Author

Topic: How Bitcoin Exchanges Segregate Their Respective Users Wallets? (Read 207 times)

member
Activity: 392
Merit: 41
This text is irrelevant
And yes, I messed up - actual wording at paragraph 1.4 says "Segregation customer's assets from proprietary assets" that means exchange does not really have to segregate each user's assets from each other individually, just keep em separate from exchange's own wallet. Still I see some hole in this, since exchange can't instantly deduct it's trade fee from user's wallet so there is a period, when assets of both user and exchange are mixed up in a wallet. I still wonder how real exchange manage their wallets.
I wouldn't think this is the case...

You don't really have any "assets" after depositing to an exchange... In effect, you basically have a promissory note or "IOU" for the value of your deposit.


I'm pretty sure this is not how most of exchanges operate, otherwise there would be no requirement to differentiate assets at all. IOU effectively means borrowing money, and thus regulated and taxed vastly different. I believe exchanges usually only store your money (assets) that is still remain being your assets, and commits operations with your money whenever you ask them to. 
member
Activity: 392
Merit: 41
This text is irrelevant
Cryptopia's trade engine is atomic

Isn't it kinda slow and not scalable for large trade volumes?
newbie
Activity: 57
Merit: 0
I very much doubt it - no exchanges are particularly transparent on how they operate due to general security related paranoia. Some exchanges may be cloud based, but I think Bitrex may be the only exchange on Azure as (and I'm sure my knowledge is  probably out of date at this point) Bitrex and Cryptopia are the only exchanges that have Microsoft based stacks; where Bitrix is cloud based and Cryptopia is on centralized hardware.

The two differing approaches on hardware is likely due to differing approaches on how the exchanges process the trades. Cryptopia's trade engine is atomic, where every trade is queued and processed in sequence which is a workload suited to a single threaded application; this approach won't work well on the cloud so we can assume that Bitrex does it differently.
member
Activity: 392
Merit: 41
This text is irrelevant
Exchanges use an internal ledger, sometimes a blockchain, sometimes a relational database, sometimes a hybrid of both. Changing slightly each time due any given coin or tokens idiosyncrasies, an exchange runs a single 'hot wallet' which you can think of as a cash register, where each user gets an address from that wallet which is unique to them. When a deposit is received, it arrives in the hot wallet, and the the exchange credits that user with x amount of y coin. Any and all trading that happens then happens on that exchanges internal ledger and not at all on the blockchains of those coins due to network fees and confirmation times. When you decide to withdraw from the exchange, that's when the exchange goes and commits a transaction to the external blockchain, which is why deposits/withdraws are subjected to confirmations etc, but trades and transfers etc are usually instant.

As you mentioned, it's almost impossible to segregate customer assets from proprietary assets at all times due to how the fees are calculated (again, nothing on the blockchain, only a change of value in a database) - once a day or so it would be possible to move it all in order to comply, but doing it in real time is absolutely unfeasible.

Thanks, that's what I thought as well.
Is there any read in regards of how internal hardware of exchange works? I know that some exchanges are using cloud servers (for example Bittrex use Microsoft Azure) but isn't it kinda slow? Shouldn't more centralized approach work better? I found some information about modern forex exchanges and their approach to latency mitigation, but does crypto exchanges have same approaches? Is there any fundamental differences in trading?
newbie
Activity: 57
Merit: 0
Exchanges use an internal ledger, sometimes a blockchain, sometimes a relational database, sometimes a hybrid of both. Changing slightly each time due any given coin or tokens idiosyncrasies, an exchange runs a single 'hot wallet' which you can think of as a cash register, where each user gets an address from that wallet which is unique to them. When a deposit is received, it arrives in the hot wallet, and the the exchange credits that user with x amount of y coin. Any and all trading that happens then happens on that exchanges internal ledger and not at all on the blockchains of those coins due to network fees and confirmation times. When you decide to withdraw from the exchange, that's when the exchange goes and commits a transaction to the external blockchain, which is why deposits/withdraws are subjected to confirmations etc, but trades and transfers etc are usually instant.

As you mentioned, it's almost impossible to segregate customer assets from proprietary assets at all times due to how the fees are calculated (again, nothing on the blockchain, only a change of value in a database) - once a day or so it would be possible to move it all in order to comply, but doing it in real time is absolutely unfeasible.
HCP
legendary
Activity: 2086
Merit: 4363
And yes, I messed up - actual wording at paragraph 1.4 says "Segregation customer's assets from proprietary assets" that means exchange does not really have to segregate each user's assets from each other individually, just keep em separate from exchange's own wallet. Still I see some hole in this, since exchange can't instantly deduct it's trade fee from user's wallet so there is a period, when assets of both user and exchange are mixed up in a wallet. I still wonder how real exchange manage their wallets.
I wouldn't think this is the case...

