Topic: ATTENTION: Any exchange right now can act like a bank (Read 2662 times)

This is a very interesting analysis IMHO, thank you. The forum is a frustrating place to throw good ideas at, because they get forgotten very quickly, but you should start a wiki page for a decentralized exchange brainstorming/proposal. I have seen other neat ideas floating here and there (e.g. from grondilu, IIRC).

Please someone get those great ideas together. I can't do it myself because I suck at trading, but I do think we have an important matter here.

Not when the "exchange" holds your funds and can stall on releasing them. You can't pick any exchange for your next transaction.

More than happy to do it if we can agree on a relatively simple and accurate way to do it.
Blockexplorer showing our wallets would only work if you knew how many our users are supposed to have and you'd need to trust us on that.
I don't see individual wallets being easy to pull off but I'll look in to it. Listing user balances and totaling it presents privacy issues and once again you might have to trust us.
There should be a way to get it done though.

Open to suggestions.
-Jered

Don't multiple independent exchanges count as 'distributed'?

Though I agree a common API with automatic order routing would be nice.

I agree with that and as I said before a distributed currency needs a new distributed exchanges.

Mt. Gox and Tradehill are performing the functions of an exchange, a broker, a non-bank depository institution, a clearing house, and a stock custodian. In the real world, those functions are usually separated.  (Sometimes they're not. See Bernard Madoff. That didn't end well.)

A completely distributed exchange is quite possible. You first need some way to do an atomic transaction in two commodities between two untrusted parties. One approach is to split transactions into tiny ones, each one being done separately and completed before the next one starts. That way, any rip-off is limited to the size of one transaction.

Once you can do that, you just need a way to broadcast "buy" orders. Only one side needs to be broadcast, although it's useful to broadcast both. Orders can't be anonymous, since you have to know who the other party is to deal with them.  If you see a buy order you like, your client contacts their client and does a deal. First client to get through wins.

There are some problems. Transactions cannot be undone, except by mutual consent of the parties. There can be no "rollbacks". Any gains from market manipulation stand. (So you had better have enough cash reserves to handle a mistake now and then.)

A party can broadcast buy orders but not respond to matching sell offers.  Since orders are not anonymous, this behavior is detectable. You need a reputation system to kick out traders who do that. (Which is exactly how live commodity trading floors dealt with it.)

Lag is a problem. Network transit time and local processing delay affects your trading profitability. (This is a problem in real-world trading. Look into "high frequency trading" and the efforts made to cut lag to microseconds.)

It's not as orderly a market as a system with centralized processing of limit orders, but that's the price of a distributed, mutually mistrustful system. 

That's good to hear. Would be nice if you could also prove it though, not saying I don't trust you guys, just that transparency would be really good for the community.

ok - so now I think I understand that you are suggesting the exchange manage an exchange-side wallet per trader.

This would be fine - except for transaction speed.
Traders can theoretically do multiple trades per second - especially if controlling via an API.

Perhaps it could be done if these server-side wallets were updated with the balance due to trading.. on say an hourly basis. (and upon withdrawal/deposit by trader)

I'm coming round to the idea in that case.  
It wouldn't stop a hack of the system in between wallet-update-ticks  - but may give people long term confidence that the exchange is solid.
The previously mentioned database total compared to wallet total checks would still need to be done anyway.

Not sure if that's directed at me or cunicula. We're holding 100% and if we move away from that we'll make it very clear with enough time to pull out if you want.
Currently that isn't in the plans.

Your turning an exchange into a bank, which isn't what we want, though with this you can also do what your saying as well.

The system is useful because it provides transparency. The question of whether fractional reserves are desirable is not relevant.
Transparency is useful with a fractional reserve too.

E.g.
Suppose that the exchange promises to hold a minimum of 30% as a BTC reserve against all its bitcoin liabilities. Each customer is assigned a unique block explorer address that holds exactly 30% of their account balance.

If this account is not at exactly 30% of the account balance, then the customer will know that either:
a) the exchange has been hacked, or
b) the exchange is not holding a 30% BTC reserve.

Again, customers should be able to audit exchanges using block explorer. That is what the technology is there for.

This is my point exactly, you also get the TRANSACTIONS when you buy bitcoins they will list everyones wallet that you bought from.

Saying just to look at their wallet is stupid. Obviously when you take BTC some will come out, but you don't really know what the database says they have.

If everyone knows the exchange has a fractional reserve it's not a bad thing.
If they're doing it without saying so that's another issue.

We've talked about doing something along those lines (the wallets).
I don't write the code so I'm not sure how difficult it would be to have individual wallets.
I would be interested in any solutions people can come up with though.

-Jered
 

The point is allow customers to verify their account BTC balances independently of the exchange. This can be done by assigning each
customer a single wallet address. The customer can check their balance using block explorer. If money in the wallet doesn't match the customers accounting, then
a) their account has been hacked, or
b) the exchange is using a fractional reserve

Exactly, it's simple to compare how many BTC are actually there to how many should be.
If any of the other exchanges aren't doing that I'll be surprised and disappointed.
-Jered

until the exchanges start handing out loans and interest rates they are not banks- fees and interest are two different things

Explain how your going to know the amount of bitcoins each person actually has with my simple solution to the problem.

This is trivially done.  Check the total of BTC in the DB and compare it to the exchanges BTC wallet(s). Perhaps before each withdrawal.
It's most likely the exchanges have many such checks already in their code.

Are you  suggesting the exchange should operate directly by depositing BTC as trades occur?  I guess you can't be - because that would be utterly impractical due to the slowness - and would mean that if things were hacked/glitched - there'd be no repair possible via rollback.
(reverted trades do occur on standard exchanges - happened on NASDAQ earlier this year due to glitch apparently)

I'm not clear on how the addresses you talk about allow us to verify things are legit - to me it sounds unlikely to be useful.  Please give an example of a previously empty exchange followed by a single trade between two users, and what is where in your scenario.

only banksters are allowed to lie in this world of ours.

Are you saying that someone could lie? This is big news. Can anyone lie or just certain people? Should we trust everyone without thinking? Please tell us more.