Author

Topic: Coinbase Wallet - Is my $ lost because I pressed this one button (dangerous)? (Read 506 times)

brand new
Activity: 0
Merit: 0
我觉得你应该换一个钱包,试试
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
Have you had success logging back in? I have the exact same issue. Have used Coinbase and Coinbase Pro, have login info but was never given seed phrase and was kicked out when the app was updated.
"Coinbase Wallet" app is not the same as "Coinbase" so having the log-in credentials wont help on recovering the former.
However, since you're using Coinbase, then you can just log-in to the site/app since you have your log-in info.

Or do you mean "Coinbase Wallet"? If that's the case: It's a non-custodial wallet;
being non-custodial, Coinbase doesn't have access to your backups and you really need the seed phrase (backup phrase) to restore it.
member
Activity: 266
Merit: 20
Uggh,

You trusted a crappy Apple Iphone with $15K,

I find it interesting that you totally ignore the fact , the apple update is what caused your problems, not coinbase.

I would think you have a better lawsuit against apple than coinbase.

However odds are the fine print, will place all the responsibility on you with either company.

Shot in the Dark,
Try contacting the developer of the coinbase wallet Toshi and see if they can help you recover your funds.
https://probleme.app/en/tag/Toshi/
https://probleme.app/en/coinbase-wallet-problems/#appreport


newbie
Activity: 1
Merit: 0
Have you had success logging back in? I have the exact same issue. Have used Coinbase and Coinbase Pro, have login info but was never given seed phrase and was kicked out when the app was updated.
newbie
Activity: 1
Merit: 0
Hi dadbody00,

Did you finally get access back to your Coinbase Wallet?
I got the same problem.
Somebody told me there is perhaps a solution. Somebody qualified might access to the motherboard of the iPhone and get the recovery data files in order to restore access to the app with former credentials.
Like setup a former version of the Coinbase Wallet before the incident.
Some of you guys have heard of something like this?

Cheers
newbie
Activity: 6
Merit: 20
Can you imagine if society ran on the mentality of "blame the customer" for misunderstanding a single button and therefore they deserve to lose their life savings.

This is a financial services product by a name brand company planning to go public in the USA and rushing some shitty wallet design from an app they bought of Toshi that is dangerously designed.

I am not even new to crypto.  I have used several wallets with Seeds and they tell you explicitly that it is a wallet with very important Seed words.  They don't vaguely refer to the fact one single time (I was never prompted anything again). 

Coinbase was my crypto bank and that was the danger because I even linked my accounts seemingly.  I thought I was in good hands like if it was Chase or Citibank which now is a joke if you have any experience with their customer service. 

To be a public bank you should have that level of accountability and attention to customer care.  If you do not you should not be in the business of banking people's financial lives.

I also submit that if your entire product is a "secure vault" with "special magic words" that are the most important function preventing your customer from losing all of their money when your app crashes, you NEED to provide the customer the magic words.  You need to tell them the magic words.  You need to show them the words.  At the very least one single time.  You don't say afterward, "Hey the button was highlighted in blue.  Didn't you understand the highlight color or read the manual fine print?"

I didn't even know I was using a Seed based wallet and that is a major problem. 

My wife is an attorney for insurance companies and fine print means jack shit.  Nobody reads fine print and everyone knows that and they are mostly used to just scare laymen from lawsuits.

I believe Coinbase has a hefty class action lawsuit coming for them.

Hopefully it will be a wake up call that they cannot pretend to be a trusted bank on one hand, but also have the willy nilly attitude of some offshore tech company.
HCP
legendary
Activity: 2086
Merit: 4363
It's certainly a tricky problem that UI/UX designers need to consider... "Ease of onboarding" vs. "ensuring customer data is secure"... especially in today's world of "instant gratification, please" Undecided

Perhaps another strategy would be to highlight to the user the risks of "transacting" without having created a backup? Huh ie. If you click "receive" (showing intent to receive funds into the wallet) and the backup process has not been completed, either a big warning or another prompt to complete the backup process or both!


