2 factor authentication design flaw

Hello, I keep getting redirected where to report this bug. Hopefully this will finally get the job done. I have attached a screenshot of the original bug report which can be found at https://coinbase.desk.com/customer/en/portal/private/cases/294281 Here are a few excerpts from the report to summarize the bug: "I have my settings set to require 2fa for sending any BTC from my account. However, if I send my BTC to a paper wallet, no 2fa is required. Doesn't that kind of defeat the point? [...] Given that this bug is significant enough to completely bypass one of your security features, I'm curious as to whether this would be eligible for the bounty."