Knock on wood: Coinbase is the only exchange yet to suffer a breach.

CEO Brian Armstrong revealed a secret to its success to Wall Street Journal reporter Paul Vigna at Consensus this morning: it hires spies, unbeknownst to most of the staff, who attempt to infiltrate the exchange’s offices and compromise the network.

“We hire third-party firms to try and break into it,” he explained. “They pose as candidates applying to work at Coinbase. Typically, only the head of security and me know that it’s a drill.

But the person will come in, and apply for a job, and try and get into the office, and try to break into our systems.”

Experience Web 3.0.

Be the first to get Decrypt Members. A new type of account built on blockchain.

Any luck? “They might breach one or two” layers of security, Armstrong said. But better them than, say, the hacker that stole $40 million from Binance. Or the hacker that stole $450 million from Mt. Gox. Or the hacker that stole $16 million from Cryptopia.

Armstrong said that customers’ funds are stored in a geographically distributed database and that the exchange is building the “generation four” of its cold-storage system—wallets that holds customers keys offline—which is rebooted every 18 months.

That’s a far cry from $190 million in a dead man’s wallet.