large exchange has much better security than anything I could muster with a hot wallet. Yes, I know I can airgap a cold wallet but I like the ability to quickly sell some amount of crypto at market rates without having to transfer from a paper wallet. I also worry about physical security since my home has been burglarized before. Therefore, I keep my coins on exchanges and follow good practices with 2FA across my accounts (no SMS for any) and have withdrawal delays / whitelisting active.
Wonder how many people follow this reasoning to the next logical conclusion and realize that there is literally nothing to differentiate the coins at all from regular banking except for the lure of speculation.
I am a cryptocurrency enthusiast/advocate, but I've come to the realization that "being your own bank" is actually a terrifying and merciless burden. One small mistake has the potential to wipe you out and there is no way to get your funds back.
Despite all the criticisms that come with "the banking system", banks do provide a lot of value to individuals. It is completely understandable that people would want to wrap their decentralized currency inside of a centralized system (exchanges, custodianship, IRAs, etc.) for the benefits that having a bank-like organization can provide.
There are hybrid systems which offer the best of both worlds. For example, the open source Muun wallet uses a 2-of-2 key system[0] in which Muun only has access to one of the two keys so, unlike a traditional bank or a custodial exchange like Coinbase, they can't spend any funds without your signature. Your Muun wallet app also only has one key, so authentication with the Muun service is necessary to complete transactions—this allows Muun to disable the wallet in the event the phone is lost or stolen, by refusing to countersign its payments. A recovery code kept offline, on paper, allows you to set up a new Muun wallet and recover your funds in the event that the phone holding the original wallet becomes unavailable for any reason. Finally, for complete self-custody you can export a PDF with encrypted versions of both keys plus some additional data ("output descriptors") which, together with the offline recovery code, can be used in an emergency to transfer your funds to a new wallet without any involvement from Muun.
This does involve using a centralized service to an extent, but the amount of trust you are asked to extend is limited. They can't unilaterally take your funds, and they can't stop you from moving them to another wallet which you fully control. At the same time, you can safely use the wallet online with the additional convenience and safeguards provided by Muun, and it would be difficult to lose your funds permanently from "one small mistake".
That backup defeats the 2 of 2 multi-sig, though. Users really still are their own bank in this model. If their backup is stolen, the thief can empty their wallet. It’s just not kept online. Not much different from using a hardware wallet in that respect.
> That backup defeats the 2 of 2 multi-sig, though. Users really still are their own bank in this model.
As I said, it's a hybrid—so it has some elements of "being your own bank" as well as elements of a custodial system. The point of the multi-sig model is to allow the wallet to be used for day-to-day transactions like a "hot" wallet or a custodial exchange without the risk of carrying the complete keys everywhere on an Internet-connected device and without giving up control over the funds. The backup and the 2-of-2 multi-sig each serve important functions; neither "defeats" the other.
> If their backup is stolen, the thief can empty their wallet.
And no one ever has their traditional bank account emptied due to poor password hygiene or a vulnerability in the bank's 2FA system? Transferring custody to a third party doesn't mean you can stop worrying about security. If you don't have something equivalent to this offline backup then it's true that there is one less way for a thief to gain access to the account, but then you risk being unable to prove that you are the authorized owner of the account and losing your funds that way.
> Not much different from using a hardware wallet in that respect.
Hardware wallets have a different set of trade-offs. Personally I don't like to carry mine around with me like a ordinary wallet (or my phone) for use in daily payments. It's probably secure enough that I could do that safely, but there's always the risk of losing it, and for small, everyday payments it's just not as convenient as using an app on your phone. Also, Muun works with the Lightning network, which requires an online component; I'm not aware of any hardware wallets which can fill that role.
That's a reasonable concern. You can easily verify for yourself that the recovery process works, and you can audit the source code for the Android client (and build it from the audited code) to ensure that it handles the keys as advertised. If this were your typical proprietary system then I might be worried, but Muun is pretty transparent.
The biggest potential point of failure, if you installed pre-built binaries from a third party such as Google Play or the Apple App Store, is that it could be updated to a new version which leaks the wallet-side private key. Which is a potential concern with any wallet software you don't audit for yourself. Of course you're also trusting the system software provider (i.e. Google or Apple) to run the application properly, as with any software running on their respective operating systems.
