Pages:
Author

Topic: How to fix the exchanges - a professional view. (Read 4874 times)

sr. member
Activity: 298
Merit: 250

.......

Thank you,
    Keyur


I won't quote the full text (I hate it when people do!).

Thats a great reply, it's good to actually hear from an exchange. I cannot comment on your platform, but your answers suggest you are taking all these things seriously, so good luck!
sr. member
Activity: 299
Merit: 250
Great points!  Here is some input from CampBX:


1. Sort your trading code out.
- Our core trade engine code has been very reliable and error-free.  Since our launch in July 2011 we haven't found any bugs or mistakes in the code.  There are a lot of trade engines out there, but it comes down to error handling.  CampBX core engine is just 5-7% trading code, rest all is error handling, sanity checks, and cross-checks.
The peripheral code will always keep evolving as we need to add new features and scale at a fast clip.

2. Invest in hardware or hosting, you're making thousands or tens of thousands per day. Buy or hire a room full of the best machines you can (I'm not a tech expert). You can never go down through 'excess trading demand' - this is amateur.
- We have invested in dedicated servers housed in an on-shore, top-tier datacenter in Arizona. This data center has:
­    Triple telecom backbone connectivity for redundancy
    Caterpillar diesel generators in case of power brown-out / black-out
    Restricted physical access to servers
    24/7 monitoring


3. Create a minimum trading size, the tiny bot trades of $1 are swamping the system and add nothing.
- We have minimum size set at 0.01 BTC and the goal is to keep it around one dollar

4. Forget about circuit breakers or 'cooling off', this only works when assets are only traded on only one exchange (ie NYSE/Nasdaq) which is why you do not see gold or Forex stop trading. The market continues and your customers are left helpless.
- Forex trading platform has evolved through Billions of dollars of development expenses, while Bitcoin is a hobby project run by (mostly) volunteers.  Due to this reason Bitcoin code tends to choke under certain situations.  If I had to guess, cool-off will remain part of the game at least till Bitcoin 2.0 client comes out.


5. Get someone to be a market-maker. You need a pool of money acting as market maker, to provide some depth of liquidity to stabilise the price when the market volumes become very illiquid or eratic. Confidence is everything in this market.
- There are a lot of bots and independent traders working as market makers on multiple platforms and exchanges.  But there is a fundamental difference: Bitcoin transfers take 60 minutes to get 6 confirmations, which hinders the market-maker's ability to provide liquidity and increases risk significantly.


6. Prove you have some depth to your security. Right now people have millions invested in exchanges and any number of them could be complete shams designed to take coins that cannot be traced. I could setup a good looking exchange in days, collect coins and money and then disappear, it's been done before, it could be done again.
- CampBX has been audited by two independent penetration tests.  We continue to be audited nightly for new vulnerabilities and we are the first Bitcoin website to earn PCI compliance.  You can read more about it here:
https://campbx.com/faq.php#security-compliance


Do give us a try and spread the word if you like us!

Thank you,
    Keyur
sr. member
Activity: 280
Merit: 250
Nice theory, but the brokers still need a public facing site with an IP address, which can then be DDOS'd.

Weak snark. Obviously they have, but to bring the market down they need to DDOS ~1000 broker sites. Good luck with that (one cliche deserves another). How much downtime i.e. unscheduled periods with zero trades does the NYSE or LSE have? how much Mt.Gox?
sr. member
Activity: 298
Merit: 250
There is no public exchange IP address to DDOS. (They would have a corporate site, but that just has corporate info and maybe some delayed quotes).


Nice theory, but the brokers still need a public facing site with an IP address, which can then be DDOS'd.

The problem here is the exchanges have not spent the money they're making in developing adequately secure and resilient sites, it's that simple. The same would apply to a broker-led community. The difference is that a fragmented set of brokers would have less money to spend on security and resilience each than a good large single exchange like MTGOX.

