Coinbase CEO on Misconceptions About Cold and Hot Storage of Private Keys

On Thursday (February 21st), Brian Armstrong, Co-Founder and CEO of Coinbase, decided to address, in an article for Fortune, four common misconceptions about cold and hot cryptoasset custody solutions.

Armstrong started by explaining that "hot" in this context means online (i.e. connected to the internet) and "cold" means offline (i.e. not connected to the internet); naturally, the former implies a much greater risk of attack by hackers.

First, Armstrong says that it is not true that "you can’t trade crypto using funds in cold storage." In fact, he says, some crypto custody solutions, such as Coinbase Custody, "let you trade over-the-counter (OTC) using delayed settlement," which means that they let you trade the cryptoassets they are holding for you in cold storage, and the actual transfer out of cold storage only happens after the trade has been executed. 

Another company that allows this is BitGo, which announced on January 16th that it had partnered with Genesis Global Trading (one of the largest crypto over-the-counter brokers) to allow BitGo Trust clients to "easily execute buy and sell orders without having to manage keys or move their assets from the industry's most secure cold storage."

BitGo launches partnership with Genesis Global Trading. Now BitGo clients can Buy/Sell with Genesis directly from cold storage

Second, Armstrong notes that it is wrong to believe that "you can’t 'stake' (or earn interest on) funds in cold storage." One example of a crypto project that uses a Proof-of-Stake (PoS) consensus mechanism with a staking model that works with cold storage is Tezos, and he explains below:

"... you can delegate your funds in cold storage to a “baker” and earn interest. The baker, which acts as the staking equivalent of a miner in the Bitcoin example, keeps a smaller percentage of funds online—and those don’t need to be customer funds. In other words, customer funds are kept safely offline but are still fully able to participate in the network, earning a yield for the customer."

Third, the Coinbase CEO argues that cold storage does not mean "relying on a single authorized user who could lose funds," and that a "well-designed crypto custody solution doesn’t rely on any single person," rather using "multiple keys to achieve consensus and redundancy," with larger transactions requiring more signatures.

Fourth, he explains that although hardware security modules (HSMs) as part of a custody architecture can provide very good security, they are not as quite safe as cold storage, which forces hackers to perform some kind of physical attack in order to get access to private keys.

Finally, he explains that there is a place for both hot and cold storage solutions:

"Hot storage is best when customers need real-time access to funds, measured in minutes or seconds. In exchange for this, there is some additional security risk, which can be mitigated, in keeping funds live on the Internet. Cold storage is best when security is paramount, typically when storing larger amounts. As I mentioned above, you can still trade and stake funds in cold storage, but the price you pay is that the time it takes to withdraw funds is typically measured in hours. Depending on how difficult you want to make the withdrawal of funds that may be a pro, not a con."


Featured Image Credit: Photo via