Topic: Exchange launching soon with new accountability tech (Read 345 times)

Definitely no ICO of any kind and no token is required to make the system work. Understandable concern though considering people will try to shove a token in to anything now for a quick buck, even if it hurts the efficiency of the system its in

Might as well launch your exchange and implement that feature so we can test it and we can give feedbacks coming from our experience, all the exchange I've seen are all the same, but even if your exchange is different, be sure to concentrate on security and support, every trader ask high priority on these two.

This is something new there are advantages and disadvantages but the advantages outweigh the disadvantages, I'd like to see how it can improve security if we are going to use this feature I hope you can launch it but without ICO so you'll gain trust on your unique feature.

'ello, everyone!


Yes.  Just like any other exchange.  Except now you can prove our shenanigans to the world.  Which means we won't do shenanigans.  Unlike other exchanges.


Yes.  Just like any other exchange.  Except now, as we earn trust, we are further incentivized to make sure everything goes perfectly for you.  Because if it doesn't, you can prove it to the world.

If we're a billion-dollar company, and we screw with someone, they can prove it to the world, which ruins our reputation and hurts us financially.  It's not just a random complaining user on reddit saying "the exchange scammed me" any more, because now they have cryptographic proof.  So our incentive of course is to not screw with people.

The incentive for other exchanges is... well, nothing.  They can do what they want to you, more or less.

In essense, this is a solution to the "Selective Scamming" problem.


What if the exchange is the one hacking you?  How many people got hacked by hackers, and how many just think they did?  There's no way to tell.  Except with personal blockchains, of course.

We aren't solving the problem of a hacker hacking you.  We're solving the problem of the exchange taking your money and saying you were hacked.  ...Among other things


Yes it can.  Via incentive.  Just like mining rewards can change how miners operate.

It provides a strong incentive to "make things right ASAP" for you.  It provides a strong incentive to be as transparent as possible about the issues you're referring to.  It also incentivizes us not to cause these issues in the first place.

Other exchanges do not have this incentive.


Yeah, maybe.  Opens up a larger conversation, but let's save it for another time.  We're proposing a new way for centralized businesses to operate.


Actually, it started with Personal Blockchains.  The exchange is just an example of how we'll implement personal blockchains.  It'll be open source.  We hope to show how easy it is to be *actually accountable*, and that other exchanges will pick it up for themselves, too.

We suspect many won't.  At some point, the question "Why?" will become more poignant.


CONFIRMED.


Automatic.  Built into the browser or app.  The experience for the end-user should be the same as what they're used to.


It's encrypted before sent to us, we store it as a blob and don't have access to their private key.  We also have some pretty cool safeguards to avoid people getting an encrypted blob just by typing someone's username, etc.  We'll explain that later - it'll be easier once we've pushed things to github and launched everything.

FYI:  We intend to support pure hardware solutions too, so that we don't even get the encrypted key blob. 


Each request requires a signature.  A signature can't be reused.  You might be thinking of solutions where you provide a signature and then going forward, everything's "authenticated".  You're right - that would be very bad!  But that's not how we do it.  You can think of it more like a bitcoin transaction signature, in that every time you send a bitcoin transaction, you need a new signature.


We're not trying to solve the problem where a hacker tricks you into giving up your password/keys.  The risk profile here is essentially the same as any other exchange.  Although we do have some cool security features coming to mitigate risk.


A lost private key does not mean a hacker can definitely steal all your money.  Just because you sign a request saying "Withdraw to ..." doesn't mean we have to actually do it.  If we see your withdrawal request came from a different continent, our security systems might tell us "hey, check on this before proceeding".

Same as any other exchange.  Except of course, we're super incentivized to make things right ASAP for you.

Also, a lost private key does not mean you lose all your money, either.  More on that another time.

The more exchanges the better, IMHO. More competition = better services = easier to use = smaller fees = happy users.

When a user sign a request what steps are taken before the the service provider use the other key to perform the request? Is there any extra "safety net" in place in case somebody has lost his private key and somebody else is trying to empty the account with it?

Does this not expose your service to added risk if FDU's <Fkn Dumb Users> decrypt their own keys and then blame you when someone else steal their coins or fiat money with those keys?

We know most users cannot even secure their account passwords, so how would they know how to secure something as important as their own private keys?

This might lead to even more problems?