MTGox can resolve this, they just need to throw some money at it.
donator
Activity: 668
Merit: 500
4. Forget about circuit breakers or 'cooling off', this only works when assets are only traded on only one exchange (ie NYSE/Nasdaq) which is why you do not see gold or Forex stop trading. The market continues and your customers are left helpless.
Great insight, thanks for that.  How true, and what a load of cobblers the whole trading halt lark is.
sr. member
Activity: 280
Merit: 250
The reason traditional financial exchanges don't have the problems that MtGox is having largely comes down to something everyone here hates, brokers. In the traditional model Joe Public does not talk directly to the exchange. He talks to a broker who talks to the exchange, or as it happens now, his computer talks to the broker's computer that talks to the exchange's computer through secure channels. There is no public exchange IP address to DDOS. (They would have a corporate site, but that just has corporate info and maybe some delayed quotes).

If MtGox followed this model the advantages would be several. They would be free to concentrate on their core business (matching orders). Their AML/KYC burden would be restricted to (say) ~1000 broker accounts total, not hundreds of thousands of new client accounts per year. They wouldn't have to pay for DDOS protection or deal with client scams and complaints. That's the brokers' job. Of course they would have to slash their fees to let the brokers eat, but their costs would also be much lower. Selling access rights to the brokers would be an new source of income.

The objection that everyone will have is "what do we need brokers for, they are just useless parasites". Well they are not useless: they are paid for being the exchange's meat shield.
legendary
Activity: 1020
Merit: 1000
That's nonsense. In fact the forex market is one of the few professional financial markets that is distributed.
http://en.wikipedia.org/wiki/Forex

But govt. control monetary policies by sometimes manipulating forex price of their currencies as they have full control of minting money and its initial distribution.
full member
Activity: 136
Merit: 100
Every time I've had a problem with an exchange it was caused by the fiat side. Have a look at the bitcoin.de model: centralised BTC (basically an automated escrow service), fiat changes hands via free p2p SEPA transfers. We need more of these kinds of exchanges.

sr. member
Activity: 280
Merit: 250
I don't understand the obsession with decentralization. It might be useful but there are many successful financial exchanges that are centralized.

Risk of failure of central node and need to eliminate escrow(trusted third party).

Decentralized trading is not possible with fiat currencies as they themselves are fully centralised.

That's nonsense. In fact the forex market is one of the few professional financial markets that is distributed.
http://en.wikipedia.org/wiki/Forex
legendary
Activity: 1020
Merit: 1000
I don't understand the obsession with decentralization. It might be useful but there are many successful financial exchanges that are centralized.

Risk of failure of central node and need to eliminate escrow(trusted third party).

Decentralized trading is not possible with fiat currencies as they themselves are fully centralised.


Have a look at my proposal of decentralized trading between alternate crypto-coins.

https://bitcointalksearch.org/topic/rfc-p2p-trading-of-crypto-coins-112222
sr. member
Activity: 280
Merit: 250
I don't understand the obsession with decentralization. It might be useful but there are many successful financial exchanges that are centralized.

Well they're none in the UK any more when we used to have access to both Intersango and MtGox Barclay's.  Both were forced to shut for banking reasons.  Buying bitcoins in the UK is both expensive and difficult for smaller transactions or new buyers.

No  successful financial exchanges in the UK? What about the LSE?
member
Activity: 71
Merit: 10
hi
My solution for a decentralised exchange would be this: www.poundcoin.org
legendary
Activity: 1372
Merit: 1003


3. Create a minimum trading size, the tiny bot trades of $1 are swamping the system and add nothing.



This would definitely be a good start...



Good points, but the ultimate solution is a decentralized exchange period. 

Trying to build on the wrong foundation is simply building a robust house on sand.  It's only a matter of time before its central point of attack is overwhelemend.

...decentralization is the only solution.
+1

I don't understand the obsession with decentralization. It might be useful but there are many successful financial exchanges that are centralized.

Well they're none in the UK any more when we used to have access to both Intersango and MtGox Barclay's.  Both were forced to shut for banking reasons.  Buying bitcoins in the UK is both expensive and difficult for smaller transactions or new buyers.
sr. member
Activity: 280
Merit: 250


3. Create a minimum trading size, the tiny bot trades of $1 are swamping the system and add nothing.



This would definitely be a good start...



Good points, but the ultimate solution is a decentralized exchange period. 

Trying to build on the wrong foundation is simply building a robust house on sand.  It's only a matter of time before its central point of attack is overwhelemend.

