On 1/5/2019, Coinbase detected a deep chain reorganization of the Ethereum Classic blockchain. In order to protect customer funds, we immediately paused interactions with the ETC blockchain.
Updated Jan. 7, 2019–10:27pm PT: At time of writing, we have identified a total of 15 reorganizations, 12 of which contained double spends, totaling 219,500 ETC (~$1.1M). No Coinbase accounts have been impacted by the attack.
Updated March 11, 2019–11:20am PT: We have now re-enabled sends and receives of ETC. Please note that transactions may take 24 hours, or longer, to be processed by the network due to the large number of confirmations required. …
Edit: No attacks have been observed from the time this article was published on 12/2. We have therefore concluded that the 4th and most recent incident has concluded. We will provide updates for any additional developments as they arise.
Page 3 of Satoshi Nakamoto’s whitepaper, Bitcoin: A Peer-to-Peer Electronic Cash System, states the following:
If a majority of CPU power is controlled by honest nodes, the honest chain will grow the fastest and outpace any competing chains.
The “honesty” of more than half of miners is a core requirement for the security of Bitcoin and any proof of work cryptocurrencies based on Bitcoin. Honest action, in this context, means following the behavior described in the Bitcoin white paper. This is sometimes described as a “security risk” or “attack vector,” but is more accurately described as a known limitation to the proof of work model. …
Coinbase is the most trusted place to buy, sell, and manage cryptocurrency. The protection and security of our customers’ identities and funds is our top priority. We’re constantly making improvements to our security posture, including ongoing updates to our HackerOne Bug Bounty Program.
We’ve come a long way from our first program at the start of the company when we were paying bounties in bitcoin from coinbase.com/whitehat, to our initial move to the HackerOne platform in October 2014, and our most recent update to our program last fall. This update is our fourth major iteration, and it includes: