Regarding CB ACH, They had/have a huge exploitable hole in their ACH system that a friend discovered by accident. Long story short, they credited them for a large sum that they never took from his/her account. I won't put the exact detail of how to trigger the error but suffice it to say it was shocking to learn how a system that deals with large sums of real money could fail in such a way (and likely in a repeatable manner although my friend didn't try as repeating it would likely be seen as stealing).
It's really quite shocking how a ecosystem that touts decentralization has a glaringly centralized failure point - the fiat exit exchanges. When one or two of them goes, it will bring down the whole house of cards. And given how shitty CB's software was (or maybe still is) I just hope I can get my gains out before the whole thing comes crumbling down.
So your friend is benevolent enough to not trigger the bug again because it would be wrong, but not benevolent enough to report the bug to Coinbase? Right...
Coinbase code is still horrible. I have found couple of bugs/failure points in their code, but Fred Erhsam was a jerk to me so I don't feel like reporting these issues to CB.
It's really quite shocking how a ecosystem that touts decentralization has a glaringly centralized failure point - the fiat exit exchanges. When one or two of them goes, it will bring down the whole house of cards. And given how shitty CB's software was (or maybe still is) I just hope I can get my gains out before the whole thing comes crumbling down.