Author

Topic: Exchange Standards Framework (Read 1013 times)

full member
Activity: 238
Merit: 100
Stand on the shoulders of giants
April 12, 2014, 02:34:02 PM
#6
I would like to see transparency about how the exchange operates from the "front office" to "back office", rulebook, documentations etc... something like

http://www.londonstockexchange.com/traders-and-brokers/rules-regulations/rules-regulations.htm


if is open source the project should give all sources and documentations too... like buttercoin

newbie
Activity: 17
Merit: 0
April 12, 2014, 12:29:37 PM
#5
We'll also need some way to perform regular transparent and minimally intrusive audits.
hero member
Activity: 1582
Merit: 759
April 05, 2014, 02:51:44 AM
#4
I would like to suggest that exchanges have the option of read-only API Keys. Or limited to viewing trades, transactions, and balances.

This would be separate from an API Key that allows trade executions and/or withdrawals. 

Lose the "fancy API". That doesn't mean any thing. Fancy is in the eye of the beholder.

I like your other standards.  Especially the 100% reserve.


The read-only API keys could be set by a action/permission based API.

The API key creator would have the ability to choose what actions each API key can perform. All, or specific actions.
full member
Activity: 588
Merit: 107
April 04, 2014, 03:15:04 AM
#3
I would like to suggest that exchanges have the option of read-only API Keys. Or limited to viewing trades, transactions, and balances.

This would be separate from an API Key that allows trade executions and/or withdrawals. 

Lose the "fancy API". That doesn't mean any thing. Fancy is in the eye of the beholder.

I like your other standards.  Especially the 100% reserve.
hero member
Activity: 1582
Merit: 759
April 04, 2014, 02:11:42 AM
#2
[Unsafe Features]
- "Fancy" APIs


Define what you mean by "Fancy"?

I don't believe all API's are bound to be defined as Unsafe.

It depends on the company or developer developing the API and their code, what practices and what safety precautions they use.
newbie
Activity: 17
Merit: 0
April 03, 2014, 11:29:45 PM
#1
In light of the recent Mt.Gox debacle, I'm looking for some help in coming up with some sort of Standards Framework which exchanges should follow in order to minimise the potential for hacks, dodgy accounting, etc so that users of the exchanges compliant with the framework can feel safer trading bitcoins or other cryptos.

Lets start with listing some safe and unsafe features:

[Safe Features]
- Operating in a politically stable and crypto friendly jurisdiction
- KYC/AML adherence
- Dedicated hardware
- DDoS resistant
- Minimal alteration of Bitcoin Core, alterations independently reviewed
- Regular software audits and performance review
- Cold storage, manual access only
- Hot wallet size algorithmically determined by standard deviations of withdraws
- 100% reserve
- Regular financial statements, fiat + crypto
- 2 factor authentication
- Separation between read-only and execution APIs (https://bitcointalksearch.org/topic/m.6065434)
- Separation between trade and wallet APIs
- Exchange transactions all performed on chain (operationally possible?)

[Unsafe Features]
- ?

For clarity I'll add/remove features here later depending on census. Let's self regulate.
Jump to: