Lol. And here we are again. Storj does not want to hear that.
An exchange’s “one job” is to facilitate trades, not to act as a long-term endpoint for automated smart contract payouts. This seems to be a fallacy, the ‘one-job’.
I verified, with the documentation, and with recent undocumented events. The issue isn’t that they rotate addresses on purpose; it’s that they decommission old infrastructure.
Coinbase just did a massive on-chain migration in November 2025 to move funds out of legacy wallets. If your node is hardcoded to an old address and that path gets cut during a future upgrade, you lose the payout and have zero leverage with their support team to get it back.
That seems like a management point that I don’t want to create for myself. I’d rather use an exchange for what it’s designed for, to facilitate trades.
I’m not trying to make this combative. I don’t deal with crypto much but I do fact check what is considered best practice, both operational specific and security related.
2 Likes
I think Silk Road users had their “reasons”…
Well the whole thing started after the financial crisis I think with Lehman if I am right.
Back then banks were bad and the solution was a world without banks.
But I guess in reality it does not make much sense for most people. And most probably even don’t want to act as bank for their own money even if it was easier and much more intuitive than it is now.
It is similar to when Storj discovered that their customers don’t like to handle their own passphrases but want to delegate it to Storj and they had to build a solution for that. The initial idea sounds great but in reality nobody wants it.
All that web3 buzz where everybody wants to handle everything by theirselves on their own is totally overblown in my opinion and does not fit for most people.
1 Like
It’s worse. You are trusting hardware, firmware, and still have operational risks.
No. Exchanges exist to be custodial transaction endpoints with reconciliation and recovery , not just trade UIs. They explicitly support recurring deposits , mining payouts, staking rewards, payroll-like flows, etc. Address persistence is a necessity, not luxery.
Nonsense. This problem does not exist. If payment to the deposit address I generated 3 years ago gets missing – it will be on their support to figure out. Thier problem, not mine to worry about.
Look here:
all previously generated addresses will always be associated with the account
https://help.coinbase.com/en/exchange/crypto-transfers/generating-new-deposit-addresses
Precisely. You want to deal with it as little as necessary, delegating the work to those who want to deal with it. Coinbase in my case. Best practice is to not DYI everything.
1 Like
I think most users simply misunderstand risk involved. They think if they have the passphrase they are safe – and that holding them is intrinsically good, because they conflate control with safety. Some do that as a moral stance – anti-corporation or whatever they want to signal. To stick it to the man.
This is ignoring all other risks everywhere else (can’t worry about something you don’t know is involved) and dramatifcally underestimating endpoint risk. This very thread is a glaring illustration. The user got wallet compromize and yet they still worry that exchange will lose some wallet IDs when migrating database. The risk asssessment is completely out of wack.
Another common objection to using exchanges is “but gaaa they can freeze your funds!!!” As if it is a bad thing. On the contrary, this mechanism enables recovery, reversals, insurance, and lawsuits. Absolute irreversibility is not a desirable feature, it’s a bug, but crypto folks pretend not to know that.
The bottom line, we as a society invented division of labour, and it has been working great for us as a civillizaiton. I’m sure the OP does not grow wheat in the backyard, they buy bread from a bakery. But these specific hex number – no, they have to built infrastructure themselves, because coinbase may botch database migration…
1 Like
I am totally with you.
It is almost pure insanity.
In the past, I had like a single bank account, which is where my Storj payouts should go. Now, according to the proposed workflow, I need an L2 personal address to receive my payouts cheaply, then an L1 address to move the funds so I can do something with them. Then an exchange account to retain the value of my earned volatile tokens by converting them to fiat currency, and finally still my bank account to make the funds available for real-life use like paying my electricity provider.
How is this not insane? And at every step I am paying someone through spread, transaction fee, transfer fee, withdrawl fee… you name it and I bear the risks associated with it that for some reason I lose the coins because of hacking, mistyping, malfunctioning, forgetting passphrases or whatever.
But hey, it is better than a bank. 
Who believes that?
To be fair though: The exchanges haven’t always been like this and a lot of coins have been stolen from users through them. But with the current regulation laws that treat exchanges similar to banks ( 
) it is gettin better for users to not to lose their money.
Of course not. At the end that is where productivity comes from: Do the things you can do well to get paid and pay for the things others can do better than you. But for that of course you first have to realize that others can do things better than you.
2 Likes
See Trust Wallet hack that is exemplary for any crypto wallet. An employee backdoored the wallet, pushed the update on Christmas day, just to get everyone out on holidays and stollen a few M or B in crypto.
With these wallets you have to trust open source or closed source devs that nobody knows who they are in most cases. Why this seems a good ideea for anyone?
Last year some reporters did some tests on how easy is to push a backdoored patch to open source software. They shocked everyone.
With MiCA on Kraken you have to say if the sender’s address is yours. I did and it worked. But as me, maybe hundreds did, and is not OK. I don’t know what are the legal implications and so I switched to a wallet, even if I am against it.
I have the option to swap directly to USDC for ex, but the spread is bad, or to send the tokens to Kraken or another exchange, and get a better rate. I have to do a comparition of both methods, to get a picture of which one is cheaper.
And the fact that we are on the most expensive blockchain 
. And they don’t want to listen of anything else, like Solana, Polygon etc.
1 Like
Polygon was given as an option, but abandoned due to little use, I seem to recall
1 Like
We tried Polygon in the past, as rightfully mentioned by @Roberto, this was the last payout via Polygon:
Oh that’s interesting I didn’t know polygon was tried. polygon might actually gain more traction with large exchanges.
The issue here is that scaling solutions are not necessary for monthly asynchronous payments in the first place. Nobody needs them → nobody uses them → liquidity get low → spread gets high → even fewer people want to use them.
They are a solution in search of a problem.
Polygon specifically has other fundamental issues (trust based security) that zksync does not (proof based security), but this does not change the underlying reasoning for not needing scaling.
If you really want to store your funds safe, use an air gapped pc for signing transactions (offline) on a secure and clean OS install. Also hashes are there for a reason, to verify downloads. For a use case with “low funds” this might be overkill.
Right. And for large transactions the solution is not “more tech and hoops to jump through”, but a proper legal framework and insurance. Air-gaps and extra computers in concrete bunkers are security theater. The weak point is the human layer.
Yet, the problem does exist. I suppose if you are lost in cognitive bias then you can claim it’s just a matter of opinion, or perspective. Coinbase has had issues recognizing “internal transactions” from contracts, although they are at least marginally better at it now.
This is a strategy of ‘hope’ and is simply wishful thinking on your part.
There is no DIY (What is DYI?) involved here. I am not coding a wallet to use. I research the best wallets for my meager funds I have coming in from STORJ and for me that’s an MPC wallet, not a hot wallet.
I think this has been discussed to death. Peace.
Is it a good use of your time to nitpick on typos?
Key custody is DIY. Writing code is irrelevant. If you hold the keys, you own the failure modes. Wallet selection does not transfer responsibility.
“Researching wallets” is not a control. Atomic had a documented historical compromise. MPC marketing does not change that. A compromised key drains funds regardless of chain, L2, or execution environment.
Fund size is irrelevant. The mechanism does not scale with dollars.
Delegation to a custodian is not hope. It is the only operational model where responsibility, accounting, and recovery are externalized. If a deposit goes missing, there is a counterparty with an obligation to reconcile it.
Relying on support is not wishful thinking. It is how custody works. You keep the tx hash, the custodian does ingestion, attribution, and remediation. If they fail, it is their problem to solve, not yours.
Not DIY-ing this would have either prevented the loss entirely or shifted the blast radius and responsibility to an entity designed to absorb it.
A Bank. Here they are government backed, so my money is guaranteed to be there when I want it, even if bank collapses, i still get my money.
I have had this happen. When I started Storjnode two years ago, created account with exchange, created wallet to receive Storj.
Since my nodes gets little traffic due to my geographic location, by the time a payment was sent, they had closed my account due to inactivity.
They sent me emails prior to closing, which I neglected to act on (due to illness). Was three months before I realised.
Did the payments bounce because of invalid wallet??? NO.
Am I able to retrieve these funds??? NO.
Who received my funds?? I’m guessing exchange.
Supports attitude. All my fault, nothing they will do - bs about block chain, and how they can’t redirect a transaction that has already started.
First, name and shame the exchange.
They issued the address, closed the account, then received the funds and failed to return them. This is a custodial failure. The resolution path is legal. Stop arguing with support and file a small-claims case against the company.
And this, folks, is another great illustration of why you don’t DIY this shit. If the screw-up were on your side, there would be no recourse at all. With custody, there is. That’s the entire point.
Coinbase
Other don’t seem any better, though.
It’s not a competition 
If you still want this resolved, small-claims court is the right tool.
File against Coinbase’s legal entity for your jurisdiction. The claim is straightforward: they issued the deposit address, closed the account, received the funds, and failed to credit or return them.
Even if you don’t care about the money, it’s still worth doing to send the message.
Btw they did fix going forward: https://help.coinbase.com/en/exchange/crypto-transfers/generating-new-deposit-addresses but this does not erase past sins. Small claims court will.
1 Like
Not enough value for our small claims tribunal.
I made complaint to relevant authority (ASIC) - at some point if they get enough complaints they may take action.