Topic: ChromaWallet (colored coins): issue and trade private currencies/stocks/bonds/.. - page 18. (Read 97096 times)

I propose that we as developers create a library on top of bitcoind which would allow existing exchanges to integrate colored coins (CC).
I submit that it is the day traders who stand to gain the most from CC at this point in time. With CC, traders can jump on any CC-friendly exchange, without worrying about moving fiat between exchanges.

This library will have all the primitive functions needed to analyze the blockchain.
Actually the only two primitive functions I can think of is "determine if a certain output is colored or not" and maintain cache of transactions for a certain color to avoid re-scanning the whole blockchain.

I think that could be a good start.

Any other thoughts? What other primitive functions would an exchange need to easily integrate CC?

Today it dawned upon me those who use smartcoins are immune to the often-heard question "what is the internet gets shut down".
If it gets shut down, the owner of the smartcoin can prove to the smartcoin issuer that he is indeed an owner by providing his privatekey to the address which last held the smartcoins when the internet got shut down. This way he can redeem his  USDcoins or Goldcoins back to USD/gold.

Ain't that sweet?

I started a thread which aims to pool knowledge surrounding the legal side of being a colored-coin emitting business.

https://bitcointalksearch.org/topic/seeking-legal-advice-for-smartcoincolored-coin-issuers-176575

I feel that issuing colored coins may be considered on par with issuing an in-game currency and may not be subject to strict financial regulations.

i'm not so concerned about the market makers; they should be more than well equipped with the proper security to operate their automated trades. the bitcoin-savvy should also be fine. its the n00bs that i'm really trying to support. bitcoin is just too goddam hard to use for >90%.

i really believe a manual system could work fine, but not for the masses. when it comes to bitcoin (and the other alt-coins), good security + user-friendliness (seems to) = mission impossible. i've recently started looking into ripple (seems to offer a lot of options unavailable with bitcoin), but i've got to spend more time with it

a decentralized reputation system would be fantastic.
came across this a while ago. a step in the right direction
https://bitcointalksearch.org/topic/working-on-an-idea-for-simple-web-based-alternative-to-bitcoin-otc-web-of-trust-149385

In p2ptrade protocol, there is no inherent difference between sellers and buyers. Alice announces her offer, Bob then sees her offer and proposes an exchange. Alice might offer with uncolored Bitcoins in exchange for USDcoins, or USDcoins in exchange for uncolored Bitcoins.

If Alice is a market maker of sorts, wanting to perform many trades per day, aiming to earn bid-ask spread, she needs coins in her wallet.

BUT it isn't same as an exchange keeping coins in their hot wallet.

One of major difference is that colored coins allow you to use Hollywood principle: "don't call us, we'll call you".

Basically, your trading machine can be behind a firewall. Or even two firewalls.

You only need to poll p2ptrade order book server from time to time. So you only need to secure HTTP client software and software which processes p2ptrade messages.

This is a very small surface for attack. If you're paranoid, you can implement handler for these protocols in a very defensive style, using programming languages which are regarded as secure (Ada, Haskell, ML...), maybe even use formal verification.

If you follow all security protocols... In order to penetrate through this, attacker will have to penetrate through your firewall(s), then penetrate through security of operating system which has no open ports... Well, good luck with that.

There is a second degree of defense... Let's say you're a market maker and you have 10000 USDcoins and 100 BTC. However, maximum order you're willing to process is 100 USD/1 BTC, and you keep only 1000 USD/10 BTC in your hot wallet.

When hot wallet is exhausted, you receive a notification. Then you can get a log from trading system, get it on flash drive to your secure, air-gaped computer. Analyze log and refill hot wallet as necessary. Then move refilling transactions to trading system...

So basically you keep majority of funds in your secure, air-gaped, encrypted system which might require all kinds of authorization (password, fingerprint scan).

Even if attacker will penetrate through first line defense (which is next to impossible if it is done properly), he only gets 10% of funds.

---

There is, however, an alternative to this: slow order processing. Market maker might announce his offers and log off. Then log on hour later and process these orders. Potentially, manually...

This requires some changes to protocol, and some reputation system. But it is definitely doable.

i'm actually working on a solution for this now. there shouldn't be any issue with the buyers, but ANY sellers would in fact have to maintain some form of hot wallet in order to automate the process. an alternative is to use an escrow service or even m-of-n transactions (still kind of an escrow). but each of these have security risks that in my opinion are too risky (especially in this wild-wild-west economy where you really don't want to trust anyone)

i've been racking my brain on this for weeks. any ideas would be very welcomed

Well, if you can find somebody who can issue USDcoins and people who trust him, you can just use p2ptrade component of ArmoryX to do the trade... It even has nice, easy to use GUI

But... there are issues... It's kinda proof-of-concept quality software. It is usable, but I recommend against using it.

I'll group them by category. Software quality:

• code is not reviewed, neither it is tested.
• it crashes from time to time, likely due to bugs in Armory itself. hodgepodge of C++ and Python isn't the best platform for reliable software, I think
• it is based on old version of Armory, which doesn't support bitcoind 0.8 file layout.
• Armory requires a running bitcoin-qt/bitcoind, eats a gigabyte or two of memory, takes 10 minutes to start. probably is already unusable on 32-bit systems

Conceptual:

• state management used in p2ptrade is flawed, basically it allows attacker to buy/sell more coins than offered
• particularly, attacker can hold you a hostage, completing trade only when it is profitable to him. to cancel trade you need to pay a tx fee
• it is fairly trivial to do a DoS attack
• it uses HTTP for transport, central order-book server

So, you gotta fix this to get a usable p2p exchange. Particularly one either needs to fix ArmoryX, or write another client... Which we're trying to do now, by the way.

