Avatar
The Fishcake (nostr.build) 8mo ago

Although I sympathize with the folks at Coinos, but at the same time I detest reckless approach to how many startups and companies treat crucial data at the core of their business. This triples when it comes to the service that deals with your money. Why didn’t service had a proper synchronous replication? Why wasn’t transaction log fully signed and have measures in place that would prevent tampering? Why the service accepted any transactions that it couldn’t guarantee and ensure their safety with multiple redundancy records before acknowledging them? So many questions, and so many reasons I do not trust any of the new services with anything that I care about.

Again, it’s not a criticism of the people at Coinos, but a reality check for the user and how they should treat any new contractual relations. Don’t trust, verify and question! 🫡🫂

nostr:note14r3wtylaxgvdjtyhvemyjpwwt2zlj5c5cghrayhlrmam4dn8yetqw5acle

Reply to this note

Please Login to reply.

Discussion

Avatar
Uno 8mo ago

nostr:note10rndqcd42q4x3e36z90g7jwr06w6dkw6fslhlmalt2tjwg4nwlysxts045

Avatar
The Fishcake (nostr.build) 8mo ago

What did you expect? Bank grade financial competency? 🤣

Avatar
Uno 8mo ago

No but I expected to be able to at least send my funds and not get them locked

Avatar
The Fishcake (nostr.build) 8mo ago

They are locked because Coinos doesn’t know if you have funds to begin with 😂

Avatar
semisol 8mo ago

The balance sheet was lost in a boating accident

Avatar
Uno 8mo ago

Yikes, I don’t really care cause I had so little but that’s not good, I minted 1500 sats in ecash and it didn’t even let me see it. It’s gone now 😂

Avatar
d34e832d... 8mo ago

Yest but if you aren’t running your own node and using Zeus or even PhoenixD . You can’t expect someone else to give you that granular control. If people don’t want to learn how to do it themselves you can’t hold CoinOS responsible or Samourai Wallet as they are the best options for coverage we have dealing with new levels of entropy and uncertainty daily. Every user should use a different bitcoin address when sending most don’t even do that

Avatar
The Fishcake (nostr.build) 8mo ago

Coinos is a financial service, so if they open doors to regular people, they have responsibility to maintain accurate transaction log. No buts or ifs

Avatar
d34e832d... 8mo ago

My only point being only by running your own node will you truly understand the Bitcoin protocol and reclaim full sovereignty over your transactions.

Avatar
The Fishcake (nostr.build) 8mo ago

Not like you know how to not rug yourself, which happens all the time.

Avatar
d34e832d... 8mo ago

The bank took 2000 dollars this year in fees I did sign

Avatar
d34e832d... 8mo ago

The bank took 2000 dollars this year in fees I did not sign

Avatar
d34e832d... 8mo ago

Larry howaii is a multimillionaire because he robbed a whole generation of self custody

Avatar
Justin_Tokyo 8mo ago

Fair criticism, but apparently the guys nostr:nprofile1qqst4qyeqenw7zm0fwjsty68h6cnys5jre2xd8ngqpjv5a2j26s78fspzemhxue69uhhyetvv9ujucm0d9hx7uewd9hj75a0pev are trying their best to get everything back on track.

Hopefully, they will learn from their mistakes and eventually pay attention to your questions.

Avatar
The Fishcake (nostr.build) 8mo ago

Somehow I doubt that would be the case, people cannot change their fundamental mindset that got them into situation like that. The history is littered with cases like this, and somehow everyone thinks they’ll get lucky without putting in any effort

Avatar
Eluc 8mo ago

I'm also wondering how realistic it is to have such measures in place and who deploys them already and if not, why?

And whatever the measures you took, how will it be handled in case of an issue. Is there automated safety mechanism? Was is simulated and trained on a test instance?

nostr:nevent1qqs8qsk5ad0uz95a2423mqez4jg5d5sh37d6twtt454528zwjmkcj9cpzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtczyz8mzs95arw7l97wfwpp6frj0zs6gdfnvf3r7eqzzjztxuhefqqqcqcyqqqqqqgzgjq5p

Avatar
Constantin 8mo ago

Now put in the equation normies like me who have no idea about anything like this.

As a random example, people say to run my own node, while I don't own a computer. And there are a lot of people like me, my life happens "at the lowest level" in construction places.

Avatar
The Fishcake (nostr.build) 8mo ago

Don’t listen to the propagandists who do not even have their own opinion, just parroting the same narrative that they don’t even understand themselves

ed
ede3d957... 8mo ago

You can run a Monero node on your phone. Or you install Orbot and use a remote node.

Monero's out if the box feature as money incluy privacy are incredibly underrated by ffuat NGU Bitcoin fanboys.

Avatar
TheGrinder 8mo ago

Monero isn't Lightning so what exactly if your point? And yes, I do own and mine Monero but this absolutely unrelated to the topic at hand.

ed
ede3d957... 8mo ago

Normie's hardly ever will getba self-custodial LN node to run properly.

Self-custody with Monero is like a fresh breeze of air in comparison.

Avatar
TheGrinder 8mo ago

So is using Bitcoin on the main-net.

ed
ede3d957... 8mo ago

Yes, but without privacy.

