Bitcoin & cryptocurrency news

How Coinbase Protects Users From Risky Assets

By Dan Kim — Vice President, Ecosystem and Listings

Tl;dr: Coinbase reviews thousands of crypto tokens; around 90% never get considered for listing as they do not meet our strict requirements for protection against scams like “pump-and-dumps” and “rug pulls.”

Our proprietary threat detection software has identified and blocked over 700 tokens with malicious software that can harm Coinbase users.

We also conduct in-depth research on project teams to ensure they don’t have a record of engaging in questionable business practices.

In order to get the next 100 million people into web3, we need to make it easy to buy, sell, and hold the safest and most reputable catalog of digital assets, and further solidify Coinbase as the most trusted bridge to the cryptoeconomy. We also need to make sure users are protected.

That’s why our goal at Coinbase is to list every asset that meets our industry-leading standards for risk, safety, and user protection: If an asset doesn’t meet those standards, we don’t list it.

We only announce the assets we have decided to list — not the ones that fail to meet our standards. But we’ve heard from many of you that you’d like to learn more about how we decide which assets are added to our roadmap.

How Coinbase reviews digital assets

We review assets based on applications submitted by project teams on Coinbase Asset Hub, as well as the thousands of other projects we track across the global web3 ecosystem.

The order in which we sequence asset reviews is not based on whether we think a project is popular or interesting. Our framework is much more objective and nuanced, and includes factors such as the legitimacy of a project’s white paper, integrity of their contributors, details of how their token works, and engagement levels of their user and developer communities. We only consider listing those assets that meet our rigorous guidelines for legality, safety, reputability, and technical integrability.

We do not list the majority of the tokens that we review. In fact, out of every 100 tokens we consider, only around 10 are identified as potential candidates for Coinbase Exchange, and fewer than that actually get approved for listing.

Today we’re sharing more details about the industry-leading tools, systems and methods we use to protect our users from dangerous digital assets.

How our threat detection software keeps users safe

Blockchain technology is constantly evolving, so any asset review system must be able to adapt with those changes.

That’s why Coinbase developed our proprietary secure trait analyzer, a safety-first, threat detection software that informs us if a token is designed in a way that can harm you or your crypto.

Our software automatically reviews tokens on all the blockchains we support, and identifies those programmed with software (also known as smart contracts) that can potentially harm Coinbase customers. The secure trait analyzer works by detecting specific patterns in smart contracts (which we call code signatures), and comparing them against our database of code signatures from previously analyzed smart contracts. The more smart contracts we review, the faster we’ll be able to distinguish the safer tokens from the riskier ones.

So far, our Listings team has used this automated system to identify over 700 tokens that didn’t meet our security standards due to critical risks, such as single individuals being able to automatically seize users’ funds or unilaterally drain account balances. The proprietary software has also helped us detect dangerous backdoor vulnerabilities — like those that can be used for rug pulls, in nearly one out of every four smart contracts we’ve reviewed.

Whenever we find things that aren’t safe, we ask project teams to take the appropriate measures to mitigate those risks. If they don’t, we don’t list their tokens.

Added security from comprehensive research

In addition to screening smart contracts with our threat detection software, we also conduct other types of detailed due diligence to protect our users.

That includes in-depth research into the project’s purpose, milestones, and key contributors to make sure we’re complying with regulations and identifying any potential connections to illicit activity.

To capture the most comprehensive view of all assets we consider for listing, we also perform on-chain and off-chain analyses of quantitative and qualitative signals — things like historical token prices and trading volume, ownership and vesting schedules, investment and financing history, market capitalization, community sentiment, technical roadmap, and information about how tokens are earned, burned, and distributed.

Digging deeper: Protecting users from bad actors

Beyond our security reviews, we take other important steps to protect our customers from scams.

Earlier this year, we implemented a fraud detection framework that expands our ability to identify even more factors that could potentially harm Coinbase customers. This analysis is specifically designed to evaluate consumer and business risks that might not show up when we review project whitepapers or analyze token smart contracts — things like key project contributors with a record of shady business practices or confirmed allegations of pump-and-dumps.

Since implementing this additional layer of protection, the Listings team has identified nearly 100 projects with tokens that we perceive to be high risk and have chosen not to list.

Coinbase is the most trusted platform for buying, selling, and exchanging digital assets. While we aim to list as many assets as we legally can, our priority is to protect our users. We’ve invested an enormous amount in tools and processes that weed out risky assets, and will continue working towards keeping all Coinbase users safe.


How Coinbase Protects Users From Risky Assets was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Lighting Up The Map: How Coinbase Plans To Scale Globally

By Nana Murugesan, VP, International and Business Development

Coinbase will adopt a go broad and go deep approach to scale globally in order to further its mission of bringing more economic freedom to each and every individual and business around the world. Leadership roles are now open across the globe to build our international presence.

  • Go Broad: launch foundational products that are a gateway to Web3 and crypto in every country*
  • Go Deep: launch localized infrastructure and public facing products with a full suite of services

I joined Coinbase around a month ago to lead business development and international operations teams to further our mission, strategy, and culture around the world. In this blog, I wanted to share our international strategy, how we are thinking about building our international operations, and the exciting leadership roles we just opened up around the world for those interested to join us!

Crypto is global

By its very nature, crypto is global and decentralized, and as stated in our blog yesterday, we have an ambitious mission to increase economic freedom in the world that will rely on our ability to bring our products to customers globally. Crypto can have a seismic impact in driving toward a more equitable global economy. This is for a number of reasons, including, but not limited to, the fact that in new high growth markets, the barriers to entry into the traditional financial system may be beyond the reach of many citizens. For instance, traditional financial systems may require official identification or a credit history to access financial services and the security it provides. In larger, more diversified economies, we take these things for granted, but in many parts of the world, they’re unavailable to a majority of the population.

