Holding nearly a million BTC, revealing how the giant whale Coinbase manages them

Written in front: According to statistics from chain.info, the Bitcoin assets currently managed by Coinbase have reached 970,294.77 BTC (valued at about $ 8.5 billion), and most of these assets are being held by Coinbase Custody, and huge Of user funds must be equipped with the highest level of custody measures and management methods, because security is the main reason for large institutions and high-net-worth individuals to be willing to trust large amounts of assets to service providers.

In this article, Andrei Anisimov, Engineering Manager at Coinbase Custody, describes how the company uses Bitcoin's "Child-Pays-For-Parent" technology to manage their wallets. 4

The following is a translation:

Security is the main content of all hosting technologies, and customers judge our products mainly by reliability and convenience. Our users often perform some high-value, highly effective withdrawal transactions, and then expect no delay in transaction confirmation on the blockchain, and a clean and predictable amount to reach the destination address (that is, No fees will be deducted from the amount).

Fortunately, Bitcoin ’s advanced technology , Father-Child Payment (CPFP), can help us achieve all of the above requirements, namely: zero-fee transactions, reliable confirmation time, while maintaining the basic attributes of secure cold storage (each private key Strict use once).

Bitcoin fees and cold storage

Generally speaking, every transaction submitted to the Bitcoin network requires a fee paid to the miner, and then the miner processes the transaction and puts it into a block. On average, the Bitcoin network generates one block every 10 minutes. When the size of all pending transactions exceeds the block size limit (1MB), miners will prioritize transactions with high fees and defer low-cost transactions to the next block. This process may be repeated multiple times, causing transactions to be postponed indefinitely (until the network congestion is eliminated).

If you traded bitcoin between 2017 and 2018, you may remember that during periods of sharp price fluctuations and other peak events, bitcoin transactions are often delayed by hours or even days. During this time, in order to ensure that transactions are not delayed, it is not uncommon to pay more than 100 times normal transaction fees. The chart below shows the fluctuation of Bitcoin fees.


(Figure: Historical data of Bitcoin transaction fees, from https://jochen-hoenicke.de/queue/#0,all)

At Coinbase Custody, we are aware of this obstacle and have tried some solutions to give our customers an advantage when they need it most. An obvious solution is to calculate the transaction costs immediately before broadcasting the transaction, knowing the current network conditions, so that we can predict the optimal cost.

Unfortunately, the security requirements of cold storage make it difficult to estimate costs before broadcasting.

Challenges for cold storage

The cold storage security model requires a complete understanding of the complete transaction payload (including the amount and destination) in advance to prevent any changes to the payload after the key recovery process is initiated.

On the other hand, because transaction fees are encoded in the payload, this means that the fees must be calculated early before the broadcast transaction. If the network suddenly becomes congested during this time interval, the calculated fees may be insufficient to confirm transactions in a timely manner.

Parent-child payment (CPFP) solution

An interesting feature of the Bitcoin UTXO model is that transactions can be bundled together, and then miners evaluate the fees as a whole. For example, if one (child) transaction spends the output of another (parent) transaction, the child transaction can pay for both transactions at the same time, and the miner has no choice if they want to Excess charges are charged for these transactions and they can only be included in parent transactions. This method is often referred to as the "parent-child payment" (CPFP) scheme.

Coinbase's client platform has used this solution to speed up withdrawals for a long time, and you can learn more in blog posts, and the unique challenges faced by Custody have forced us to reconsider the approach and from this Different designs are proposed.

In Custody's hosted products, we use “parent-child pay” (CPFP) technology to move cost estimates before the broadcast. In addition, we use special gas station services to pay for transaction costs. The step-by-step method is as follows:

  1. When a withdrawal is initiated from a cold wallet address, we will perform an initial cost estimate and use the gas station service to send 10 times the estimated cost to the address;
  2. In addition to the destination and change output, when constructing a withdrawal (parent) transaction, we add an output that moves the precharged 10 times fee to a special "expense" address (the address is generated for each withdrawal, and Only used once). We call this output the "CPFP link".
  3. Once the main transaction is signed before the key recovery ceremony and before the broadcast, the cost will be re-estimated based on current network conditions.
  4. The fee address will generate a sub-transaction, which will take the output of the CPFP link, pay the cost of the two transactions, and send the remaining pre-charge fee back to the gas station.

for example


Let us better understand the mechanism of this solution with a concrete example. Please note that for simplicity, some small details are omitted here.

Suppose we have a client with a balance of 15 BTC in his account, and then he wants to withdraw 12 BTC from his Custody account to an external Bitcoin address. Here are the steps that will take place (note that Satoshi is the smallest unit in Bitcoin and it equals 0.00000001 BTC):

  1. Custody estimates the cost of completing the transaction as Satoshi 10,000;
  2. The gas station sends 100,000 Satoshi with 10 times the estimated cost to the cold wallet address (the address where the funds to be withdrawn are stored);
  3. Withdrawal transactions generated by Custody have two main outputs: 12 BTC to the destination address, 3 BTC "change" back to the cold wallet;
  4. We added a third "CPFP-link" output to move 100,000 Satoshi to the newly generated fee address (this amount will be used to pay the fee later);
  5. The "Key Recovery" ceremony begins. As a result, a signed transaction payload is ready to be broadcast to the network;
  6. Just before the broadcast, we estimated the cost again. It turns out that the network suddenly became congested, and the current cost is twice the original estimated cost (ie 20,000 Satoshi);
  7. We create a sub-transaction, which costs "CPFP link" output, pays 20,000 Satoshi, and returns the remaining 80,000 Satoshi to the gas station
  8. We broadcast these two transactions to the network;

After this, the destination address will receive the full 12 BTC amount. From the user's point of view, fees and sub-transactions do not exist, they are abstracted, thereby realizing reliable zero-fee Bitcoin withdrawals.