Avatar
₿oniz23⚡️🏴‍☠️🇮🇹 8mo ago

GM bro 💜🤟🏴‍☠️ don’t trust verify 😉 always

Avatar
Spaniard 8mo ago

Saying you detest their reckless approach IS a criticism of the people at coinos and an unfair one at that. It’s not reckless, it’s just a massive undertaking for a company with limited resources. More 🫂 and less harsh words. They are people too

Avatar
The Fishcake (nostr.build) 8mo ago

Apologies for being unclear, I am not criticizing *individuals* at coins, but all the *companies* that demonstrate reckless behavior towards their customers’ data and funds. More criticism toward companies (small or big) for not performing basic due diligence towards their customers. I am sure if that was some other famous company, people would get their pitchforks and fires out, and be all over them. If it’s a massive undertaking, then take it with a massive responsibility or stay out of that business.

Avatar
Spaniard 8mo ago

Again it’s not reckless behavior, it’s just a growing company. Every single financial company that has ever existed has been through the same thing— it’s not possible to avoid.

Avatar
semisol 8mo ago

It is reckless behavior to not have synchronous or asynchronous replication for data that cannot be lost.

Most LN node operators do this but somehow not a large custodian.

Avatar
Spaniard 8mo ago

Most node runners don’t support a UI, users, nearly the same amount of bitcoin, a separate database for the custodial balances, all sorts of features, etc. It’s easy to look at one thing that goes wrong and call them reckless, when in reality they are doing an amazing job and have solved 500 other things that could go wrong

Avatar
The Fishcake (nostr.build) 8mo ago

Yet failed to address the core and the most fundamental thing, the balance sheet. Really? Prioritizing features over integrity is not the smartest move one can make.

Avatar
semisol 8mo ago

ask people in a serious noderunners chat and they will say they use replicated Postgres.

so why is Coinos not replicating their DB?

you may have built a perfect house that is resistant to flooding but if you build it on mud then none of that matters

Avatar
Spaniard 8mo ago

I’m sure the answer lies somewhere in the realm of there is a lot of shit to do

Avatar
The Fishcake (nostr.build) 8mo ago

“Not possible to avoid” is a fairytale created by the companies to lessen their responsibilities. Was it hard to research the space for such lessons and learn from them? I am fully aware of what can and cannot be done, and that is why I am very critical of any company that takes their customers’ trust lightly or for granted. If the core of the business is to maintain a balance sheet of financial records, and you take your customers’ money without ensuring that the record is safe and accurate, you should not be in that business, period!

Avatar
Spaniard 8mo ago

“Not possible to avoid” is my opinion based on many years of doing similar things. “Was it so hard to research the space for such lessons and learn from them”- yes it’s extremely difficult.

Avatar
The Fishcake (nostr.build) 8mo ago

Not in my experience, but that’s just me. Risk assessment is important part of any serious business, and better if done by the competent third party

Avatar
The Fishcake (nostr.build) 8mo ago

Also, so we don’t go on a long rant here. I have no horse in this race, but maybe a few friends who has their funds locked up with no maybe 0 hope of recovery.

Avatar
Spaniard 8mo ago

No worries on a long rant. I’m tired already lol. Also don’t have a horse in the race— just have respected what they’ve done from the outside. I hope the best for all their users and they, as a company, can learn and continue to provide a great service

Avatar
The Fishcake (nostr.build) 8mo ago

Good talk! Thanks for having a meaningful conversation with me! 🫂🫡

ed
ede3d957... 8mo ago

I feel you, but having friends that use a custodian for their Bitcoin is a huge red flag. Either you failed at educating them or they are not listening to you pretending to be your friends.

ed
ede3d957... 8mo ago

Imagine being a Bitoin maxi that thinks we need exploitable custodial and privacy destructing third party services for Bitcoin to thrive.

Some have it so backwards, I rather prefer to speak to some unconscious fiat supportter than some delusional maxi (fiat) NGU fanboy.

ed
ede3d957... 8mo ago

Those appreciating consistency, privacy out of the box and have a use case for money will learn to appreciate Monero's work over the last 11 years.

Avatar
The Fishcake (nostr.build) 8mo ago

Don’t compare apples to oranges, and don’t parrot shit around.

Avatar
TheGrinder 8mo ago

Last time I questions something I was told how much of a poor creature I am for daring to look into their github, then ask questions.

Avatar
semisol 8mo ago

Setting up DB replication takes 1 hour, and instead of spending 1 hour they did nothing.

They should shut down their custodian, let everyone pull their funds out, and don’t relaunch it until they fix these issues and have a proper disaster recovery plan.

Or lose all their business.

Avatar
TheGrinder 8mo ago

Well, not everyone has what it takes to be a money transmitter, exchange or custodian.

Avatar
semisol 8mo ago

Then they shouldn’t be

Avatar
mIX 8mo ago

Running a lightning based service would be risky as soon as you run into trouble. Lightning is a bit tricky because if your backup is slightly out of date, channels are getting force closed and you'd have to manually piece together all the transaction logs. Looks like that's what they're having to do.

I played around with LNbits and LND custodial accounts back in the day and the thought of runing wallets for family members seemed very risky. If your node dies, good luck sorting it all out.