Rationale
There are many existing cryptocurrency exchanges. Most of them suffer from some number of the following problems:
- They do not handle accounting data properly, for instance:
- using floats (which may be rounded in strange ways) to represent quantities of currency
- not using transactions in the database (which can allow money to be "double-sent")
- storing balances rather than transaction history (again, this makes it difficult to keep track of money)
- They may have security vulnerabilities, and cannot be audited because the source is unavailable
- They provide no API for automated trading
- They support only one type of order (such as market orders or limit orders)
Design
To minimize attackable surface area, the exchange is split into two parts.
Backend
API server; handles database, accounting, currency transactions, etc
- Backend is open source; this means it can be audited for security
- Written in Python for readability
- Uses solid and well-tested software & libraries:
- Flask
- SQLAlchemy
- Database: PostgreSQL
- Web server: Apache, Nginx or Hiawatha (depending on configuration and performance--I need to do more testing on this)
- Offsite backups: tarsnap
- Modular component system
- Because the backend is separated from the user interface (frontend), there is only one way (the API) to attack the system; the complex user interface code is separate and can access the accounts *only* through the API server
- Each subsystem is separated out into easily auditable modules with well-defined boundaries
- Each currency is defined in a separate plugin; additional currencies can easily be added as needed.
- Append-only database: Trades & transactions are stored in the database forever. Account balances and transaction statuses are calculated from the full transaction history, so money cannot be "lost"--it always has to have come from somewhere. This is standard double-entry accounting, and the principle behind the Bitcoin blockchain.
- Decimal data types (rather than floats) are used everywhere for tracking money, to prevent rounding errors
Website, user interface; connects to API server to perform actions
- Stateless: authentication data is stored in the user's browser and passed directly to the backend; it is never stored.
Features
- Multiple order types: Market orders, limit orders, and stop orders, with arbitrary cancellation dates.
- Simple but powerful user interface
- RESTful JSON API for computerized trading (also used by frontend, so it's full-featured and well-tested!)
- WebSocket interface for real-time updates
As you can see, I've given this a lot of thought. I have experience with all of the above technologies, and can easily build this system. However, before I spend the time to build this system, I want to know:
- Would you use this exchange if I built it?
- What volume of transactions (number and size) would you expect to perform in a given time period?
- Which currencies would you trade?
If you have any questions, please ask. I want to be as open as possible with this project.