Topic: [ANN] Bisq - Exchange, Decentralized. - page 6. (Read 2863 times)

I would like to see more people using Bisq, and not considering it as some complicated boogeyman exchange.

Bisq is currently available for desktop os (with mobile notifications), but it would be cool to have some basic mobile exchange version as well.

I'm anxious to play with it, and hopeful we'll see a beta release in the next few months.  Unfortunately there isn't a set timeline for 2.0 release, but I expect some of the features will be implemented in minor version updates of 1.9.x as they get validated.

Bisq exchange is working on big update for their new version 2.0 with massive UI changes and improvements.
This is not released for public yet, current version is 1.9.2, but according to screenshots I saw this looks amazing and it improves privacy.
There is a new welcome screen, Nym profiles are available, and you can simply navigate with clicks and sliders, Lightning, Liquid, etc.
It appears to me they hired some new people to help them make it very easy to onboard new users to Bisq.

Bisq will work to implement support for Liquid as a base layer and become a Bitcoin Layer 3 Network on top of the Liquid sidechain. For those who wish to keep using Bisq as a Bitcoin Layer 2 Network on top of the base layer Bitcoin blockchain, this option will still be available.

Didn’t know bitcointalk haven’t had a thread about bisq. So thank you so much for opening this one.
I haven't used it for a long time. But I can remember that the number of direct trades for Fiat (Sepa) <-> BTC was very small. Is it still like that?

One more release for you today.

v1.3.1 fixes a bug that marks valid trades as failed trades, and it also improves delayed deposit transaction verification.

To prevent further issues, we're requiring everyone to update to v1.3.1 to continue trading.

https://github.com/bisq-network/bisq/releases/tag/v1.3.1

Posted by Steve Jain on 8 April 2020

About 24 hours ago, we discovered that an attacker was able to exploit a flaw in the Bisq trade protocol, targeting individual trades in order to steal trading capital. We are aware of approximately 3 BTC and 4000 XMR stolen from 7 different victims. This is the situation as we know it so far. The only market affected was the XMR/BTC market, and all affected trades occured over the past 12 days.

Bisq v1.2, released in late October 2019, updated its trade protocol. It improved decentralization by removing arbitrators with a 3rd key in the multisig escrow used for bitcoin trading funds. These arbitrators were replaced with 2 new roles: mediators and arbitrators with no keys in the multisig escrow. With no more trusted third parties, the new trade protocol also required that trade parties move bitcoin trade funds to a Bisq “donation address” after a hard time limit in order to solve dead-locked trades.

This donation address is set by the Bisq DAO and approved by DAO stakeholders. Bisq software did not verify that the payout address for trades was actually the Bisq donation address set by the DAO before signing and sending the time-locked payout TX to the trade counterparty. In plain words, this exploit was the result of a flaw in the way Bisq trades are carried out, not in the way funds are stored (i.e., there is no honeypot since Bisq is P2P).

As soon as this attack was discovered, Bisq developers used the alert key to disable all trading on Bisq. The flaw in the trade protocol has been corrected in Bisq v1.3.0, now released. Bisq is properly peer-to-peer, so alert key functionality can be bypassed by users, but this is highly discouraged.

A proposal will soon be created in the Bisq DAO, Bisq’s funding mechanism, that will aim to repay the 7 victims from future trading revenues.

Security has always been a top priority for Bisq, but this incident shows it wasn’t perfect. The project is evaluating several approaches to strengthening security reviews and practices even more, and will detail them soon.

In the past 4 years of operating on mainnet, Bisq has never had to use the alert key to enable “safe mode” on Bisq nodes, and this is an unprecedented case for the Bisq DAO. The Bisq developer community sincerely apologizes for this security failure.

hi, If bisq is decentralized, so is it possible to add a token like on ForkDelta? Or does it require some registration or confirmation as on IDEX?