Personally I trust it with funds comparable to what I would normally keep in a wallet for daily use, not a safe or a bank vault. For larger amounts where the inconvenience of cold storage is justified I use a hardware wallet (Trezor).
There are ways to mitigate, such as multisig wallet. For day to day, use a wallet with a small amount. When it's balance runs low, you can replenish the amount from your vault, that requires at least 2 signatures. Crypto is not about completely eliminating trust from the system, but rather being able to choose whom you trust and control, what a trusted party can do.
It’s also amazing how many smart people are completely ignorant of the common and routine failure modes of banks, and why hundreds of millions of people might want an alternative to that.
I just had to physically cross an ocean twice because my bank won’t send wires for more than $25k via their website, and that’s one of the gentler failure modes.
The benefits of the banking system I would propose to be self-explanatory, though your parent comment recaps them well.
It's the reason to do the crypto part at all that's more confusing. Unless of course we all just admit that gambling is unbelievably popular and fun and has been a continued hit throughout human history.
That's why you don't store money in your bank account, you keep it in investment vehicles which also appreciate in value over the long run (not the best inflation foil, but an OK one)
Investment vehicles like the stock market are being propped up by the money printing, so I don’t consider that a good alternative. That’s just a game of musical chairs that stops and usually the poor people and those furthest from the money printer are the ones without a chair.
Read more about Bitcoin and what fixed supply means. There will only be 21 million Bitcoin ever, but the dollars keep being printed en masse. This makes each Bitcoin continually worth more and each dollar continually worth less.
That is the logical conclusion of the institutions, since they are basically crypto banks. However the underlying coins are very different from the underlying asset in a bank, even if their use cases haven't come to fruition and the most common use case is speculation. The use cases that currently exist and are important, though probably not to users in this forum, are borderless transference and the ability to truly own your assets without a governing body or third party institution able to touch them. A significant portion of the world either: lacks institutional banking or is under an authoritarian / corrupt government that could seize their assets just because. Which means the current use cases are incredibly valuable to those individuals. For most users here coins are probably a novelty used for speculation or asset diversification.
I can write code that trades bitcoins without having to ask anyone for permission. Without getting into what Bitcoin will change about banking, I'd say that's pretty different from regular banking.
There are two spectacular use cases: gambling and illicit transactions
That's not snark, those are great use cases, both have thousands of years of popularity behind them and tons of demand.
Hence my parent comment, which points out that when you use the more heavily regulated centralized exchanges like coinbase the one remaining use case is gambling.
In all seriousness, in what way is defi interacting with the non-defi world right now to provide value? I'm not too informed about the space, but from a distance it seems like every defi innovation so far is just building on top of something else in the defi space.
Classic answers like "banking the unbanked in third world countries" don't seem to be shaking out yet.
To ask a different question of traditional banks - where can you do what you can do in DeFi today in traditional finance - without either being an investment bank or a HNW individual?
Does that help? You cannot walk into a bank and ask to put your money to work in the same way that they are already putting your money to work just by holding it in an account with them. At least, not for average people.
You can't act as an "automated market maker" in traditional finance, I'll give you that (to pick one example of something possible in DeFi).
What I really mean is what can do you in DeFi that is connected with the real world? In other words, what can you do other that doesn't fall into the category of using your money to make more money with no effect on the material world?
Examples of things that traditional finance enables that connect to the real world:
- Get a student loan (you get an education)
- Get a car loan (you get a car)
- Get a home loan (you get a house)
- Insure your car or home (perhaps including insurance in finance is a bit broad, but I think it's appropriate)
- Have some claim on the future cash flows of a company that makes real things (public equities)
Obviously traditional finance isn't some bastion of providing "real world" value and resistance to over-financialization. But DeFi seems like pure financialization so far. I suppose the first step is to enable payments (arguably the definition of money is a payment system), but it doesn't seem like that has caught on very much either.
> Examples of things that traditional finance enables that connect to the real world:
An end goal of crypto is to have all financial and ownership services exist on-chain. To conceptualize the real world as somehow forever separate is going to lead to the correct conclusion that DeFi doesn't seem to affect "the real world".
> - Get a student loan (you get an education)
Requires identification.
