UPDATE (8th November, 13:06 GMT):
In a phone interview with
By contrast to a service like Blockchain.info (which, although generally thought of as safe still suffered a security issue back in August), Inputs.io is a shared wallet that manages the balance of its users and their private keys giving them full access to all the bitcoins stored with them.
Blockchain.info account access is secured by an identifier/alias, password combination and two-factor authentication and is generally thought of as secure. However, as with any technology, nothing is foolproof. According to Bitcoin Talk forum user ‘masteroflove’:
Questions are now being asked publicly about Inputs.io’s main developer Tradefortress, who, whilst still not widely known in public, claims to have a deep understanding of the complexities of security procedures for bitcoin wallets.
When CoinDesk approached Tradefortress for comment he informed us that “the attacker was able to compromise older email accounts which were easily reset as they didn’t have phone numbers attached. Compromising one older email account led to the compromise of another, eventually allowing them to reset the password for the hosting account and obtaining shell access after bypassing two-factor authentication on the host’s side.”
He continued: “We don’t use client-side encryption; that’s hardly foolproof and gives people a false sense of security”.
When queried over how much Inputs.io will be able to reimburse users he responded somewhat obscurely: “[We’ll be able to refund] as much as 100%. For Inputs it is solely based on the amount. 1 BTC at the current sliding scale would be 74%, 2 BTC 65%… This figure is not final, and if we have leftover coins we’ll be able to refund more.”
In other words: if you had less than 1 BTC on Inputs you should get it back, otherwise, be prepared to take a haircut.