Advancing economic freedom

There are billions of people around the world who are underbanked or unbanked. According to the World Bank’s Global Financial Inclusion database, 1.7 billion adults are unbanked, and while the number of underbanked is harder to identify, it’s an issue that impacts almost every country. Yet two-thirds of those identified as unbanked own a mobile phone that could help them access financial services. These numbers are even worse for women, who are roughly 10 percent less likely than men to have access to financial services. Where women are not financially empowered, the trend lines are also more profoundly negative, correlated to a less established civil society and the seeds of undemocratic norms. These are precisely the types of challenges that crypto is uniquely equipped to solve.

Economic freedom is unevenly distributed around the world. Crypto enables economic freedom. At Coinbase, we believe everyone deserves access to financial services that can empower them to create a better life for themselves and their families, regardless of their location, gender or socioeconomic status.

Taking Coinbase global

Going global is complicated and this is compounded by rapidly evolving regulatory international frameworks for crypto. Our approach globally will be consistent with our approach in the United States: we will work with governments and regulators in different markets, and will always aim to be the most trusted and compliant crypto company in any market. As our co-founder & CEO Brian Armstrong has said, “clear rules of the road allow for technological innovation and investment and give the public and policy makers confidence that these markets are fair.” That is why, in Brian’s words, “we see [regulation] as a business enabler.” We will take that perspective in our global expansion.

A key first step of our strategy is to hire experienced regional and country leaders across the globe. We are now kicking off an extensive global expansion strategy, with hiring and investment plans to enter these markets which will ultimately allow Coinbase to serve customers more locally:

  • Americas — Latin America, Canada
  • EMEA — Europe, Middle East and North Africa, Sub-Saharan Africa
  • APAC — South Asia, Southeast Asia and Oceania, North and East Asia

[Link to newly opened Regional Managing Directors, Country Directors, and other Global & Regional Leadership roles. And, keep an eye out for more roles opening in the coming months]

With these leaders in place, we will develop and execute on in-market plans to (1) launch our products, (2) establish our presence with top local talent, (3) grow our customer base, (4) build our business, and (5) collaborate closely with our external constituents [including regulators, financial institutions and partners]. ​​In parallel, we will explore new market entry through acquisitions.

To accelerate the growth of the cryptoeconomy globally, Coinbase Ventures will double down on regional investments, adding to our portfolio of platforms such as CoinSwitch Kuber and CoinDCX in India, Bitso in Latin America, and Rain in the Middle East.

We understand that a one-size-fits-all approach won’t work as each market is unique, with its own set of opportunities, challenges, political dynamics, and cultural norms. To address this, we plan to take a go broad and go deep approach.

Go Broad: launch foundational products that are a gateway to Web3 and crypto in every country*

Coinbase’s mission is to increase economic freedom in the world, and we take this commitment seriously. The first tenet of our global strategy is to get crypto into the hands of any person who wants it, regardless of their financial status. This means we may enter international markets at scale with our decentralized and non-custodial products such as Coinbase Wallet. This allows us to offer local communities a light-weight, user-controlled, simple and secure interaction with the crypto economy and to enable fun experiences such as NFT drops from local creators. As regulatory frameworks and markets develop, we will look to go deep, as elaborated below.

Go Deep: launch localized infrastructure and public facing products with a full suite of services

In those countries that have clearly defined crypto regulation and there is a clear path for us to offer services in a way that is fully compliant with local laws and with a reasonable content moderation philosophy, we will plan to provide access to a full suite tailored to the local market. For our retail customers, this includes our custodial, full-fiat trading products, such as our main Coinbase App, and products that host user generated content (or include social features) such as our upcoming Coinbase NFT marketplace. For our institutional customers, we will plan to offer a full suite of advanced prime brokerage services, including custody and private client support.

I am excited to embark on this journey, and I look forward to providing updates along the way. At Coinbase we’re building an open financial system for the world and we’re always looking for top talent ready to do the best work of their careers to help us get there. If you think this could be you, we’re hiring!

*Subject to local regulation.


Lighting Up The Map: How Coinbase Plans To Scale Globally was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Coinbase’s Philosophy on Account Removal and Content Moderation

By Brian Armstrong

In the last few years, it’s become increasingly common for tech companies to censor customers or close their accounts for a range of reasons (e.g., misinformation). Luckily, as a crypto business we don’t face this issue as frequently as a social network does, but we still need to set clear policies around acceptable use of our products. As our product suite grows, it will even include products that host user generated content like NFTs.

Our high level philosophy is that, in a democratic society, the people and their elected officials should decide what behavior is allowed and not allowed by setting laws. We think it sets a dangerous precedent when tech companies, such as Coinbase, or their executives start making judgment calls on difficult societal issues, acting as judge and jury. This approach sounds simple in theory, but in practice it is anything but.

First, it can be very complex to determine whether an activity is legal or illegal. Laws vary greatly across different countries, states, and regions. Some activities are legal only if you have a license. Some activity is in a gray area. Some unjust laws go unenforced. Like most companies, we refer suspected illegal activity to the relevant authorities, but we can’t expect to receive a timely response or opinion back from them given the many demands on their resources. Unfortunately, this puts us, along with most companies, in the unfortunate position of having to make our own determinations about what activity is legal or illegal.

Second, even if some activity is legal, it may be something that is deeply troubling to have on the platform. The world is littered with polarizing, uncomfortable, or obscene content that may still be legal. This is where companies start to exercise even more judgment on what they allow. But there is great danger of falling down a slippery slope, having to render decisions on every difficult societal issue, where you are sure to upset someone no matter where you land. Without some strong principled based approach, these decisions become arbitrary and capricious, opening the company to attack.