Am I just an idiot and deserve to lose all my money because I missed a button?  Are all the other people who it has happened to also just so stupid they deserve?
You are not an idiot. You just didn't have the needed knowledge and patience to research what you are getting into, and unfortunately, it cost you quite a lot of money. Embarrassed
I felt like an idiot when it happened to me. I'm just thankful that when I learned the "backup first" lesson... it only cost me a couple of satoshis.
legendary
Activity: 2730
Merit: 7065
My massive error was not properly understanding what Backup meant.  Back what up?  My iPhone is already backing up through the cloud.  Why would I need their stupid backup?  I had to give an account name, a pin, it uses my biometrics... but none of it mattered.  None. 
Unfortunately it didn't. I can understand your disappointment but you have to realize that all of this could have been prevented if you were a bit more cautious and asked these questions before you started using the wallet. The screenshot HCP posted says: Don't risk your money. Take 2 minutes to back up your wallet. I can understand that you are new to crypto and you didn't know the importance of seed phrases, but didn't it occur to you to research what they mean with backing up a wallet and how can one lose access to crypto? The Backup now button is in blue. Coinbase uses visual stimulus to make you press that button. The Later button has no highlighting, it's less visible because of its less importance.   
  
Why not simply show the words/keys before letting someone transact.  Or why not say, "If you lose these Seed words, you lose all your money?"
I agree, they should have showed them at the beginning and most wallets do. It doesn't say what you wrote, but they do warn you that you are risking to lose your money if you don't back up your wallet.
 
Am I just an idiot and deserve to lose all my money because I missed a button?  Are all the other people who it has happened to also just so stupid they deserve? 
You are not an idiot. You just didn't have the needed knowledge and patience to research what you are getting into, and unfortunately, it cost you quite a lot of money. Embarrassed
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
You get the (!) warning symbol next to the "Recovery Phrase" option... Tapping that options takes you to back to the Recovery Phrase window as above.

I should point out that if you click "later" (or the 'x') to close the backup popup... then close and re-open the app, you get the "Don't risk your money" pop-up again.


What do people think? Huh
I think the user should be reminded to backup the seed until the software has confirmed the seed has been backed up. IMO, the importance of backing up the seed should be made more clear, as I can understand how a new user of bitcoin might not understand what this means and the implications of not backing up their seed.

This would remove the incentive for the user to 'fool' the software into believing they have backed up their seed, and would help educate newer users as to the importance of backups.
legendary
Activity: 2268
Merit: 18771
you even quoted that part Wink
Oh lol, I misread as "you don't get the "Don't risk...". My bad. So if you haven't made a back up, you get that warning every single time you open the app?

How is showing 12 words and getting the user to re-enter them "adequate notice or warning" compared with:
Quote
"Take 2 minutes to backup your wallet, and never risk losing your money"
Because forcing the user to re-enter the words on a new screen means they must have copied them somewhere. It might be somewhere inappropriate such as taking a screenshot, but it still forces them to make a copy in some format. Having a button which allows you to skip the whole process entirely is inadequate.

if someone doesn't understand that they need a backup of a wallet because iCloud backup isn't a magic bullet... they're probably not likely to realise how important the 12 word backup is anyway...
Surely this is all the more reason to force them to view the seed phrase and re-enter it on the next screen. If they don't know how important a seed phrase is, then giving them the option to skip over it entirely doesn't exactly help the issue.
HCP
legendary
Activity: 2086
Merit: 4363
But not displaying the seed phrase by default, allowing the back up to be skipped and still have full use of the wallet, and not providing future reminders other than a small "!" in the settings menu is not enough in my opinion. If they aren't going to display the seed phrase by default when you create the wallet, then I would expect something like a notification screen every time you open the app or a banner at the top visible at all times saying that you have not backed up the wallet.
errr... that's exactly what it does... you even quoted that part Wink
I should point out that if you click "later" (or the 'x') to close the backup popup... then close and re-open the app, you get the "Don't risk your money" pop-up again.