...decentralization is the only solution.
+1

I don't understand the obsession with decentralization. It might be useful but there are many successful financial exchanges that are centralized.
member
Activity: 70
Merit: 10
Quote
If more than 5 transactions in a minute > display captcha = software DDOS solved
Physical ddos protecting router = hardware DDOS solved
There too much money to be made by manipulating the Bitcoin price with
DDoS that a single ddos protecting router is able to handle the issue completely.

Maybe the people that run the DDoS even want ransom to avoid DDoSing MtGox.

I do like that you've at least come up with something creative.....ransom. Doubtful, but at least this makes more sense than the DDoS/panic nonsense that everyone seems to believe.
member
Activity: 70
Merit: 10
Quote
If more than 5 transactions in a minute > display captcha = software DDOS solved
Physical ddos protecting router = hardware DDOS solved
There too much money to be made by manipulating the Bitcoin price with
DDoS that a single ddos protecting router is able to handle the issue completely.

Maybe the people that run the DDoS even want ransom to avoid DDoSing MtGox.

But there really isn't. How would a nefarious DDoS attack squad profit from completely destroying Bitcoin?

Everyone acts as if Bitcoin's success is a foregone conclusion, so a shadowy group would aim to DDoS attack (assuming that creates a panic....doubtful) so they could pick up cheap coins because they will definitely be worth much more in the future.

No, that is not a business model. There is no guarantee that they will ever be worth more in the future.

And at this point how would a DDoS even be successful in dropping the price now that everyone has been fooled into believing this DDoS nonsense? It's an excuse that, if believed, would boost the price because everyone would stop selling whenever we have a lag.

If anything, the lag prevents a sell-off. Is Bitcoin really so fragile that a temporary lag annihilates the currency? If so, that is even scarier than the supposed DDoS attacks.

The only entity that stands to benefit from lags are Mt Gox, IMO. The lag stems the sell-off, as I've posted ad nauseum. Having you believe this nonsense supports the price of bitcoins. The sell-off always starts prior to the lag. The system becomes unresponsive at key support levels and almost never breaks these levels (only during the crash). Tiny bot buys support the price fiercely and the price turns around.

Statements from Mt Gox would lead you to believe that the only time the price ever goes down is during is DDoS because Bitcoin simply doesn't go down.
newbie
Activity: 37
Merit: 0
Quote
If more than 5 transactions in a minute > display captcha = software DDOS solved
Physical ddos protecting router = hardware DDOS solved
There too much money to be made by manipulating the Bitcoin price with
DDoS that a single ddos protecting router is able to handle the issue completely.

Maybe the people that run the DDoS even want ransom to avoid DDoSing MtGox.
sr. member
Activity: 364
Merit: 250
If more than 5 transactions in a minute > display captcha = software DDOS solved
Physical ddos protecting router = hardware DDOS solved

How hard is it exactly?
newbie
Activity: 12
Merit: 0
One big thing distorting the Mt Gox recent bubble was the ability to game the averages by making a bid you had know way of backing up. I think this is a big recent for the recent attack. Per MtGox, their statement about changing this, starting Wednesday:

Quote
Orders will only be accepted when there are enough funds available in your wallet!   Dear users, starting on April 17th we will be rolling out a minor change on how people place orders via the Mt.Gox interface.  Until recently, anyone could place a buy or sell order for Bitcoin, regardless of how much funds were actually available in their wallet, resulting in an order showing a "Not enough funds" error status in the Open Orders list.  Starting on April 17th, this counter productive scenario will no longer be possible and will be automatically rejected before validating your order; until you have enough funds in your wallet to match the order value.  While this change should only affect a minority of users, it will however have a major impact on our trading platform and improve our system overall performance.

It must have been easy for the bad actors to inflate the price, under these conditions. Of course, if I'm missing something, that wouldn't be the first time.
full member
Activity: 224
Merit: 100
One bitcoin to rule them all!
Small transaction is not a problem by itself. The person with 0.0001 BTC should also be allowed to trade.
The problem is many transactions from the same origin in a short timespan.

If the small transaction from individual users were to be a problem due to amount of trades, they could just be collected into larger lots that are traded in one transaction. There could be one such transaction every x ticks(once a minute?), or whenever a whole slot of say 0.25 BTC is filled up .

Pages:
Jump to: