mbarulli on Nostr: Interestingly, none of the crypto accounting services mentioned in my previous post ...
Interestingly, none of the crypto accounting services mentioned in my previous post has an official profile on Nostr. I’d really love to hear about the measures they have in place to defend the trove of customer data stored on their servers.
Even more interesting is the fact that none of these services moved the app logic to the browser and, by using client-side encryption, designed its service in a way that minimizes the amount of user data exposed to the server.
If anyone from Koinly, CryptoPanda, BlockPit, CoinLedger, TaxBit, CryptoTax, or other similar services is reading this and willing to share their perspective, I would be interested in hearing from you. Thank you!
#asknostr
Even more interesting is the fact that none of these services moved the app logic to the browser and, by using client-side encryption, designed its service in a way that minimizes the amount of user data exposed to the server.
If anyone from Koinly, CryptoPanda, BlockPit, CoinLedger, TaxBit, CryptoTax, or other similar services is reading this and willing to share their perspective, I would be interested in hearing from you. Thank you!
#asknostr
quoting nevent1q…0c4xIn 2020, ~270k bitcoiners around the world freaked out because of the data breach suffered by Ledger. The leaked information consisted “only” of email addresses, names, phone numbers, and home addresses. This data was later used for targeted phishing campaigns, and, allegedly, a few physical attacks as well.
Fast forward to today: bitcoiners are totally cool connecting their wallets and exchange accounts to crypto accounting services (e.g.: Koinly, CoinLedger, TaxBit, Coinpanda, ...) that download and store transactions and balances on their servers alongside personal data. These services could definitely leak a richer data set than Ledger.
An attractive target for attackers interested in chasing crypto riches. Essentially a honeypot waiting to be exploited.
Moreover, these accounting services are often run by small startups with a questionable security mindset, and undisclosed security policies and protocols. This raises concerns about their ability to protect user data.
What do you think? Am I missing something here?
(If you believe that "tax is theft", then this question may not be relevant to you, as it's unlikely you would use accounting solutions designed to help with tax compliance.)