> - Get a car loan (you get a car)
Requires identification.
> - Get a home loan (you get a house)
Requires identification.
> - Insure your car or home (perhaps including insurance in finance is a bit broad, but I think it's appropriate)
Requires identification.
> - Have some claim on the future cash flows of a company that makes real things (public equities)
Doesn't necessarily require identification. There are cryptos looking to tokenize and fractionalize public/private equities. The equity would exist on chain, not on the private ledgers of banks/clearing houses/brokers/the NASDAQ. You would own your equity via a private key, and not by the say so of Fidelity (e.g.) and the government.
You've listed three types of loans that require you to have some form of identity which allows for the existence of credit/reputation. Until crypto has a functional decentralized identity ((which is being worked on by many)[1], and even has a (W3C draft)[2]) and government recognition, you will likely not see traditional lending products. Doesn't mean it isn't possible.
Insurance also requires identification for reputational purposes, but less for enforcing payments and more for measuring risk.
Crop insurance is a popular use case being investigated for poor rural areas to get insurance. Remember, traditional finance requires massive human capital infrastructure, general civil infrastructure, and minimized governmental corruption to ensure debt repayment occurs. It's may be easier bootstrap insurance from a decentralized network/blockchain + satellite internet, for certain communities.
> An end goal of crypto is to have all financial and ownership services exist on-chain. To conceptualize the real world as somehow forever separate is going to lead to the correct conclusion that DeFi doesn't seem to affect "the real world".
I get this, and I definitely am not suggesting the real world is forever separate. I am somewhat suggesting it currently is though.
> There are cryptos looking to tokenize and fractionalize public/private equities.
Yes, but the ones I'm aware of are entirely doing it on the backs of traditional finance equities.
> Requires identification.
This is a good point and I almost explicitly called it out myself - traditional finance is valuable much because it acknowledges the existence of the individual in society, not as an abstract entity with cash flows.
Solving the identification problem is a goldmine for society at large, not just DeFi. I just find it hard to imagine a suitable solution that doesn't involve trust in the government and other institutions.
I want to make it clear that I am not anti-crypto/DeFi. I think most payment will one day be distributed/trustless at its lowest layer. But I also think that true value (in the "real world") will come when all of the trust built into the rest of society is layered on top.
The cypherpunk crowd on HN seems to be all but gone. Overwhelmingly negative takes on anything crypto-related in favor of... big banks and media conglomerates.
If you know what DeFi is, I don't know how you can arrive at this conclusion. At this moment, you as an average person can not profit with your money in the same way that banks profit with your money. You know what the money in your checking and savings account is actually doing right now, right?
You can verify that one bitcoin you have today will not be diluted by more than a certain amount tomorrow. Value is based on people’s value of the object though, and I wouldn’t necessarily bet on Bitcoin keeping that over the long term.
Yes, but crypto has been a better investment compared to stocks for now about 10 years (if you keep crypto long enough, not day to day trading). Stocks gains are anemic in comparison.
that's like buying a lottery ticket, winning, and saying it was a good investment. Even if your super risky investment ended up paying this time, you still don't have the information needed to be able to pretend that you know that repeating that decision will lead to good returns
I just recently found out about a great cybersecurity podcast called Darknet Diaries (and having been binging it ever since). Episode 9 covers Mt Gox and it goes into detail of timeline of the developers and the numerous breaches. Highly recommended.
All that is to say that Coinbase and Mt Gox were operating in completely different leagues of sophistication.
Coinbase is reimbursing people because there was a flaw in Coinbase. If an individual's computer gets hacked and the hacker drains the user's account, I doubt Coinbase would reimburse.
I sympathize with the "Not your keys, not your coins" crowd, but you have to admit that you are far more likely to be compensated in the event of an attack if you are using a large exchange. Not guaranteed, of course, but Coinbase has an image to maintain.
I also believe, personally, that a large exchange has much better security than anything I could muster with a hot wallet. Yes, I know I can airgap a cold wallet but I like the ability to quickly sell some amount of crypto at market rates without having to transfer from a paper wallet. I also worry about physical security since my home has been burglarized before. Therefore, I keep my coins on exchanges and follow good practices with 2FA across my accounts (no SMS for any) and have withdrawal delays / whitelisting active.