Finally, every company works with other companies that have their own set of moderation and deplatforming policies. For instance, for any app to be listed in the Apple and Google App Stores, it needs to play by the rules of those two companies. In the financial services world, we also work with banks and payment processors who have their own acceptable use policies. Very few companies are completely vertically integrated, with the luxury of making their own decisions in a vacuum.

So how should a company implement a reasonable approach based on the above constraints? We’ve come up with our own answer, and I want to share it here so our customers can understand it, and in case it helps other companies.

Our approach

First, it’s important to differentiate our approach based on the type of product. Coinbase has a broad product suite, but for moderation purposes we group our products as either infrastructure products or public-facing products when thinking about how to moderate them. Infrastructure products enable access to basic financial services and are typically used privately by a single customer, while public-facing products often host user generated content and have social features visible to large numbers of users. Ben Thompson’s article on moderation in infrastructure illustrates how companies typically take a different approach for each of these products.

For our infrastructure products, we use rule of law as the foundation of our approach, because we believe that governments, not companies, should be deciding what is allowed in society. We also believe that everyone deserves access to financial services, and a test of legality should be sufficient for these products.

For our public-facing products, we again start with rule of law as the foundation. But assuming something is legal in a certain jurisdiction, we also go beyond this and moderate content that is not protected speech under the First Amendment. We’re not legally held to the First Amendment as a company, and the First Amendment is a U.S. focused concept only, but we’ve chosen to use it as the guiding principle of our content moderation approach because it is in line with our values and helps ensure we don’t fall down a slippery slope over time. The First Amendment has hundreds of years of case law built up, and provides a reasonable framework to moderate content such as incitement, fighting words, libel, fraud, defamation etc. David Sacks does a great job describing this approach in this blog post.

Finally, there are cases where we want to work with external partners, such as the App Stores, and need to follow their moderation policies to do so. Sometimes third party payment providers have their own policies. For payment providers, we can simply disable functionality related to that partner if there is a problem with a specific user, while continuing to offer Coinbase services. But getting kicked out of the app stores wouldn’t help anyone. So when working with partners, our approach is to be free speech supporters, but not free speech martyrs, and to make accommodations if it is essential for us to function as a business.

This is obviously a complex issue, and hopefully the above approach starts to show a path through it that doesn’t devolve into arbitrary and capricious decision making. To boil down the above approach, we ask the following questions for our public-facing products:

1. Is the content illegal in a jurisdiction in which we operate?

A. If yes, then remove in that specific jurisdiction

2. Is the content a free speech exception under the First Amendment?

A. If yes, then remove globally

3. Has a critical partner required us to remove the content?

A. If yes, then remove the content or disable the functionality of that partner for the affected user

If the answer to any of these 3 questions is “Yes” we will take some moderation action, such as taking down content and in severe cases terminating the account.

Decentralization is the ultimate customer protection

Most of this post has been about how we can create a reasonable moderation policy that doesn’t get co-opted over time, succumb to pressure, or descend into us playing judge and jury. This is important so that Coinbase is able to stand up to pressure. Of course, the decentralized nature of cryptocurrency offers its own important protections here, and those protections get stronger the more our products decentralize.

If our policy above fails, and Coinbase starts making bad judgment calls or turns evil, customers can withdraw their crypto to any other competing exchange, wallet, or custodian. Compare this to social networks today, where you can’t take your followers with you. Your data is owned by one company, in a proprietary format. The open nature of crypto protocols provides lower switching costs, which is an important customer protection, even for relatively centralized crypto products. But decentralized, or self-custodial, crypto products have an even greater protection because the company is simply providing access to something running on-chain. For instance, no one can deplatform your ENS name without taking every ENS name offline. Decentralization moves you from the slippery slope to the crypto cliff, where the would-be censor must compromise an entire blockchain to censor just one person.

Decentralization is a spectrum, and Coinbase is moving farther down this path over time, embracing self-custody with Coinbase Wallet, stepping up user education around private keys, and by investing in Bitcoin core development and web3 protocols. The more decentralization we can support, the better protection customers will have.

Conclusion

We believe everyone deserves access to financial services, and that companies should put appropriate controls in place to prevent censorship or unjust account closures from taking place. For centralized financial infrastructure products, we believe rule of law is a sufficient standard for moderation, while for decentralized products even greater protections can be provided by the blockchain. We also acknowledge that public-facing products deserve some additional consideration, and that the First Amendment can be used as a reasonable test or boundary. We believe this approach is consistent with our mission of creating more economic freedom in the world and with the ethos of crypto.

Companies are in a difficult position when they choose to censor or terminate a customer account. What often seems like an easy decision, especially under public pressure, turns out to have larger unintended consequences and sets a dangerous precedent for the role of private companies in society. I’m sure we won’t get it perfect with our policy above, but my hope is that we’ve laid out some principles we can fall back on when difficult decisions arise, and that investors, customers, and employees can have a better understanding of our process.

Further Reading


Coinbase’s Philosophy on Account Removal and Content Moderation was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Tobias Lütke, CEO of Shopify, to join Coinbase Board of Directors

By Brian Armstrong, CEO and Co-Founder

Commerce pioneer and respected open-source programmer, Lütke will bring his global experience and perspective to bear as Coinbase seeks to expand its international footprint and build new products

I’m excited to share that Tobias “Tobi” Lütke, CEO and founder of Shopify, will join Coinbase’s Board of Directors*.

Tobi brings a wide variety of skills and expertise to the Coinbase board. First and foremost, he is a tremendous entrepreneur, building Shopify from the ground up into a global commerce leader. He also deeply believes in the power of crypto and was an early adopter of crypto through Shopify’s integration with Coinbase Commerce. Serving millions of merchants in more than 175 countries, Shopify sits at the nexus of three important areas that crypto seeks to revolutionize: Finance and payments, web applications, and the internet itself.