As for conceptual problems, they are not as horrible as one might think...

• DoS and opportunistic order execution can be fixed through a reputation system, centralized or decentralized. Note that only one of trading parties carries risk, so reputationless agents can trade too
• state management can be fixed
• HTTP transport sounds like "not p2p enough", but it can be federated, it's fairly easy to do that, and one can run HTTP orderbook servers on each trading node, making it more like a p2p system

As for things you mentioned:


I don't think you can do it this way (unless you go with MasterCoin design, which has problems on its own), but it might be hard to DDoS a large federation of orderbook servers.


This is a non-issue, I think. If you just want to buy/sell coins, you just launch it, trade, shut down.

If you're a market maker or pro trader, yes, you need a running system. But you don't need all your coins to be in a hot wallet. You can keep them in another wallet and add/withdraw as needed.

With the recent never ending DDOS events, I think we need a decentralised exchange based on colored coin

The only centralized part is a colored coin issuer. It acts as fiat currency clearinghouse through wire transfer or with other electronic currency, and collect service charge during the process. Since it does not need to maintain a trading engine like mtgox, the running cost is minimal.

For users, transaction fee is only 0-0.5mBTC, no matter the size of the trade.

Most importantly, DDOS is impossible. People can trade as long as bitcoin is functional (and there is no point to trade bitcoin if the network is not functional)

But there is a big problem: the users have to sign the transaction manually. If fully automated trading is desired, users need to keep a daemon running and leave their BTC and colored coins in a hot wallet.

If this is workable, I may try to establish one.

Any idea?

Sorry, I just meant that we'll have many options in future. Of course, it is up to users to decide what is better for them.

Bitcoin clearly has advantages in terms of liquidity and security, but perhaps some uses value other qualities more.


That's an option too, Namecoin might be fit for that.

Just wondering why you would want to move to an alt-chain? Wasn't the whole point to have colored coins happen over the existing Bitcoin infrastructure?

Or do you just want a way for storing the genesis_output_address -> color relationship? i.e. As a secure p2p key value store?

(Where 'color' is the signed contract from the issuer.)

In any case I think your ideas here could be revolutionary!

cheers

Nice. I'm now starting to read the google mailing list and the docs.

Well, the long-term plan is to use a separate blockchain specifically designed with colored coins in mind.

Meanwhile, we could also use alt-chains... Say, Terracoin is interesting because it is small and fast (there is a problem with difficulty oscillations, though), and Devcoin has really abundant satoshis.

Some things here. If it's really about transactions that don't make sense economically, they should adjust the patch. Colored satoshi ARE economically sensible. I didn't read that topic though. I've just read THIS topic.

Ok, so this is a brilliant topic, but let me first address some issues I see.

There are currently only 1100000000000000 satoshi available. That may sound like a lot, but it's really not (as SilverShire already pointed out). Every single share consumes a satoshi. I don't know how many shares there are worldwide, but I do know there are 1.1 bln MacDonalds shares. But stocks are still doable. How about $1 that says that Chelsea will beat Rubin Kazan tomorrow? There are about 30,000 of them. And believe me, that color is really cool to trade on an exchange. The ownership of the mox ruby magic the gathering card that once belonged to Bram Snepvangers? There goes another satoshi. You get the idea. There's too much to color. This thing will drown in its own success.

I've heard it from Meni... Kinda makes sense: tx fee pays for inclusion into block and first M months, but after that storage fee is deducted from output value.

I think that proposal is just flawed. If I pay fees, why the network should care if I move 0.00000001 btc or 1 btc ?
I'm paying for the costs the transaction has for the network.

What they really need to worry about is old unspent outputs, whether they contain 0.00000001 btc or 1MM btc.
I think "my" (I can't remember who said this first) proposal: after X blocks after the last movement, unspent outputs pay a fixed demurrage fee per block. This way people can just move their colored coins/bitcoins before X to "refresh them" and unspent abandoned small amounts will be destroyed soon.

Could XRP somehow be coloured?

Oh wait, one could just use IOUs instead of colouring XRPs...

-MarkM-

Well, one can simply use more satoshis per unit of his colored coin. Say, 50000 satoshi is likely safe (it is 0.0005 BTC, currently the minimal fee), 10000 satoshi might be enough (0.0001 BTC is min fee for relaying).

But one needs to take divisibility in mind.

Say, if 1 USD is represented with 10000 satoshi, you can send $1.23, that would be 12300 satoshi. But you cannot send $0.23... Well, you can, but it would take a long time to confirm.

In any case, arbitrary rules like this are ugly. I believe it's would be better if Bitcoin will adopt a more scalable architecture (e.g. UTXO set tree linked from blocks) sooner rather than later.

but you can use CC upon more loyal blockchain ( that is not with BTC )

would it be possible to add an additional "fee" to the colored output?

Lots of proposals floating around now; no guarantee that any of them will be implemented but it's probably best to speak up about it.