If the user copies and pastes or uses some other method to avoid writing down the seed phrase, than that is entirely their fault and they cannot argue they were not given adequate notice or warning.
How is showing 12 words and getting the user to re-enter them "adequate notice or warning" compared with:
Quote
"Take 2 minutes to backup your wallet, and never risk losing your money"

Huh

IMO, the real issue, as someone mentioned earlier, is education... if someone doesn't understand that they need a backup of a wallet because iCloud backup isn't a magic bullet... they're probably not likely to realise how important the 12 word backup is anyway... and that's when people take screenshots, or email them to themselves, or scribble it on an easily lost post-it/notepaper so they can "just get past this stupid dialog and start using the app" etc... and then they just end up losing money further down the line. Undecided

It's certainly a shitty situation... and I've done it myself... granted, only a tiny fraction of the amount lost here... so I was lucky and learned the lesson "cheaply".


@dadbody00, best of luck with the arbitration... and I hope this experience hasn't totally put you off crypto.
legendary
Activity: 2268
Merit: 18771
You get the (!) warning symbol next to the "Recovery Phrase" option... Tapping that options takes you to back to the Recovery Phrase window as above.

I should point out that if you click "later" (or the 'x') to close the backup popup... then close and re-open the app, you get the "Don't risk your money" pop-up again.


What do people think? Huh
Definitely not enough. Every other good wallet I have used which uses seed phrases displays them by default on set up and requires the user to confirm them on the next screen. If the user copies and pastes or uses some other method to avoid writing down the seed phrase, than that is entirely their fault and they cannot argue they were not given adequate notice or warning. But not displaying the seed phrase by default, allowing the back up to be skipped and still have full use of the wallet, and not providing future reminders other than a small "!" in the settings menu is not enough in my opinion. If they aren't going to display the seed phrase by default when you create the wallet, then I would expect something like a notification screen every time you open the app or a banner at the top visible at all times saying that you have not backed up the wallet.

Coinbase market their wallet as an easy to use solution for non-technical minded users who may feel uncomfortable using a more technical wallet. These users may be entirely unaware of the importance of seed phrases, as in OP's case. Giving them the option to skip the only way to recover their coins is unacceptable.
newbie
Activity: 6
Merit: 20
To answer your question...Should the app just go straight to the "Recovery Phrase" window and refuse to let the user use the app without completing the backup process at least once?

YES.  It is called providing the password.  If there is a magic word to a vault, you tell the customer the magic word.  Why would you not?  Is there someone out there who doesn't want to know the magic word to the vault?

I plan to file a lawsuit against Coinbase go through their Arbitration process.  Who knows how that will go down but I truly feel cheated of common sense.  And it also irks me that I chose to use Coinbase's wallet because they were my trusted crypto bank.  I wish I just used Trust Wallet now obviously.  Would have saved me a lot of money and headache.

Just tell the customer the magic word before you lose the keys to the vault.


newbie
Activity: 6
Merit: 20
My response is... No, not enough. 

I simply pressed "Later" not understanding what they were asking and then transferred money and then the app crashed and I lost what is now $20,000.

My massive error was not properly understanding what Backup meant.  Back what up?  My iPhone is already backing up through the cloud.  Why would I need their stupid backup?  I had to give an account name, a pin, it uses my biometrics... but none of it mattered.  None.   

Why not simply show the words/keys before letting someone transact.  Or why not say, "If you lose these Seed words, you lose all your money?"

One button/misunderstanding at the very beginning should not cost $20,000.  It coulda cost millions.  Would that be okay?

Coinbase needed to show me the Seed words before letting me transact.  They did not.  They never showed me any Seed Phrase and therefore never provided it.  Burying something in Settings is completely irresponsible.  Just show the words UP FRONT. 

Whatever they did failed me.  Did it not?  Am I just an idiot and deserve to lose all my money because I missed a button?  Are all the other people who it has happened to also just so stupid they deserve?  There should be 0% chance of someone never seeing the Seed words.


HCP
legendary
Activity: 2086
Merit: 4363
For the record... Coinbase wallet asks if you want to create a backup when you set up a new account

"Take 2 minutes to back up your wallet, and never risk losing your money."



Tapping backup takes you to the "Recovery Phrase" window... with a (!) Not backed up warning at the top... your 12 words and the text:
Quote
These 12 words are the keys to your wallet. Back it up on the cloud or back it up manually. Do not share this with anyone

And then provides 2 options:
- Back up on Google Drive (I assume because this is Android version, not iOS)
- Back up manually

I can't take screenshots, because the app doesn't allow screenshots on the recovery phrase windows for security reasons Tongue If you don't complete the process by either backing up to the cloud, or backing up manually (which requires that you re-enter all the words in the correct order), it shows the following in the settings menu:


You get the (!) warning symbol next to the "Recovery Phrase" option... Tapping that options takes you to back to the Recovery Phrase window as above.