A builder at heart, Tobi began writing computer code in his early teens. He soon became an active member of the open source community, contributing to projects such as Ruby on Rails, Liquid and ActiveMerchant. Building on his experience developing open source projects, Tobi launched an ecommerce platform in 2004 focused on selling snowboarding equipment. This online store soon grew into what we know today as Shopify. Tobi’s experience as a founder & CEO, scaling his business from a small, niche online marketplace into what has become a critical backbone of global ecommerce will help guide Coinbase as we seek to bring crypto to more people and businesses around the world.

“The concepts of decentralized finance and entrepreneurship exemplify the promise of Web3 where opportunity exists for the many, not the few,” said Tobi Lutke. “Coinbase and Shopify share this like-minded vision, and I am excited to join the Board to support the future that Brian and the Coinbase team are building.”

Shopify put a powerful, yet simplified platform into the hands of millions of merchants across the globe, and in the process changed the lives of billions of people. With his guidance, we hope to unlock crypto’s potential to increase economic freedom in the same way Shopify democratized online commerce.

I look forward to working with and learning from Tobi as we work to grow the cryptoeconomy.

*Subject to formal Board confirmation later this week.


Tobias Lütke, CEO of Shopify, to join Coinbase Board of Directors was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Proof of alignment

What we’ve already done to align ourselves with our customers, and what we’re doing next.

By Paul Grewal, Chief Legal Officer

Summary

Coinbase is committed to providing a fair, transparent and equal experience across our suite of trading products. We take a number of steps to ensure this, including:

  • We do not coordinate asset listing decisions with anyone not directly involved with our review and listing process. This includes members of our management team that do not sit on our asset listing committee (the majority of Coinbase’s leadership team does not sit on our listing committee), our board directors, venture capitalists, or outside investors
  • Coinbase Ventures has never sold tokens from investments that it has made, and is staffed by a separate team with no influence over which assets may be supported on Coinbase platforms
  • We have no control over, or proprietary information about, the plans of early digital asset backers, including their buying or selling activities for assets we list.
  • We are continually looking into additional mechanisms to align ourselves even further with our customers, starting with enabling users to track Coinbase’s own portfolio of digital assets for informational purposes.

In Detail

Coinbase’s goal is to provide a fair and efficient marketplace. As mentioned during our launch of Asset Hub, our goal is to list every compliant asset possible. In our ideal world, Coinbase would simply list every asset that met the requisite legal and cybersecurity standards, while giving our customers as much information as possible to make educated investment decisions. Being listed on our exchange would not be considered an endorsement; it would simply be an indication that the asset had met our listing standards.

The issue is that because an asset listing can be time consuming both from a technical and legal perspective, it is still scarce; because it is scarce, it is considered valuable; because it is valuable, it is considered by some to be an endorsement. This is similar to the dynamic that ensued around Twitter verification, where what was initially simply an anti-impersonation measure inadvertently became a status symbol.

As part of our commitment to transparency, we want to shed further light on how our current listing process works, as well as sharing additional information on the steps we take to ensure that our listing and ventures teams are kept completely independent, and, finally, offer some insight into how we think about the crypto assets we share on our corporate balance sheet.

First, as we’ve discussed before, here’s how we operate.

Asset Listing

  • Coinbase makes listing decisions through a formal process run by a special committee called the Digital Asset Listing Group, which follows regular procedures, which are documented in formal policies, and which applicable regulators must review and approve.
  • The Digital Asset Listing Group votes on what assets can be listed, informed by a rigorous vetting/review process that evaluates assets for compliance, legal, and information security concerns.
  • The voting group does not include Coinbase CEO Brian Armstrong or other Coinbase Global Board members.
An example of our disclosure statement
  • The vote is not impacted by whether Coinbase Ventures or our investors have a stake in the asset, and Coinbase Ventures is transparent in disclosing our interests in projects.
  • Coinbase has a conflict of interest policy that prevents board members or Coinbase employees from being involved in a listing decision where they have a financial interest.
  • The majority of assets that the Digital Asset Listing Group reviews are submitted directly by asset issuers through our Asset Hub portal.
  • This process is strict, and the majority of assets submitted for evaluation are rejected.

Employee Trading

  • Coinbase restricts all employees from trading the tokens it is considering for listing to make sure no one at Coinbase is front running assets, even if they don’t work on our asset listings team.

Early Backer Trading

  • Coinbase does not coordinate listing decisions or timing with early backers of a project (including VCs) or in assets being reviewed.
  • We have no control over or proprietary visibility into the plans of early token backers (VCs, founding team, etc.) on their selling activities.
  • Because trading typically occurs across many exchanges (not just Coinbase), and because large holders and even asset issuers are often unknown, we do not have the ability to play a role in any lock-up type mechanisms.

Coinbase Ventures

  • Coinbase Ventures has never sold tokens from investments that it has made, nor does it have any influence over which assets are supported on Coinbase platforms.
  • We are long term hodlers of our investments. It may make sense to liquidate some of our holdings in the future, but we do not presently have any plans to.
  • Our Ventures and Listings teams operate completely independently of each other, with no overlap in personnel or shared information.

Corporate Balance Sheet Holdings

  • Coinbase holds on our balance sheet the majority of the assets that we support on our platforms, which helps ensure that our interests are aligned with those of our customers.
  • Like our Coinbase Ventures investments, we are also hodling these assets with a long term view, with no present plans to sell.
  • Though it’s impractical to hold large positions of some lower liquidity assets, we aim to have some corporate exposure across the breadth of our supported assets.

