I really want to use this. How does it execute orders without compromising security on coinbase?
It lets you connect it to Coinbase (the way you would connect online app to Facebook).
When connecting, it asks you for permissions - buy Bitcoin, sell Bitcoin, view transaction history. It stores tokens encrypted in database, and this is all anyone could do with these tokens.
If the app does get compromised by a 3rd party, the only thing the attacker would get are tokens to buy and sell Bitcoins on someone else's account, but no way to get the Bitcoins out of the account.
Other than that, there's basic security measures like XSS or SQL injection protection mechanisms
I'd be interested in using this "app" but only if you would add the google 2fa. Simply because if the quoted does happen, you can't go crying to coinbase to get the "deal" reversed which depending on coin price you can easily lose money. Not just on say a dip if someone bought at $500 and you notice it at $450 but the money lost in coinbase fees and bank fees for transfers you weren't prepared for thus causing $35 NSF fees.
Just because the attacker can't get the coin doesn't mean they still can't fuck you over.