I should point out that if you click "later" (or the 'x') to close the backup popup... then close and re-open the app, you get the "Don't risk your money" pop-up again.


What do people think? Huh

- not enough? Should the app just go straight to the "Recovery Phrase" window and refuse to let the user use the app without completing the backup process at least once?
- Just right? It offers the backup option at startup, but also gives the "Later" option if you're willing to accept the risk of not having a backup and reminds you to backup later if you haven't.
- Too much? nagging popups are annoying and unnecessary!
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
For "testing purposes", I'll just copy paste it to a txt file for easy access, it's not too much of a hassle.
If you copy a seed into a text file (that may not even get saved), you are not really backing up your seed. I do the same thing when I am deciding if I want to use a different wallet software.
"Pasting it to a txt file" is a reply to the "test" part, it's pretty obvious given the text "For testing purposes". A note about not actually backing up the seed in that case is unnecessary.

For the other parts, I've already posted my opinion.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
-snip-
It is really not possible to confirm the user has backed up the seed-phrase beyond forcing the user to check a box saying they have done so. A user could screenshot a seed, or copy it into a notepad document to help them "confirm" their seed is backed up.
I have tested a lot of wallet and those types usually have a "confirmation page" next to the window where the seed phrase is displayed.
There, the user will have to paste some words (2-4) in random positions to confirm that the user did backup the phrase and to check if the backup is correct.

For the trouble of backing up, forcing people to backup IMO has more advantages than disadvantages; people familiar with non-custodial wallets will surely back it up regardless whether it's forced or not, then people who have no idea of a seed phrase will be forced create a backup before they can create a wallet, the issue in the OP wouldn't have happened if this was the case.
Educating the user is good but not all people read what's written in the notes, if the backup procedure is "forced" and they can't proceed, they may as well read what's written in the warnings.

For "testing purposes", I'll just copy paste it to a txt file for easy access, it's not too much of a hassle.
If you copy a seed into a text file (that may not even get saved), you are not really backing up your seed. I do the same thing when I am deciding if I want to use a different wallet software.

If a wallet knows that you have not backed up your seed, it can warn you about the risks associated with not having backups until it believes you have created a backup. If a user were to fool the software they created a backup with a text file for example, there would be no reason for the software to continue bugging the user to create a backup.

Someone who keeps $100 in their phone wallet to use to buy lunch might understand the risks associated with not having backups, and not create them because of the amounts involved. However, if they were to later send thousands of dollars worth of coin to that wallet for whatever reason, they would probably want to have backups, but the fact they never created a backup might get overlooked.
legendary
Activity: 2268
Merit: 18771
In the end, I think Coinbase is the eager and careless party rushing a reckless product that lacks common sense and is below industry standards.
You've pretty much just summed up Coinbase's entire business model. If it attracts new users to their platform, they don't actually care about how well it does (or does not) function.

Educating the user is good but not all people read what's written in the notes, if the backup procedure is "forced" and they can't proceed, they may as well read what's written in the warnings.
Agreed. TrustedCoin on Electrum is a great example of this. It spells out quite clearly when you make a new wallet that you will be charged a fee for to use the service. The entire text you have to agree to is 4 very short paragraphs - it can be read in under 30 seconds - and yet we have endless users not understanding why they have been charged a fee and starting new threads complaining about it. Please do not read instructions, even when it comes to their financial security, but if you make a page that they cannot progress past without confirming their seed, then they will at least read what they are supposed to do.

I don't even necessarily like the idea of forcing someone to digitally backup the wallet.
This would be a terrible idea. The whole point of seed phrases is to not back them up digitally. Writing them down on paper and keeping them offline is far more secure. Any wallet which forces you to back things up to a cloud server or otherwise digitally should be avoided at all costs.
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
As is, it is a very dangerous financial services application for general use to the public.  They need to know this and do better.
Leaving a 1-2 star review to their app with similar context to your post is usually enough to get Coinbase's attention.
Most of the time, developers respond to reviews with low rating.
newbie
Activity: 6
Merit: 20
These are all great thoughts. 

I don't like forcing a user to do too much either.  I don't even necessarily like the idea of forcing someone to digitally backup the wallet.

BUT I DO think they need to have "shown" the words "on screen" at some point to consider it delivered.  (especially if they don't require the other stuff we talked about). 

I was NEVER ever shown a Seed phrase and therefore believe I was never provided it in my opinion. It is like selling a house without physically producing the keys and then blaming the buyer when he gets locked out five seconds later.  That is absurdly dangerous and not very hard to change.

Also I re-tested the acct opening process on my wife's phone and we both were in agreement that having it say "backup" to cloud without really knowing what they are talking about is kind of weird and confusing for some.  I didn't even know what that meant.  Back what up?  The application?  My iPhone is already backing up through the cloud.  Why do I need their backup?  That is not a completely irrational thought.  I have to give an account name, a pin, it uses my biometrics... but none of it mattered.  None. 

You can't sell expensive properties without providing the keys.  Coinbase failed to provide them.  They hid the Seed words as far as I am concerned in a backend menu.

As is, it is a very dangerous financial services application for general use to the public.  They need to know this and do better.



legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
-snip-
It is really not possible to confirm the user has backed up the seed-phrase beyond forcing the user to check a box saying they have done so. A user could screenshot a seed, or copy it into a notepad document to help them "confirm" their seed is backed up.
I have tested a lot of wallet and those types usually have a "confirmation page" next to the window where the seed phrase is displayed.
There, the user will have to paste some words (2-4) in random positions to confirm that the user did backup the phrase and to check if the backup is correct.

For the trouble of backing up, forcing people to backup IMO has more advantages than disadvantages; people familiar with non-custodial wallets will surely back it up regardless whether it's forced or not, then people who have no idea of a seed phrase will be forced create a backup before they can create a wallet, the issue in the OP wouldn't have happened if this was the case.
Educating the user is good but not all people read what's written in the notes, if the backup procedure is "forced" and they can't proceed, they may as well read what's written in the warnings.

For "testing purposes", I'll just copy paste it to a txt file for easy access, it's not too much of a hassle.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
Based on your story, I don't think your beef is with Coinbase, I think your beef is with either apple or with Uniswap.
The thing that's wrong in their implementation of a "non-custodial" wallet is to let the user create and use a wallet without backing-up the seed phase.
After creating the wallet you'll have the option to select "later" on those important matters like "backup recovery phrase".
Other mobile/online wallets do this but it's usually tied with an account username and password to access the encrypted copy in their server even if the seed phrase wasn't backed-up.
"Good wallets" wont even let the user create the wallet without copying the phrase and confirming the backup.

It is really not possible to confirm the user has backed up the seed-phrase beyond forcing the user to check a box saying they have done so. A user could screenshot a seed, or copy it into a notepad document to help them "confirm" their seed is backed up.

While I do agree that user should backup their seeds before using their wallet to hold any substantial amounts of coin, I am not in favor of forcing people to do anything. IMO it would be superior for a wallet to educate users as to the importance of backups and let them make their own decisions. I'm sure there are lots of situations in which people will 'test' wallet software with smaller amounts of coin to see how they like the UI, and might not be inclined to make a serious effort of backing up their seed. Allowing for the "later" option for when a seed will be backed up (along with a stern warning) might result in some additional wallets being backed up.
newbie
Activity: 6
Merit: 20
Thanks all for taking the time read this.  Sincerely.  And I appreciate the feedback and insight.

I have recently been able to get back into my Wallet and connect it to my Coinbase account, and scroll through coins, and see my values etc...but the Seed phrase still won't show.  It is unclickable.   And the Wallet times out with transactions (even to my Coinbase account which it lets me link to with 2FA) so something is still off.  And in the end, the Seed phrase has yet to have ever been provided to me.  And if that is the one and only fail safe for a product that seems like it knows ahead of time it will lose your private keys on your device, then it must be better executed.

Trust Wallet does a good job.  I checked that out.  It makes Coinbase look like a con job.  In fact, the more research I have done the more negligent and dangerous I find the Coinbase product to be.  I believe they even slapped their brand name on someone else's Toshi Wallet which is always a sign.