Provable Alignment

With that said, we are always looking at new ways to more clearly show alignment with our customers. While the Coinbase Ventures portfolio is already public, and we’ve also published our material crypto assets held in our 10-Q, we plan to make our holdings even more transparent.

Soon we’ll be updating our asset disclosures in a way that makes our holdings even more obvious, by showing (a) which assets are currently held by Coinbase and (b) which assets were backed by Coinbase Ventures, whether they are currently listed or not.

Now, we don’t claim that our portfolio is the best. Nor do we advise that you buy it. But by making it even more clear in the user interface as to which assets are Coinbase-held and Coinbase-backed, you can decide whether or not to align yourself with Coinbase’s crypto holdings. You can also choose to pursue a completely different strategy. And that is our goal: to provide a fair and efficient marketplace where the participants decide.


Proof of alignment was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Announcing our second developer grant winners

By Trent Fuenmayor, Program Manager, Coinbase Giving

In August, we made a call for applications through our Crypto Community Fund focused on blockchain developers who contribute directly to a blockchain codebase, or researchers producing white papers. Today, we’re excited to announce the Fund’s second batch of developer grants to 6 recipients: AMIS Technologies, Josie, Escanor Liones, WeFuzz Research, and two developers funded through a partnership with Brink.

All candidates demonstrated a consistent history of contributing to blockchains, as well as innovative ideas, and provided the Fund’s advisory board with a clear, actionable outline of the projects they intend to work on. They will both be funded to work on their projects for all of 2022, with their grants funded in BTC or USD based on the recipient’s preference.

AMIS Technologies (github, blog) will be providing various digital signature protocols based on multi-party computation (abbrev. MPC) in the blockchain including ECDSA, Schnorr Signature, Bls Signature, and Bip32( i.e. Hierarchical deterministic wallet). The audited Library will continue to open to developers. They believe that MPC will be an alternative option for private key management.

Josie (github, twitter) will be working on the unit, functional, and fuzz testing in Bitcoin Core by focusing on improving test coverage and refactoring for performance and clarity. He will also be supporting three researchers on a project centered around analyzing bitcoin transactions, specifically on fees and privacy when used as a means of payment. Last but not least, he will be performing code review and testing PRs in Bitcoin Core.

Escanor Liones (github, twiter) will be designing and implementing a sequence of blockchains to promote the study, advancement and improvement of mathematics, cryptography and digital security. The present grant will fund one of those blockchains. His previous published work focused on Information-Theoretical Private Information Retrieval (IT-PIR) in the form of a practical Postgres C/C++ Extension using Quantum Resistant Lattice-based Cryptography; see the open sourced implementation here. A paper will be published with the details about the design in early summer; and, a blog or a paper towards the end of the year speaking to the implementation and the experience of designing, building and deploying a blockchain.

WeFuzz (github, twitter, website, discord) plans to build a, fully decentralized, crowdsourced security audit and bug bounty platform: a set of smart contracts that allow developers and companies to get their smart contracts, blockchains, web3 applications etc., audited by the decentralized auditors’ and hackers’ community and makes it easy for everyone to secure their assets. WEFUZZ (Chaitanya and Ranjeet) aims to become the *Hacker DAO*.

Brink (website) is a 501c3 that exists to strengthen the Bitcoin protocol and network through fundamental research and development, and to support the Bitcoin developer community through funding, education, and mentoring. They support and mentor new contributors to open source Bitcoin development through their fellowship program, and support the work of established Bitcoin protocol engineers through their grants program. Coinbase has funded two Bitcoin core developers through their partnership with Brink.

The Crypto Community Fund grantees will provide periodic updates about their work through public blog posts. The Fund will also be placing an additional call for developer grants later this year, and encourages future applicants to subscribe to updates here.


Announcing our second developer grant winners was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Working at Coinbase: Intense and demanding, balanced by deliberate recharge time

By L.J. Brock, Chief People Officer

We’re often asked a version of this question: “What’s it really like to work at Coinbase?”

Our culture doc provides a great overall perspective on working here, but I think it’s important to address this question head-on, too.

The bottom line: We work incredibly hard at Coinbase — for most of us, Coinbase is the most intense place we’ve ever worked. That intensity is only magnified by the current moment in crypto, and it often results in long days and long weeks.

However, because of that intensity, we’re also deliberate about finding time to recover between sprints. How deliberate? This year, we’re experimenting with four recharge weeks (roughly one per quarter), when nearly the entire company will shut down so we can all enjoy downtime without work piling up.

Four weeks of coordinated recharge time might sound like a lot of time off for a company in hypergrowth, but given the intensity of our work throughout the year, we think this is the best way to ensure our pace is sustainable for the long term.

We know this approach wouldn’t work for every company, and we also know Coinbase isn’t for everyone. But if you want to work at the cutting edge of crypto and tech — and if you’re excited about pushing your skills to the limit while knowing you’ll have regular opportunities to recharge — there’s no better place to be.

An all-in environment

Why is Coinbase so intense? Because the massive opportunity in front of us demands the best from each of us, every day.

We’re upfront about this in our culture doc, but it’s worth emphasizing: “We are a winning team, not a family, and have high expectations for performance and delivering results…. We have an intense work culture, and are regularly pushed out of our comfort zones.”

What’s this mean in practice?

It means we don’t promise 9 a.m. — 5 p.m. hours or 40-hour work weeks — many days and weeks are long, because that’s what it takes to get the job done.

It means we can’t simply do more in some areas by doing less in others — the risk of missing out on a huge opportunity is too great.

It means we aren’t wedded to long-term plans — yes, we thoughtfully map out quarterly and annual plans, but we’re prepared to pivot at a moment’s notice if we see a better opportunity to serve our customers.

We’re laser-focused on achieving our mission of increasing economic freedom in the world, and we encourage our teams to set “uncomfortably ambitious” goals. That’s the only way we can stay ahead.