Users will sign each individual action with their(locally generated) private keys, like signing a message with your bitcoin keys. So each signature is unique to the action requested and also includes a nonce. The whitepaper goes in to the specifics in more details.

https://v.fastcdn.co/u/f7406dff/35049881-0-Personal-Blockchains.pdf

I have some concerns with digital signatures and how will it work for your exchange. Since most electronic signatures I see are all pre-signed meaning users already have their existing digital signatures on board so that they won't sign and sign it again will you be using it or will you only accept actual signatures made that time? Because if its the former then I don't think its secure as what you want it to be because anyone could literally obtain that user's signature if they have a copy of it.

It doesn't just prevent bogus claims to protect us, it gives users something tangible if there is a real claim.

For the "red tape" issue the experience should be the same as a normal exchange with no extra baggage at all. Similar to how some web wallets work when you log in you will locally decrypt the keys.

There are lot of advantages of DEX over centralized exchanges in terms of stability, security, and privacy

Ok, your solution solves the problem of people making bogus complaints on social media about your service, by giving signed proof mechanisms to protect your image. 

Does this solve the added "red tape" and complexity involved by making these transactions more difficult for the users? How many customers will know how to sign a transaction or request and how do they secure their private key or do you still manage that? 

But their volume sucks, except Binance Dex with its MM maybe.


It's business, they want to make profits, see an opportunity and try to achieve it. But well, some of them just build it to scam and run as Vod said.

They look at the big coin some exchanges have and conclude if they collected that much, they could vanish and retire. 

I can not understand why launch all new and new cryptocurrency exchanges, if there are already hundreds of similar clones. Where are there so many people that would serve all these exchanges?

DEX are  more secure, scalable than any other centralized Exchange...

This is something new all of us I never read something or anything like this before, but Patatas view is also valid this could be something that we are going to face it this is implemented, in the past I also have issues with my withdrawal on some top exchanges and this is very depressing for users.

But when users generally complain about an exchange holding their funds, they do get support responses from the exchange and usually, it's either KYC or another account verification reasons. My point is, the multi-signature system can't enhance the way the exchanges operates. For instance, I'd like if an exchange doesn't introduce KYC policies when a high volume withdrawal is requested but do it when a user creates an account.

Thanks for the replies guys


I think this will help so much in disputes. Currently when this happens the user has no way to prove to the public that the dispute is actually real and the exchange has done something wrong like hold funds. Its just your word vs the exchanges. Usually what ends up happening is users complain on forums and hope for the best. With our platform when a user feels the need to complain online he can prove that we are holding his funds, and prove were refusing to counter sign his request.

So were basically giving out tools for users to hold us accountable if we do anything wrong.


yup the white paper isn't very long and explains how the system works. I believe an updated version (or another color paper lol) is going to come out soon

https://v.fastcdn.co/u/f7406dff/35049881-0-Personal-Blockchains.pdf

It seems to be better than any exchange out there, on paper i guess there will be a way to demonstrate the funds are locked (peraphs is in the whitepaper, i haven't look yet). If everything is working, is going to be very hard for an attacker to obtain both privte keys.

Is it true they can deny you access to your funds but on the other hand they cannot either access them, consider when you are sending now funds to an exchange you need to trust the exchange is secure and they will not run away with it as well, so basically trust 100% the exchange.

The main idea assumes that exchange can be trusted, which is, in fact, a questionable assumption. I think 2FA is enough for that, though there's a risk that a hacker can gain control of user 2FA, that's fine because the user must have some responsibility to manage their own safety, and there's no need for an exchange to go that far. Instead of this feature, I'd love to see a feature where the exchange would return the funds that was sent by malicious party or those who failed to do KYC, so they didn't get rekt.

The main idea is actually good and can be viable especially in the light of many hacking that occurred in big cryptocurrency exchanges. Now, let's hope that the concern here by forum member Patatas can be adequately addressed before we go and jump into this new exchange platform. I am waiting for the official response to this query.

That is good and bad in a way. I will have my money stuck on your exchange forever if the exchange decides not to sign my withdrawal request? Exchanges have a reputation for holding users withdrawals for a number of reasons. This certainly isn't going to work in users favor in times of a dispute.

Hey Everyone I've been working at a new exchange for almost a year now and were finally almost to market. We require signatures from both parties (exchange/user) for every action taken. We think this approach is going to make us the most accountable as you'll always have the signatures to prove your account state if we mess around.

We just pushed a blog by one of our co-founders, feedback greatly appreciated. The Only Way Forward for Crypto Exchanges: Information Parity With Each and Every User

If anyone is wondering anything about the tech or our plans just ask.

https://medium.com/symetria-hq/https-medium-com-symetria-hq-the-only-way-forward-for-crypto-exchanges-26ae270a5bd