Our new exchange, AllCrypt.com is opening tomorrow, Friday, February 28th.
The idea started when myself and some friends and business associates were trading on other exchanges, and got into a discussion about how much we disliked:
Slow deposits and withdrawals
Horrible customer service
Picking and choosing coins seemingly at random. Ignoring coins with high community backing, adding random coins that no one knows why.
Sloooooowwww sites
Ignoring user requests.
I thought, hey, I've done IT for 20 years. I can code that site. Friends in marketing, security, and design all thought it was a fantastic idea.
AllCrypt.com was born.
It's been in development for a while now, and is ready to launch tomorrow.
Features we are very proud of and hope you are too:
- Coin adding is transparent and fair. Coins can be voted on on the voting page (currently in beta at www.allcrypt.com/beta/voting.php) and the top coins get added as we have time to add new coins. Only restrictions on what we'll add is we cant get sued for adding it, you have an open source working linux wallet - if its not on github that hurts - it's hard for peer review if it's not easy to find, and it's not morally reprehensible. Certain coins get a free pass, such as the highly profitable coins mined at places like multipool.us - but other than those, vote and your coin gets on. Even if no one else "cares".
- We highly value your security. We went to great lengths to add tons of OPTIONAL AND CONFIGURABLE security features. We absolutely hate sites with either really crappy security (one exchange we are on, after going on vacation for a week, we sign on to see we're still logged in. Our login NEVER expired!) or absurdly annoying security (when one site needed a captcha for EVERY login). We have lots of features, from email alerts for various functions, to adding multiple email addresses, OPTIONAL email confirmation for withdrawals, two factor authentication, and locking saved withdrawal addresses - we let YOU choose your level of security.
- We highly value your anonymity. We have an account option which allows you to remain completely anonymous. The only requirements are a username, a password, and we make it mandatory to have a two-factor google authenticator/authy authentication. We do not have your contact info, or your IP address (it is explicitly NOT logged). I, personally, am a libertarian. You're not hurting anyone by trading crypto. I see no reason to reveal your info to anyone. Keep in mind however - without an email address - we CANNOT verify you if you forget your password or lose your 2FA method. Being anonymous comes with a price.. Be careful.
- We believe that we are all profiting from the crypto craze, and we believe others should too. Every trade that happens on AllCrypt.com - a portion goes to charity. The charity can be chosen by each user, as well as the percentage of each trade - a range from .05% (the default and minimum) all the way up to 5%. We want to help. We only donate to crypto accepting charities. This helps in two ways - neither us nor the charity pays any fees, and it helps spread the word about Bitcoin and Cryptocurrency. If we're willing to give you money - but only if you accept bitcoin... who would argue? Currently the only charities on the list are Seans Outpost, who has officially accepted us as a partner, and the AllCrypt Charity Pool. If you cannot decide (or do not care) which charity you donate to, the funds go to the AllCrypt Charity Pool, and every month we will pick a charity to donate to. If we process 5,000 BTC a month in trades (less than half what other exchanges do), at the minimum of half of 1/10th of a percent of each trade, we will be donating 5 BTC a month to charity. At today's price thats a bit under $3,000. With users voluntarily donating more, and as trade increases - we stand to make a difference.
We built this exchange from the ground up. No open source software or possible security holes that we are unaware of or can claim non-responsibility for. We built it, we coded it, we are confident in it.
We have cloudflare DDoS protections - we hope that helps. We were very proud to be the target of a DDoS attack from Russia the other day, before we even launched. We took that as being in the big leagues. Cloudflare quickly clamped down on it and we were back up within minutes.
Our website is PCI compliance scanned (even though we do not process credit cards) to check for vulnerabilities we may have missed.
Our code has been gone over multiple times over to protect from things like SQL injection attacks. Every SQL command has been reviewed and we believe, to the best of our ability, that we are "immune" to a SQL injection attack. Now that I've said that, I fully expect to be slammed soon! They'll help us find any holes and patch them up though!
We employ a 'cool' storage wallet feature. It's in the works now and will be fully implemented within the week. In short, without giving too much away and giving attackers any more info than they need, there is a 'cool' storage system that will hold the bulk of our coins, which is on-network, but insulated from the internet as a whole by multiple firewalls. Multiple systems would have to be breached before the wallets could be accessed. By the time that happened, our alert systems would trigger and we could cut the connections. Users will be given the ability to select their protection level. They can each choose what percentage of coins that we keep in cool storage. All trades will be unaffected, but withdrawals may be slightly delayed when taking coins from cool storage.
And while on the topic - deposits. All deposits will be available for TRADE after a single confirmation. Until deposits are fully confirmed, all withdrawals are disabled (to protect us from double spends, forks, etc) but you can trade the coins. No more waiting for 3, 6, 10 confirmations to trade. You need to move coins FAST to get in on that hot coin? AllCrypt.com is where you want to be.
Unfortunately - we cannot affect the speed of withdrawals. We were testing tonight and tried to withdraw some MOON to a personal wallet, and it took 10 minutes for the coins to get picked up in a block. We have no control over that. We repeatedly checked the transaction logs and the blockchain - and it wasn't us. The transaction was just not picked up.
And now that I'm absurdly tired from coding, testing, and scanning all night... our last feature we are extremely proud of.
We claim that the emails we send you (password resets, withdrawal confirmations, security alerts, etc) are "phish proof" - assuming you take a simple step to be sure the email we sent is legitimate.
Every email we send you is signed with the private key of one of our BTC addresses. The address is published on our homepage, in the footer of our site, and we registered the address with blockchain.info. Copy and paste the email into your bitcoin-qt client, put in our verified address and signature key, and you can verify that AllCrypt.com actually sent the email. To our knowledge, we are the ONLY exchange, anywhere, to be able to say that if you take a moment to verify the email, you can be sure that any email you see from AllCrypt.com is, beyond any doubt, legitimate.
You can read about how to do this verification at our help site: http://support.allcrypt.com/hc/en-us/articles/201153320-Verifying-AllCrypt-com-signed-emails