An ‘act like an owner’ mentality

One of our cultural tenets is “act like an owner.” We expect our employees to take 100% responsibility for achieving our mission, but we also empower them to work in the way that’s best for them, and to rest and recharge between their sprints.

We do this in part through our remote-first stance, which enables almost all employees to choose whether to work from an office, from home, or through a hybrid approach — whatever works best for them and their families. This policy has been hugely successful, enabling us to hire top talent from around the world and earning positive reviews from our employees.

We also empower employees to take charge of their well-being through our flexible time off (FTO) policy (in eligible countries), which means most employees don’t need to accrue time off before using it or worry about hitting an annual limit.

Despite our FTO policy for most employees, we realized in 2020 that many employees weren’t taking enough time off to recharge, either because they didn’t want to force their teammates to cover for them or because they didn’t want to fall behind on their work.

We knew this was unsustainable, so we scheduled a recharge week at the end of 2020 and two recharge weeks in 2021, when nearly the entire company would shut down. (Teams with critical 24/7 responsibilities, such as customer service and security, scheduled alternate recharge weeks.)

Subsequent employee surveys made it clear: recharge weeks work. In fact, 52% of employees said recharge days and weeks were the primary tool that helped them rest and recover in 2021.

That feedback — and our expectation that this year will be just as intense as last year — prompted us to schedule four recharge weeks for 2022, roughly one per quarter. We have no expectation we’ll continue with four recharge weeks beyond 2022 — we’ll evaluate as we go — but we’re confident this is the right approach for us this year.

Even though we’ve scheduled four recharge weeks for 2022, we didn’t make any changes to our FTO policy — we’ve encouraged employees to schedule vacations during our recharge weeks when they can, but we know that’s not always possible, and that’s OK.

We also know that, despite our best intentions, there are times when some employees need to work through a recharge week. When this happens, we do our best to make it up to them so they have dedicated time to recharge, too. We’re OK with this tradeoff — we prefer to implement a solution that regularly works for 90% of employees than to endlessly search for an elusive “perfect” solution.

Acting like an owner truly is key to success at Coinbase — our top performers take recharge seriously, but they also don’t hesitate to jump in and deliver for the company whenever and however is needed.

A once-in-a-career opportunity — and we’re hiring

There’s no denying that Coinbase is one of the most exciting places to work right now.

In just the last 12 months, we’ve tripled our headcount, expanded into new markets, brought new crypto innovations to our customers and become a publicly traded company — and we still feel we’re just getting started.

As we say in our culture doc, “We are optimistic about the future and determined to get there.”

If you share that optimism, and if my description of working at Coinbase resonates with you, take a look at our Careers page — we’re hiring for hundreds of roles in dozens of fields, and we want exceptional people in every seat, working together towards our mission.


Working at Coinbase: Intense and demanding, balanced by deliberate recharge time was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Coinbase Giving: Half Year in Review

In May 2021, we announced the launch of Coinbase Giving. Coinbase Giving is the operational embodiment of our commitment to Pledge 1%: our promise to dedicate 1% of Coinbase profits, equity, and employee time toward charitable activities that leverage the power of crypto to increase economic freedom in the world.

Where we are

In the past 7 months we’re proud of what we’ve accomplished:

  • Coinbase Giving is the largest charitable organization focused on Crypto (>$500M endowed at the time of post)
  • GiveCrypto, founded in 2018, has been brought officially under the umbrella of Coinbase Giving to enable scale and maximize social impact
  • We have launched 7 programs, supported 410 organizations, deployed ~$2M, and are impacting 2K+ lives

We are only at the beginning of this journey. 2021 has been a test and iteration year — our impact is still modest. The purpose of this post is to share progress and lessons learned.

Progress

In 2021 our focus has been to support endeavors that align to three broad categories:

  1. Increasing education around, and access to, crypto
  2. Accelerating the development of crypto protocols that underpin the cryptoeconomy
  3. Fostering the next generation of crypto talent, no matter where they are located

Highlights

GiveCrypto is our nonprofit that enables crypto based direct giving to some of the most needy people in the world. In doing so we also educate them about crypto and give them an alternative to their broken financial systems.

GiveCrypto has been one of Coinbase Giving’s largest investment areas in-house. GiveCrypto is a two-sided market. First, donations are driven by donors who are inspired to give charitably. Second, from these donations, crypto is put directly in the hands of people in need through our on-the-ground Ambassador program.

Bringing GiveCrypto directly within Coinbase has accelerated our ability to integrate donation collection within the consumer experience. As such, 2021 has been a critical year of rebuilding and integration. As the #1 crypto exchange in the US, we see this connection as a huge step forward in enabling public donations using crypto and Coinbase products. We have taken this chance to revamp our Ambassador program — our system to distribute funds directly into the hands of the most needy. In 2021, we were purely testing our distribution system and only reached 246 recipients. However, with those tests now under our belts, we feel ready to scale distributions dramatically in 2022.

Already we are seeing how crypto possesses unique characteristics that make it suitable as a cross-border donations mechanism. For example, it allows donors to avoid disintermediation by bad actors, who often take a cut at the expense of the recipient. Crypto adoption is growing, particularly in Latin American countries where hyperinflation can be devastating. Our independently validated randomized control test shows that direct giving continues to demonstrate high real-life impact, whether in enabling individuals to pay for food, education, or other day-to-day needs.

Developer Grants 2.0 to accelerate the development of crypto protocols.

In August, we launched the second iteration of our Crypto Community Fund whose goal is to make the cryptoeconomy safer and easier to access for everyone. We selected 6 developers to fund across 3 thematic areas: (1) Scalability; (2) Privacy, identity and zero knowledge research; and (3) Protocol security and other foundational infrastructure.