I too would like to make very shitty products and then blame the customer for his stupidity and ignorance, but this isn't a microwave.  This is potentially people's financial lives.  Why not just make absolutely sure you actually give the buyer the key and he has them in his hand before you ride off into the sunset.  Don't leave it in the grass and motion to it.  Don't mumble.  If he knew they were there and he was going to get locked out, don't you think he would take them???  Physically show it like other companies do.  Produce it in reality rather than wishful thinking.  Is that too much to ask?  It is common sense and required in every other industry.  And if you really want to get a gold star do what the other companies do and have them re-arrange the Seed or something just to be extra sure he saw it.  But to never ever show it.  To bury it in the backend and then have it grayed out?   It is not a question of the consumer being "too" eager to use a product.  Maybe I was but people aren't going to change.  The shitty app design is what needs to change.

In the end, I think Coinbase is the eager and careless party rushing a reckless product that lacks common sense and is below industry standards.  With any financial service product comes great responsibility and the "blame the customer" model is a poor business trajectory.  Especially when so solvable.

Coinbase never showed the Seed phrase and therefore never provided it before the app crashed.  That is a problem.
HCP
legendary
Activity: 2086
Merit: 4363
Ouch. It was painful to read that... Undecided

Sadly, a not uncommon occurrence... users skipping through setups, eager to play with their bitcoins (perhaps a little too eager?)... not reading everything perhaps as well as they should... perhaps not taking the time to understand exactly what it is they're doing... or how the wallet/app works Undecided

Roll forward a little bit and some unforeseen event occurs (hardware failure, OS update, lost phone etc)... and suddenly, they're looking for information that they skipped over Undecided


Being your own bank affords some great freedoms... but also demands some great responsibilties... Crypto can be really unforgiving of "minor" mistakes.
legendary
Activity: 2730
Merit: 7065
It's a sad story, and although I agree with what you and nc50lc said about the possibility of saving the seed for later, ultimately, it was you who was careless and didn't take proper care of your sensitive information. You went with convenience instead of security. The secure way to do it would be to make multiple copies of your recovery phrase and store them in different locations. After that, you could have tried to restore your wallet to see if you wrote down the seed correctly and it's recovering the correct addresses.

The fact that Coinbase can't help you to recover your seed is exactly how the system is set up to be. Imagine if customer support representatives had access to seeds, what would be the point of Bitcoin and a non-custodial wallet?

I hope you will find a way to recover your money and never make shortcuts like you did with the seed phrase.  Undecided 
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
Based on your story, I don't think your beef is with Coinbase, I think your beef is with either apple or with Uniswap.
The thing that's wrong in their implementation of a "non-custodial" wallet is to let the user create and use a wallet without backing-up the seed phase.
After creating the wallet you'll have the option to select "later" on those important matters like "backup recovery phrase".
Other mobile/online wallets do this but it's usually tied with an account username and password to access the encrypted copy in their server even if the seed phrase wasn't backed-up.
"Good wallets" wont even let the user create the wallet without copying the phrase and confirming the backup.

So I confidently tried Coinbase Wallet... and it loaded..for a moment...before flashing an error message:  "Failed to retrieve keys, please sign in again (Error Code -25300).  Two buttons overlayed above my account that show values updating in real time: Sign Out or Retry.  I have "Retried" a hundred times but it just flashes the same message.
Some restored files in your phone must be corrupted and it's a common thing in file recovery.
It's a non-custodial wallet so the corruption might have affected your keys that were saved in the device.

I don't use iPhone but try to contact your "friend" if he can make a backup of your phone, some keys may still be somewhere in the app's data, the problem is finding out where to find them.
copper member
Activity: 1666
Merit: 1901
Amazon Prime Member #7
You may be able to access your old keys/seed if if you can access your old backups from your iCloud account.

Based on your story, I don't think your beef is with Coinbase, I think your beef is with either apple or with Uniswap.
newbie
Activity: 6
Merit: 20
I have been a user of Coinbase and Coinbase Pro for years, so when I decided to try a Wallet with them I think my gravest error was perhaps being too comfortable with the brand and services -- and it cost me $15,000...and growing...

