Topic: How to fix the exchanges - a professional view. (Read 4848 times)

I won't quote the full text (I hate it when people do!).

Thats a great reply, it's good to actually hear from an exchange. I cannot comment on your platform, but your answers suggest you are taking all these things seriously, so good luck!

Great points!  Here is some input from CampBX:


1. Sort your trading code out.
- Our core trade engine code has been very reliable and error-free.  Since our launch in July 2011 we haven't found any bugs or mistakes in the code.  There are a lot of trade engines out there, but it comes down to error handling.  CampBX core engine is just 5-7% trading code, rest all is error handling, sanity checks, and cross-checks.
The peripheral code will always keep evolving as we need to add new features and scale at a fast clip.

2. Invest in hardware or hosting, you're making thousands or tens of thousands per day. Buy or hire a room full of the best machines you can (I'm not a tech expert). You can never go down through 'excess trading demand' - this is amateur.
- We have invested in dedicated servers housed in an on-shore, top-tier datacenter in Arizona. This data center has:
­    Triple telecom backbone connectivity for redundancy
    Caterpillar diesel generators in case of power brown-out / black-out
    Restricted physical access to servers
    24/7 monitoring


3. Create a minimum trading size, the tiny bot trades of $1 are swamping the system and add nothing.
- We have minimum size set at 0.01 BTC and the goal is to keep it around one dollar

4. Forget about circuit breakers or 'cooling off', this only works when assets are only traded on only one exchange (ie NYSE/Nasdaq) which is why you do not see gold or Forex stop trading. The market continues and your customers are left helpless.
- Forex trading platform has evolved through Billions of dollars of development expenses, while Bitcoin is a hobby project run by (mostly) volunteers.  Due to this reason Bitcoin code tends to choke under certain situations.  If I had to guess, cool-off will remain part of the game at least till Bitcoin 2.0 client comes out.


5. Get someone to be a market-maker. You need a pool of money acting as market maker, to provide some depth of liquidity to stabilise the price when the market volumes become very illiquid or eratic. Confidence is everything in this market.
- There are a lot of bots and independent traders working as market makers on multiple platforms and exchanges.  But there is a fundamental difference: Bitcoin transfers take 60 minutes to get 6 confirmations, which hinders the market-maker's ability to provide liquidity and increases risk significantly.


6. Prove you have some depth to your security. Right now people have millions invested in exchanges and any number of them could be complete shams designed to take coins that cannot be traced. I could setup a good looking exchange in days, collect coins and money and then disappear, it's been done before, it could be done again.
- CampBX has been audited by two independent penetration tests.  We continue to be audited nightly for new vulnerabilities and we are the first Bitcoin website to earn PCI compliance.  You can read more about it here:
https://campbx.com/faq.php#security-compliance


Do give us a try and spread the word if you like us!

Thank you,
    Keyur

Weak snark. Obviously they have, but to bring the market down they need to DDOS ~1000 broker sites. Good luck with that (one cliche deserves another). How much downtime i.e. unscheduled periods with zero trades does the NYSE or LSE have? how much Mt.Gox?

Nice theory, but the brokers still need a public facing site with an IP address, which can then be DDOS'd.

The problem here is the exchanges have not spent the money they're making in developing adequately secure and resilient sites, it's that simple. The same would apply to a broker-led community. The difference is that a fragmented set of brokers would have less money to spend on security and resilience each than a good large single exchange like MTGOX.

MTGox can resolve this, they just need to throw some money at it.

Great insight, thanks for that.  How true, and what a load of cobblers the whole trading halt lark is.

The reason traditional financial exchanges don't have the problems that MtGox is having largely comes down to something everyone here hates, brokers. In the traditional model Joe Public does not talk directly to the exchange. He talks to a broker who talks to the exchange, or as it happens now, his computer talks to the broker's computer that talks to the exchange's computer through secure channels. There is no public exchange IP address to DDOS. (They would have a corporate site, but that just has corporate info and maybe some delayed quotes).

If MtGox followed this model the advantages would be several. They would be free to concentrate on their core business (matching orders). Their AML/KYC burden would be restricted to (say) ~1000 broker accounts total, not hundreds of thousands of new client accounts per year. They wouldn't have to pay for DDOS protection or deal with client scams and complaints. That's the brokers' job. Of course they would have to slash their fees to let the brokers eat, but their costs would also be much lower. Selling access rights to the brokers would be an new source of income.

The objection that everyone will have is "what do we need brokers for, they are just useless parasites". Well they are not useless: they are paid for being the exchange's meat shield.

But govt. control monetary policies by sometimes manipulating forex price of their currencies as they have full control of minting money and its initial distribution.

Every time I've had a problem with an exchange it was caused by the fiat side. Have a look at the bitcoin.de model: centralised BTC (basically an automated escrow service), fiat changes hands via free p2p SEPA transfers. We need more of these kinds of exchanges.

That's nonsense. In fact the forex market is one of the few professional financial markets that is distributed.
http://en.wikipedia.org/wiki/Forex

Risk of failure of central node and need to eliminate escrow(trusted third party).

Decentralized trading is not possible with fiat currencies as they themselves are fully centralised.


Have a look at my proposal of decentralized trading between alternate crypto-coins.

https://bitcointalksearch.org/topic/rfc-p2p-trading-of-crypto-coins-112222

No  successful financial exchanges in the UK? What about the LSE?

My solution for a decentralised exchange would be this: www.poundcoin.org

Well they're none in the UK any more when we used to have access to both Intersango and MtGox Barclay's.  Both were forced to shut for banking reasons.  Buying bitcoins in the UK is both expensive and difficult for smaller transactions or new buyers.

I don't understand the obsession with decentralization. It might be useful but there are many successful financial exchanges that are centralized.

I do like that you've at least come up with something creative.....ransom. Doubtful, but at least this makes more sense than the DDoS/panic nonsense that everyone seems to believe.

But there really isn't. How would a nefarious DDoS attack squad profit from completely destroying Bitcoin?

Everyone acts as if Bitcoin's success is a foregone conclusion, so a shadowy group would aim to DDoS attack (assuming that creates a panic....doubtful) so they could pick up cheap coins because they will definitely be worth much more in the future.

No, that is not a business model. There is no guarantee that they will ever be worth more in the future.

And at this point how would a DDoS even be successful in dropping the price now that everyone has been fooled into believing this DDoS nonsense? It's an excuse that, if believed, would boost the price because everyone would stop selling whenever we have a lag.

If anything, the lag prevents a sell-off. Is Bitcoin really so fragile that a temporary lag annihilates the currency? If so, that is even scarier than the supposed DDoS attacks.

The only entity that stands to benefit from lags are Mt Gox, IMO. The lag stems the sell-off, as I've posted ad nauseum. Having you believe this nonsense supports the price of bitcoins. The sell-off always starts prior to the lag. The system becomes unresponsive at key support levels and almost never breaks these levels (only during the crash). Tiny bot buys support the price fiercely and the price turns around.

Statements from Mt Gox would lead you to believe that the only time the price ever goes down is during is DDoS because Bitcoin simply doesn't go down.

There too much money to be made by manipulating the Bitcoin price with
DDoS that a single ddos protecting router is able to handle the issue completely.

Maybe the people that run the DDoS even want ransom to avoid DDoSing MtGox.

If more than 5 transactions in a minute > display captcha = software DDOS solved
Physical ddos protecting router = hardware DDOS solved

How hard is it exactly?

One big thing distorting the Mt Gox recent bubble was the ability to game the averages by making a bid you had know way of backing up. I think this is a big recent for the recent attack. Per MtGox, their statement about changing this, starting Wednesday:


It must have been easy for the bad actors to inflate the price, under these conditions. Of course, if I'm missing something, that wouldn't be the first time.

Small transaction is not a problem by itself. The person with 0.0001 BTC should also be allowed to trade.
The problem is many transactions from the same origin in a short timespan.

If the small transaction from individual users were to be a problem due to amount of trades, they could just be collected into larger lots that are traded in one transaction. There could be one such transaction every x ticks(once a minute?), or whenever a whole slot of say 0.25 BTC is filled up .