Thanks for all the input guys. I know (we all know) nothing is 100% safe. I just wanted to get a sense of what everyone thought about Coinbase's wallet. I like the convenience of their service. I like that they keep 90% of their btc in cold storage.
In certain kinds of transactions it can be useful, and in some cases required, to have the ability to 'sign' arbitrary messages with a secret key associated with a paying address. Coinbase seems thus-far to not implement this feature. I don't consider it to be a competitive 'wallet service' until they do.
Actually, I don't consider any service which does not use 'user controlled encryption' (like blockchain.info) to be a very good service for general spending wallet work. UCE, if reasonably implemented, shifts the risk to the customer's own platform, and in some ways that is even less safe. But I personally would rather manage my own security.
I would feel even better if they guaranteed our btc. Say they got hacked, it would only be a fraction of their/our holdings and they could keep a reserve to refund any loss.
I am looking forward to the day when 'bonding' is in more wide-spread use. Say, for instance, Coinbase posts a bond for the amount of funds which they hold in hot-storage. Since the bonding agent has their own ass on the line, they will be likely to do high quality audits of the vendor with the appropriate non-disclosure agreements and such.
I've never felt any desire to 'put my BTC to work' and draw them out of cold storage. If an opportunity to invest them in a well designed and verifiable bonding and/or insuring effort came about, I might change my tune. In part because I believe that this is a market segment that the Bitcoin ecosystem badly needs in order to develop. But mostly to make some money to be honest.
.
