It’s common knowledge throughout the cryptocurrency community the safest and most secure way for individual investors to store digital assets is via cold storage. This is either through a hardware wallet like the Ledger S Nano, an air-gapped Linux-based computer, or a paper wallet.
However, according to a new exposé from Wired, leading cryptocurrency exchange, San Francisco-based Coinbase, uses similar cold storage methods, albeit with a few extra advanced security techniques to ensure assets stay safe from cybercriminals.
Coinbase Private Key Generation Process is in Tents
Wired journalist Tim Simonite was invited by Coinbase to witness what he calls “an arcane ritual intended to bewitch Wall Street and help it fall in love with cryptocurrency.”
“I am transfixed by the plummeting signal strength on my phone as employees of cryptocurrency exchange Coinbase close the flap of the stuffy silver tent I’m standing inside,” he writes. “The fabric walls enclose a cubic space about 8 feet across and contain mesh that functions as a Faraday cage, which blocks electromagnetic radiation. By the time the tent is sealed, my connection to the outside world has drained away to nothing. Now the ceremony can begin.”
Because the private keys to digital assets are ironically kept safest when stored offline, and because Coinbase has “more than 20 million accounts and looks after billions of dollars worth of Bitcoin, Ethereum, and other cryptocurrencies for its customers,” the firm must take additional steps to prevent potential theft from occurring.
One such step, is using a Faraday tent, named after Michael Faraday who first discovered the underlying principles behind electromagnetic induction, diamagnetism, and electrolysis. The aptly named Faraday tent is a shielded tent designed to block electromagnetic signals from escaping and being intercepted by cybercriminals. It’s in this tent where the company securely prints the private keys for its investors.
Coinbase chooses a secure location to erect the tent at random, and runs a shielded power supply to reduce power fluctuations that could provide insight into what’s transpiring inside the tent to onlookers. Beyond that, there’s only a folding table, a lamp, a printer, and two laptops. One laptop runs a Linux-based operating system from a USB drive. The other, is a Macbook that Coinbase uses to print private keys transferred over from the laptop running Linux because, according to Zak Blacher of Coinbase’s security team, it’s “just way easier printing from a Mac.”
The process, which Philip Martin, Coinbase’s head of security, says “takes most of the day.” It begins with a coin toss to decide which laptops are being used in the ceremony and ends with Coinbase storing the freshly printed private keys in what Wired calls a “reimagining of the bank vault.” The laptops used during the process are destroyed after everything is completed to prevent data leaks.
Coinbase, who this year launched a custody product for institutional investors, hopes that by demonstrating its security techniques the firm can lure in sidelined investors. Brian Armstrong, CEO of Coinbase, explained “there’s a bunch of institutional money interested in the cryptocurrency space,” adding, “but they need a qualified institution to act as a custodian.”