You don't really have any "assets" after depositing to an exchange... In effect, you basically have a promissory note or "IOU" for the value of your deposit. This is your "number in a database". When an order is executed, they simply update 4 values in the database... The "buy" and "sell" coin totals for yourself and the trading partner... There "fee" is automatically created by simply crediting your account with a lower number than your trade... ie. if you bought 10 BCH with a 0.1% fee, they'd only increase your balance by 9.999 BCH.

As far as I can tell, it really doesn't require any changes to any "wallets" until "settlement" occurs when users wish to withdraw (or deposit more funds). For instance:

User account = 0 BTC, 0 BCH
Exchange BTC Wallet = 100 BTC
Exchange BCH Wallet = 1000 BCH

User then deposits 1 BTC:
user account = 1 BTC
Exchange BTC wallet = 101 BTC
Exchange BCH walelt = 1000 BCH

User then exchanges 1 BTC for 10 BCH:
User account = 0 BTC, 9.999 BCH (assuming 0.1% fee)
Exchange BTC wallet = 101 BTC
Exchange BCH wallet = 1000 BCH

User then withdraws BCH:
User account = 0 BTC, 0 BCH
Exchange BTC wallet = 101 BTC
Exchange BCH wallet = 9990.001 BCH

As you can see, pretty much limitless trades can occur without the actual wallet values actually changing... they only change when deposits/withdrawals happen... and by simply crediting users with lower values than the "true" value of the trade they generate their fee.
member
Activity: 392
Merit: 41
This text is irrelevant
Quote
KYC = "Know Your Customer" - aka. have about 9327206187635 different forms of ID and personal data (address/phone etc) of the person involved Tongue
AML = "Anti Money Laundering" - aka. mandatory reporting to authorities of transactions over a certain size along with transaction limits based on level of KYC identification.

This topic arose when I was studying KYC/AML rules. I remember reading some article in regards of how bitfinex being sued for not properly doing segregation of user's assets. Can't seem to find it again. But originally, I found segregation rule mentioned in this article explaining Japanese Exchange licensing process here:
http://www.so-law.jp/wp-content/uploads/2017/07/Japanese_VC_Act_and_Registration-Overview_170704.pdf

And yes, I messed up - actual wording at paragraph 1.4 says "Segregation customer's assets from proprietary assets" that means exchange does not really have to segregate each user's assets from each other individually, just keep em separate from exchange's own wallet. Still I see some hole in this, since exchange can't instantly deduct it's trade fee from user's wallet so there is a period, when assets of both user and exchange are mixed up in a wallet. I still wonder how real exchange manage their wallets.

But anyway thank you for making me read again.
HCP
legendary
Activity: 2086
Merit: 4363
I wouldn't have though that KYC/AML regulations have anything to do with the storage of currency.

KYC = "Know Your Customer" - aka. have about 9327206187635 different forms of ID and personal data (address/phone etc) of the person involved Tongue
AML = "Anti Money Laundering" - aka. mandatory reporting to authorities of transactions over a certain size along with transaction limits based on level of KYC identification.

In any case, the exchange CAN instantly update the "BTC" balance associated with your account, because it is just a simple number in a database... it's certainly not held in a separate bitcoin address.

Can you link to the requirement where it is stated currency for each user is to be stored separately?
hero member
Activity: 896
Merit: 527
₿₿₿₿₿₿₿
They don't as far as I know.

Most have a single wallet.
member
Activity: 392
Merit: 41
This text is irrelevant
Hope my question fits this section.

I was reading alot about how Bitcoin and Altcoin exchanges work (especially those who actually follow modern regulations) and I can't really wrap my mind about how exactley they follow KYC/AML rules, especially those requireing to store virtual currencies of each user independently (I believe it's done in order to prevent losses in case of hack).

As far as I understand - whenever I deposit BTC to exchange it stores it in some hot wallet storage, and updates my BTC ballance, that is then used to trade. Let's say I decided to sell/buy some BTC to/from another user so I place an order and immidiatly receive update to my internal ballance.

But obviously, exchange can't instantly update BTC ballance associated with my account, since BTC transactions takes alot of time to confirm. That means exchange's BTC storage, that represents my deposit actually does not represent my BTC ballance (until the moment it gets synchronized).

So my question is how big exchanges, that got often audited and being licensed solve this issue? Is there some articles to read on basic concepts about hot/cold storages functioning on exchanges?

Thanks!
Jump to: