How Coinbase thinks about security
To safeguard users, Coinbase performs a thorough security review of each token before it can be listed. The core goal of Coinbase’s framework is to identify and mitigate risks to a digital asset’s custodiability. Custodiability is the capacity to reliably receive, store, and send original or accrued balances of an asset.
To evaluate custodiability, Coinbase Security focuses on "what can go wrong and what we can do about it." Formally put, these two concepts are called "risks" and "mitigations." The security evaluation identifies areas of risk that may be unique to an asset. Following the identification of these risks, mitigations are specified that may reduce the asset's risk.
We've provided three examples of risks and mitigations below. Note that implementation of mitigations are sometimes within Coinbase's control, and sometimes are not.
Weak Consensus mechanism
Asset Issuer: Modifications to the consensus mechanism
Coinbase: Increase confirmation requirement before crediting deposit
Superuser privileges that may impact user balances
Asset Issuer: Renounce the privileges or otherwise alter asset functionality to prevent superuser access to 3rd party balances
Open vulnerability in the asset’s node software
Asset Issuer: Patch the vulnerability and publish a new release
In situations where an asset may follow an open standard implementation, such as ERC-20, Coinbase specializes our review to streamline the process. In the case of ERC-20s, Coinbase has published specific guidance in this blog post.