Comment by whoopdedo
20 hours ago
If you ever sent money to or from a wallet you control, I'd think a reliable recovery factor would be to use that key to sign a message that Coinbase can verify with the address in their records. Cryptocurrency after all is just another PKI.
And dumb-dumb me just realized how trivial that would be to break. Social engineer someone into sending/receiving money to/from your wallet then pretend to be them requesting an account recovery.
Coinbase would have to make you sign a challenge ahead of time that would mark the wallet as the authorized public key for your account.