As an industry leader in blockchain and cryptocurrency, Coinbase is continually challenged to provide novel solutions to the challenges that arise from the field’s unique positioning at the intersection of cryptography, distributed computing (consensus), and game theory. Coinbase, and the web3 industry in general, is adopting cutting-edge research to provide solutions to challenges that arise from building the next iteration of the internet. This distinguishes web3 from old-world financial institutions which adopt new technologies at a much slower pace.
The innovative and fast-moving nature of web3 is a double-edged sword. It enables us to grow the industry with speed, but with that speed comes the possibility of mistakes that can have significant costs, both personal and systemic.
For example, bridges are desperately needed to enable scaling of L1 blockchains. Those bridges, however, have also been the source of multiple recent hacks, which raises the question of how ready we really are to deploy them?
Unfortunately, reputable organizations who take extra care in building a strong security infrastructure are often lumped together with others who subscribe to the ‘move fast and break things’ philosophy. But in an industry where breaking things means losing people’s money (e.g., their retirement or a child’s college fund), Coinbase chooses to operate with a different philosophy.
Secure multiparty computation (MPC) is the leading technology for generating, storing, and utilizing cryptographic signing keys that protect digital assets. Keys constructed and used in MPC are never in any single place at one time. Rather, each key is generated in such a way that the result is shared amongst two or more parties without any particular party seeing more than its own share, that is meaningless by itself.
Additionally, signing takes place without ever bringing the shares together, which helps to prevent attackers from getting to some subset of machines and extracting key material. Furthermore, by having each MPC participant verify the transaction against policies, it isn’t possible to bypass protections installed to prevent misuse of a key.
The strength of MPC rests on scientific foundations which have been researched extensively in academia going back as far as the 1980’s. As a result, we have a very strong understanding of how MPC protocols work and how they can be proven secure. As with all cryptography, however, MPC protocols can be designed conservatively or aggressively. The conservative approach utilizes standard cryptographic principles that value simplicity over speed, while the aggressive approach pushes the edge in order to achieve new and exciting scientific breakthroughs.
Such cutting-edge work enables the industry to innovate – pushing the very boundaries of what we think possible. But considering the scale of economic and financial realities at stake, great care is necessary when building such systems.
Coinbase strongly believes in a more conservative approach when it comes to trust and security. There is no doubt that more aggressive design is needed to spur innovation, especially when other solutions are unavailable. Yet, in many cases, aggressive design performs only slightly better than more conservative approaches. Saving a few fractions of a second to sign on a transaction is not always of great importance, especially when doing so increases the possibility of mistakes. Additional computation can be overcome with stronger servers, so at a slightly higher cost customers can be more secure.
Coinbase also takes great care when deploying new cryptographic schemes. Coinbase independently verifies the proof of security of new protocols, writing clear specifications for implementation, and verifying consistency between academic research and its implementation. This same process is carried out by our internal security team and external experts, all in order to ensure validation.
These processes take time, and the tension between moving fast (being first to market) and prioritizing safety and security can be difficult to get right. While we believe in moving as fast as possible, we don’t believe in doing so at the cost of potentially endangering our users. This is our commitment to our community, to provide a in which they are able to pursue economic freedom knowing that we are doing everything we can to keep their funds safe.
About Yehuda Lindell
Yehuda Lindell leads the cryptography team at Coinbase and is a professor of Computer Science at Bar-Ilan University (on leave). At Coinbase, Yehuda is responsible for the company’s cryptography design and its strategy around secure multiparty computation (MPC). Yehuda obtained his PhD from the Weizmann Institute of Science in 2002 and spent two years at the IBM T.J. Watson research lab as a postdoctoral fellow in the cryptography research group. Yehuda has carried out extensive research in cryptography, published over 100 scientific articles, and co-authored one of the most widely used textbooks on modern cryptography. Prior to joining Coinbase, Yehuda was the co-founder and CEO of Unbound Security, a company that provided key management and protection solutions based on MPC. Unbound was acquired by Coinbase at the end of 2021.