Grant terms are typically 1-year and we will share progress on their journeys throughout 2022.

Base 11 partnership to foster the next generation of global and diverse crypto talent.

Earlier this year Coinbase announced our three-year partnership with Base 11. Together, our goal is to develop the next generation of diverse crypto talent. In early October, Base11 hosted the Next Frontier Conference & Expo, which featured a fireside chat with Alesia Haas, CFO at Coinbase and Landon Taylor, Founder & Chairman, Base 11.

At the conclusion of the conference, the Coinbase Giving team launched our first ever Open Innovation Challenge, giving away over $10,000 in prizes and an exclusive NFT. The Open Innovation Challenge called for participants to focus on four key pillars: environmental sustainability, healthcare, education, and financial inclusion. The call to action has drawn hundreds of participants from all over the world and dozens of quality submissions that address the key pillars described above. We’re excited to enter the judging phase and will announce the winner in Q1 2022.

Learnings

  1. The crypto-forward charitable ecosystem — like the crypto ecosystem — is still nascent. That said, there are a growing number of novel partnerships between established non-profits (who deeply understand the social sector) and technical partners (who get crypto/blockchain) trying to better solve old problems with new solutions. We’ve learned this is Coinbase Giving’s sweet spot for grant-making.
  2. As more people hold crypto, more people want to give in crypto. “45% of crypto holders donated $1,000 or more to charities in 2020 compared to 33% of all investors”, according to a new report by Fidelity. We have engaged in many conversations with potential partners exploring the role Coinbase Giving could play in connecting nonprofits and endowments with the infrastructure they need to accept and hold crypto as an endowment (only ~2% have the ability to do so currently).
  3. Without education, there is no access. As the crypto market has heated up in 2021, so has the call for Coinbase Giving to provide more educational resources and support. Non-profits, NGOs and education leaders increasingly see crypto literacy as a next-generation skill required for the future success of their communities and constituencies. Coinbase’s investment in Crypto Learn and other initiatives distinctly well position Coinbase Giving to address this educational need. We look forward to exploring more in 2022.
  4. Accelerating and building infrastructure is more than open source code. There are many barriers to the simple and secure use of crypto and blockchain that are just as much about infrastructure development as having the right protocols. There are also many more applications for blockchain to solve social problems than have yet been envisioned or realized. This is all infrastructure. We can do better to support a flourishing ecosystem.

Next Up

With 2021 as a foundation-building (half) year, we are looking forward to incorporating what we’ve learned and to drive the social impact of crypto in 2022. We’ll keep the community up to date on what’s happening with a quarterly blog. Stay tuned!


Coinbase Giving: Half Year in Review was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Bitcoin & cryptocurrency news

How Coinbase thinks about the Metaverse

By Brian Armstrong, CEO and Cofounder, & Alex Reeve, Identity Product Lead

These days, everyone is talking about the Metaverse.

Primitive Metaverse platforms are selling virtual land for millions of dollars. Billions more are being invested in Metaverse startups. And Mark Zuckerberg recently renamed his entire company to reflect a focus on building the Metaverse.

The term “Metaverse” is not new. It was first used by author Neal Stephenson in his 1992 novel “Snow Crash.” But as technology improves, and we spend more of our lives online, more people are starting to think about what’s next — and how the future might revolutionize both the digital and the physical world.

Recently, our team put together an internal presentation about the Metaverse, who’s working on it, and how crypto will help make it real. I thought the presentation was well done, so I’m sharing most of the slides here.

Defining the Metaverse

At Coinbase, our thinking about the Metaverse has been heavily influenced by venture capitalist and writer Matthew Ball (you can find his work here). Like Matt, we define the Metaverse as:

The future of the internet: A massively-scaled, persistent, interactive, and interoperable real-time platform comprised of interconnected virtual worlds where people can socialize, work, transact, play, and create.

The earliest version of the internet, Web1, was about accessing static web pages. Web2 is about interactive, social experiences within closed ecosystems. And Web3 will be about digital ownership within an open, decentralized environment.

The Metaverse is the distant evolution of Web3. In its most complete form, it will be a series of decentralized, interconnected virtual worlds with a fully functioning economy where people can do just about anything they can do in the physical world.

Importantly, the Metaverse is not the same thing as gaming (an activity you can do within the Metaverse), or virtual reality (a way of interfacing with the Metaverse). It’s also not the same as Web3 (a distant ancestor of the Metaverse).

To illustrate this, here’s how some current platforms stack up against our definition of the Metaverse:

Elements of the Metaverse

While the full Metaverse is years away, it will rest on a foundation that’s being built right now.

Like the internet today, the Metaverse will rely on hardware and infrastructure, tools and standards, and regulatory frameworks — most of which haven’t been fully developed yet.

But unlike today’s internet, there won’t just be one Metaverse. There will be many Metaverses, and they’ll be interconnected. That’s why it will be important for any Metaverse to be trustless — meaning people can interact directly without going through an intermediary — and permissionless — meaning anyone can participate without authorization from a governing body.

To achieve this, the Metaverse will rely on blockchain to transfer identity and ownership across virtual worlds, attestation to verify them, and payment rails that allow people buy, sell, and earn income within a decentralized economy.

Who’s building the Metaverse today?

While we can’t build anything close to the full Metaverse yet, different companies and organizations are experimenting with different elements of it. Most fall into three categories:

The Metaverse ecosystem is still very much in its infancy: emergent and yet to be defined. That’s its beauty too. There’s a heavy focus on gaming, mostly because it’s easy to monetize. But we’re beginning to see glimpses of what the future might look like.

Identity

Identity determines who you are, what you can access and do, and how you’re represented across the worlds of the Metaverse.

In the Metaverse, our identities will have to include an easy login, a unique ID, an avatar that represents us, metadata that follows us, and attestation so we can prove who we are. Here’s where each of those pieces stands today:

Where Coinbase comes in

At Coinbase, we want to help pull all the pieces of identity together — essentially creating an identity on-ramp into the Metaverse.

That’s the idea behind our work with ENS, which makes it possible to create a unique username NFT that resolves to a wallet. Eventually, this will allow users to carry a unique ID across different worlds in the Metaverse.

We’re also working on technology that will allow you to purchase your avatar, define and maintain your public profile, and establish trust. And we’re working on features like Sign in with [Eth/Coinbase], which could allow users to sign into every app in the Metaverse.

Conclusion

At the end of the day, this isn’t about expanding our business or making money. It’s about building a critical piece of the Metaverse ecosystem, and helping crypto grow in the right way.

We know that the Metaverse will exist, and we know it will be a series of interconnected virtual worlds. Our goal is to make it easy for anyone to establish their identity and gain access to those worlds in a way that’s simple, trusted, and decentralized.

If we succeed, it will allow the Metaverse to reach its full potential — and keep it free and open to everyone.


How Coinbase thinks about the Metaverse was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Coinbase Transparency Report — — Q1-Q3, 2021

Coinbase Transparency Report — — Q1-Q3, 2021

By Paul Grewal, Chief Legal Officer

Coinbase is proud to publish our third Transparency Report. This report covers the period between January 1 through September 30, 2021*. As Coinbase continues to grow and offer services in new markets, the number of legitimate information requests we receive from law enforcement agencies and other government agencies will increase accordingly. As such, moving forward, we will publish these reports on an annual basis.

The goal of these reports, which we began publishing in 2020 (our two prior reports can be found here and here), is to keep our customers informed about requests for customer information we receive from government agencies and law enforcement — how many we have received, where they come from, and our approach in responding to them. While transparency reports are common in the technology industry, we believe financial institutions should similarly publish these reports on a regular basis, and we encourage them to do so.

At Coinbase, the safety of our customers is very important to us, and we respect the key role of law enforcement and government agencies in pursuing bad actors who engage in prohibited activity or seek to abuse our platform. At the same time, protecting the financial privacy of our customers is a fundamental part of our commitment to being the most trusted place to engage with cryptocurrency. This report shares data on the requests for information that Coinbase receives from government and law enforcement agencies around the world and provides a view into how government policies and actions intersect with customer privacy.

Coinbase Transparency Report

Period: January 1, 2021 — Sept. 30, 2021

Coinbase currently serves more than 73 million customers worldwide. We regularly receive and respond to requests from law enforcement and government agencies seeking customer account information and financial records in connection with civil, criminal, or other investigative matters. These requests can include subpoenas, court orders, search warrants, or other forms of formal legal process. We have an obligation to respond to such requests if they are valid under financial regulations and other applicable laws.

Each request is carefully reviewed by a team of trained experts using established procedures to determine its legal sufficiency; where necessary, we will narrow or push back on requests that appear overly broad or vague. The charts below provide data on the number of requests that we have received and how we have responded to them, broken down by country. As we continue to enhance our processes, we will be publishing this report annually, subject to certain limitations.

Key Takeaways:

  • There were a total of 5,562 requests in the first three quarters of 2021, and ~51% of requests came from outside of the United States.
  • ~84% of requests are from the U.S., U.K., and Germany.
  • Countries that sent requests for the first time in 2021 include Latvia, Greece, India, Turkey, Bosnia, Hungary, and Russia.
  • The number of requests we received in the first three quarters of this year represents a ~27% increase from the total number of requests we received in all of 2020.

FAQs:

Does this report include data about requests received by all Coinbase entities/services?

This report includes data about requests related to our various products and services including coinbase.com, coinbase.com/exchange, coinbase.com/prime, and custody.coinbase.com.

What does it mean if my country is not listed on the report?

We only include countries where (i) our services are available, and/or (ii) Coinbase received a government or law enforcement request.

What is a government information request?

A variety of laws allow the government and law enforcement agencies of a given country to request the disclosure of customer information for civil, administrative, criminal, and national security purposes, including as part of an investigation.

What information does Coinbase provide in response to government and law enforcement requests?

Depending on the nature and scope of the request, Coinbase may produce certain customer information, such as name, recent login/logout IP address, and payment information; this type of information may be subject to requests by government and law enforcement agencies when a customer uses one of our applications or our website, as described in our privacy policy.

Before we consider disclosing information in response to a government or law enforcement request (such as a subpoena, court order, or similar legal process), we review each request on an individual basis. If we believe a request is over-broad or vague, we seek to narrow it and provide a more appropriately tailored response, and in some cases we object to producing any information at all (such as if the request is legally insufficient).

Does Coinbase challenge or reject government requests?

Coinbase may challenge government and law enforcement requests, depending on the particular circumstances of each request. Under certain circumstances, we may ask the government or law enforcement agency to narrow their request.

Who reviews government requests for user information at Coinbase?

Coinbase has a trained team of lawyers, analysts, and other experts who review and evaluate each government and law enforcement request individually to assess its legal sufficiency and determine an appropriate response.

Does Coinbase provide governments with direct access to customer information?

Coinbase does not give any government in any jurisdiction (including law enforcement, or other government agencies) direct access to customer information on our or any third-party’s systems.

###

* Data for the remainder of 2021 will be captured in our next report, to be published in 2022.

(2) Coinbase receives various criminal, civil and administrative requests from regulators and agencies in various countries seeking information about specific accounts and transactions. This Transparency Report reflects data related to these requests; it does not include customer initiated requests for information or productions required as part of routine regulatory examinations.


Coinbase Transparency Report — — Q1-Q3, 2021 was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.