It began with excitement to try Uniswap.  I looked at the wallets that could link and there I saw one by Coinbase.  Great.  They have been my loyal crypto bank for years.  So I excitedly downloaded the App and created a wallet.  It asked me to create a user ID, a pin, plus another thing I could "Save for Later."  I plowed ahead and the wallet worked well.  It used my biometrics to open and close and transfers happened almost instantaneously between my CB acct and the Wallet, like Coinbase Pro does.  It seemed like another great product that linked my accts together and I was in good hands.  So I transferred more funds into it.  And then I transferred more funds...

Until one day after my iPhone auto-updated, when I tried to open my Wallet it asked me to create a new Wallet or use a back up.  Back up?  I touched my thumb to the pad again. Why isn't it opening like usual?  My stomach started to sink.  Is this Keys and Back Up thing they now want, could that possibly be, the seemingly random action that I was able to click past and "Save for Later" when first setting up my account?  I think you know where this is going.

I am not totally unfamiliar with Seed Keys.  I had a Nano Ledger in the day and that product made you very aware of your Seeds.  It was impossible to even begin to use the product without them.  I used Trust Wallet and it made me go through an entire process of re-arranging the Seed words before I could even proceed with the account, all helping me as a consumer understand the significance and importance of the process and making sure I did not proceed carelessly.

Upon realizing that Coinbase was not one of the aforementioned quality providers of Seeds, I started to have a panic attack and after convo with tech friend decided to restore my iPhone to before the update.  (Note: While restoring iPhone I had to "Save for Later" about a half dozen actions like Siri, Apple Wallet, other add-ons and extras like we often see).  Once updated, I waited for the apps to load.  Then I held my breath and first tried Coinbase main app.  It opened automatically with my fingerprint.  Bingo.  Then I tried Coinbase Pro.  It also opened with my fingerprint.  I was feeling hopeful!  So I confidently tried Coinbase Wallet... and it loaded..for a moment...before flashing an error message:  "Failed to retrieve keys, please sign in again (Error Code -25300).  Two buttons overlayed above my account that show values updating in real time: Sign Out or Retry.  I have "Retried" a hundred times but it just flashes the same message. 

I can't get past the error message yet I can see my coins in the wallet, the values updating in real time, as a reminder of how much I failed my family and myself, and about how much Coinbase failed me.  In trying to protect the sacred Keys from some villain in a virtual world, they failed to protect me, the long-standing customer, an average person prone to digital overload in the real world.

I wrote Coinbase promptly and they kindly told me they would transfer me to a Specialist.  After several days I got a copy and pasted email of the same canned fine print from the website about how the Seed Keys are my sole responsibility and essentially that my funds are gone.  What Seed Keys, I said?  You never showed them to me.  Literally.  I don't know where they resided in the app.  I submit that is a problem.  As I long time customer of Coinbase, I am very disappointed and believe that my trust in the company is partially what emboldened me to press "Save for Later."  It was like buying a trusted name brand.  It is why I chose their wallet in the first place.  I know we can point fingers and say, welcome to crypto, dummy!  Or...you are an idiot!  Trust me, I know!  But I can't help but think how easily Coinbase could have and should have protected people like me with better processes that are at least up to industry standard.

One problem is I sincerely don't believe Coinbase cares about me or my business.  If they did, they would have put more than five seconds into making sure this cannot happen so willy-nilly.  As an example, even when you delete an account from Google Authenticator it says it is holding onto it securely for 48 hr hours.  And I can't even proceed into some exchanges without setting up 2FA and authenticating all my credentials simultaneously.  Yet CB allowed me to unknowingly hand over the keys (excuse me, throw away the keys) by pressing "Save for Later" and an auto-Apple Update... while providing the illusion through a pin and biometrics that I was secure.

Long story short (too late)...Is there any possible way to retrieve the keys or do a workaround since my phone pretty much opens it up but just can't get past the error message?  Is there any action at all to take?

Moreover, I want Coinbase to make sure they fix this issue by adopting industry standards with protocols for Seed Key distribution so it never happens again to anyone else.

Any ideas toward any of these is very welcome!

"Save for Later"



Jump to: