Author

Topic: [OFFICIAL]Bitfinex.com first Bitcoin P2P lending platform for leverage trading - page 117. (Read 723903 times)

full member
Activity: 136
Merit: 100
lending offers that are taken slightly below FRR will still result in FRR increasing.

Would help a bit, but we really need for offers taken at FRR to result in the FRR increasing.
legendary
Activity: 2618
Merit: 1007
If Bitfinex has no clue who is the rightful owner of an account then they can't possibly verify who the rightful owner is.
GPG key uploaded to them before the user got compromised, GPG key attached to the user's email publicly before the user was compromised, access to Bitcoin addresses where deposited funds originated, electronically signed statements "I own account X" that can hold up in court as evidence if a fraudster withdraws money, locking down IP ranges on user request, offering VPN access (which can be often better secured than https websites, e.g. with certificates) to bitfinex, knowledge of previous interactions...
newbie
Activity: 48
Merit: 0
Won't work for people only using cryptocurrencies (no ID required) AND people don't always look like their ID picture all the time. It would be not too hard for me to look like a lot of generic white males if I just know the hair colour and some basic facial features for a blurry, badly lit picture.

Good points.

I guess some trade-offs for people who do not want to verify are unavoidable. If Bitfinex has no clue who is the rightful owner of an account then they can't possibly verify who the rightful owner is. I guess those who do not want to verify would have to decide if they they want privacy or the ability to recover their account if something happens?

As for blurry, badly lit pictures, that is true but it could be solved by "The picture is too unclear, please take a better one". This would not help if the picture on the ID is unclear, though. I also see your point about generic $color males, but it does make it slightly harder for some. You will, for example, have a hard time looking Chinese if you are black?

Please share any better suggestions if you have any. Anxbtc verifies accounts by sending something to the physical post address you provide. That is just as secure as your mailbox is but it does prevent some hacker on the other side of the planet of typeing some things into his keyboard and gain access to your account (you can hack e-mail accounts remotely but you need to actually to go the physical mailbox to pick a letter out of it).

There are trade-offs as to what the second factor here should be. My concern is that there should be one, taking control over the e-mail account (one factor) should not be enough to a) change the password and b) remove/change Google OTP because (I know I am repeating myself but this is an important point) that is NOT 2FA, it's 1FA. Any actual second factor would add to the security model.
legendary
Activity: 2618
Merit: 1007
As I suggested: Write "Disable my 2FA, today is $DATE" on a piece of paper & take a photo holding that piece of paper and you now have something that is very hard to do for someone who is not you even if they have all the haxor skills in the world.

Won't work for people only using cryptocurrencies (no ID required) AND people don't always look like their ID picture all the time. It would be not too hard for me to look like a lot of generic white males if I just know the hair colour and some basic facial features for a blurry, badly lit picture.
newbie
Activity: 48
Merit: 0
This is an interesting post, and I am looking into it. However, one thing off the bat, I can't just create any email account and then email from it. You have to email FROM THE EMAIL USED TO OPEN THE ACCOUNT. So, as long as you were the original user to open the account, you should
A) Know what email was used.
B) Be the only one to have access to it.

Here is my problem with the current Bitfinex "security" system:

* Your e-mail account is ONE factor. ONE. Period.

If I get access to the e-mail account you used to sign up at BFX then I can:

* Reset your password.
* E-mail Bitfinex and have them disable your Google OTP.

The whole point of Google OTP is to provide TWO factor security for your account. What we have here is NOT two factor security, we have ONE factor factor security and that one factor is your e-mail account.

This means that your Bitfinex account is ONLY protected as well as your e-mail account is protected. If you, for example, signed up using a GMail account and use that with Bitfinex then everyone at Google can take control over your Bitfinex account.

Think about this: Why even bother ask for a password and OTP when you login at Bitfinex? Bitfinex could instead just ask you to enter your username and send you a login-link to your e-mail - then you click that link and you've got access to everything at Bitfinex. Does this sound secure? Well, regardless of what you think of that "security system" it is no less secure than the current system.

One little detail: You can not withdraw for 1 week after Bitfinex disables your OTP. This means that the adversary will need to look at your Facebook page and time the attack based on when you tell the world that you will be going on a two week jungle safari.

Of course, I am glad to look over the suggestions, and I think some of them might be useful as user requested additional settings. Security, from the user perspective, is a tradeoff between convenience and security. So, while making them fly to Hong Kong is super secure, it means that you could be locked out of your account for quite a long time. This is obviously just an extreme example. I, personally, hate when companies REQUIRE me to jump through hoops, and don't allow me to judge my personal preference for level of security. I think we struck a good balance, in that we allow you to lock your withdrawal address, offer automated withdrawals only if 2FA is enabled, and require 2FA for login. Obviously, this is heavily dependant on 2FA, and on a users own security measures. One thing I would highly recommend, again this isn't perfect security, but is have a passphrase on your phone, AND a separate one on your 2FA (in my case, you have to have my thumb to open Authy). Again, I stress that there is no perfect method that will make you unhackable, and if someone really wants it bad enough, there is always the $5 wrench. So, I think that doing a reasonable amount of preventative work, and getting into good security habits is effective for most accounts, while more extreme measures could be worthwhile for very large accounts, or for corporate accounts.

Really want to continue this conversation, so let me know your thoughts.

I agree that it is hard to make good trade-off's here. What I would like Bitfinex to solve better is that Google OTP should provide 2FA as in TWO FACTOR when it is used right. This means not using the device you use to login at Bitfinex for Google OTP (dedicated $50 android phone or a heavily passport protected normal phone, preferably one which you do not use to login at Bitfinex) and it also means not being able to remove Google OTP by the same means you can use to change the account password.

Bitfinex does not provide 2FA as long as you can use an e-mail account to easily both reset the password and remove OTP. That is NOT 2FA, that is 1FA. Period. And that is NOT secure. As I suggested: Write "Disable my 2FA, today is $DATE" on a piece of paper & take a photo holding that piece of paper and you now have something that is very hard to do for someone who is not you even if they have all the haxor skills in the world.

As for the $5 wrench.. yes, that is indeed a hard one to solve.
legendary
Activity: 1456
Merit: 1000
if i offer swap of btc for 2 days and some ppl take it only for 3 hours, do i receive interest of 1 day or  just 3 hours Huh


thanks
Pretty sure interested is compounded hourly so if someone returns a swap after 3 hours you only receive 3 hours of interest, not 1 whole day.  


ok...

thats great  Grin
i just got few btc swap offer returned before 1 hour which mean i got more interest in effect    Cool
  

Note to self:  keep checking bitfinex every hours minute to maximize profit
legendary
Activity: 2618
Merit: 1007
This is an interesting post, and I am looking into it. However, one thing off the bat, I can't just create any email account and then email from it. You have to email FROM THE EMAIL USED TO OPEN THE ACCOUNT. So, as long as you were the original user to open the account, you should
A) Know what email was used.
B) Be the only one to have access to it.

How do you verify that an email that seems to be sent from [email protected] actually IS sent from this address? It is not very hard to fake the originating address in an email... http://en.wikipedia.org/wiki/Email_spoofing - and just a quick google search for "email fake sender" already gives me several web servic es in which I can enter any mail I want that seems to be sent from any other mail address.

If you send a request for confirmation back (again, taking care that you don't just hit "reply" - this might send the reply to a different address!) - which you don't(!) - then at least the mail account needs to be pwned  too (probably not too hard, but at least a bit harder than just faking a mail).

newbie
Activity: 1
Merit: 0
Dear Bitfinex

My BTC deposit isn't added to my account even after more than 6 confirms.
I've sent an email to [email protected] containing transaction details

I've been using Bitfinex for several months without any issue but this time I'm disappointed.
Would u please fix it up as soon as possible?

Thanks in advance.


 ---------------PS--
It's fixed now. Thanks for the swift response.
mjr
full member
Activity: 194
Merit: 100
It looks like Bitfinex could use some serious improvement in their routines regarding user security. And I think we should help them by brainstorming ideas for exactly how this should be done or just have a little public debate.

THE ISSUE:

Quote
https://www.reddit.com/r/Bitcoin/comments/2mchko/is_the_security_on_bitfinex_and_kraken_really/

A user posted this in /r/bitcoinmarkets about losing his 2FA keys

https://www.reddit.com/r/BitcoinMarkets/comments/2m944k/daily_discussion_friday_november_14_2014/cm29ldw

    For kraken there is an option to send a atemporary key to your email address to use in place of the 2FA key, which allows access to enable it again.

    For bitfinex I emailed them and they temporarily disabled the 2FA key so I could reset it.

    For bitstamp I emailed them and had to resend a new picture of my KYC docs, they then disabled 2FA and also virtual currency withdrawals, once you have re enabled it you then send another picture of your KYC docs with a message to them asking them to re enable BTc withdrawals.

    In terms of security its probably stamp > kraken > finex but in terms of customer services its kraken > finex > stamp. Kraken got back to me within the hour, finex took a day, stamp took 4.

So if someone gets access to your email, your 2FA becomes worthless on kraken. On bitfinex it seems they don't even need to get access to your email.

Has anyone else here been through a similar situation with these exchanges? Is it really this poor?

I use 2FA on Bitfinex - but what is it worth if someone can just make a [email protected] e-mail account and send them an e-mail asking them to disable it?

Not sure if I should try making some random e-mail account and bug them to give me my password and disable my 2FA using that just to see what happens.. perhaps I should do it, but not right now due to this posting, perhaps in a week or month or two months... Smiley As the above message shows: Attacking them just to see what happens is probably a good idea.

You would obviously need to have the Bitfinex username and password already to gain anything from disabling someone's 2FA - but even so, disabling 2FA should just not be simple. On the other hand, it could happen that someone does need them to disable their own 2FA for legitimate reasons - like .. your 2FA device is stolen/broken/flushed down the toilet (happened to a friend once) and you do not have a few encrypted USB sticks or a paper backup of the 2FA seed. There is also the question of "what would my family do if I die in a horrible car accident" (hint: make sure a family member you really trust, blood not "love", knows how to clear out your BFX account prior to this happening).

I for one would like Bitfinex to have the option of adding a GnuPG key. If a message comes from my e-mail signed by my GnuPG key then it is likely me. Weaknesses: a) Some customers will inevitably put all eggs in a very weak basket: Their mobile phone. b) your GnuPG key is probably on your computer and you type your password in on your computer so if that is owned..

A quick note on mobile phones here: They are CHEAP. As in get a $50 Android phone JUST for 2FA. Never bring it anywhere and never use it for anything else. If you have 1 Android phone and you a) use it for 2FA b) use it for e-mail and have your username and password permanently stored on it and c) have your secret GnuPG key on it and type your password into it all the time..   You're doing it wrong. If there is also a d) you use this device to login to Bitfinex.. then you are not using 2FA, you're using 1FA as in 1 device needs to be owned and you're screwed.

What I would like to see here is ideas on what the requirements should be for Bitfinex to accept "I forgot my password" and "Please disable my 2FA". My personal view is that the answer could be as strong as "Fly to our office and show us your ID" but I realize that many will not agree..

"Reddit"-style ID could also be a thing: Write the date and "please disable 2fa I screwed up" on a piece of paper and take a photo of yourself holding that and your ID (which they can verify against the verification documents they have in cold storage)? perhaps with shoe on head to top it off? Wink I know this idea may sound a bit silly but ANYTHING is better than "just send an e-mail saying disable my 2fa plz"

Some threat models to consider:

* The adversary has owned your mobile phone. Everything on it is accessible to the adversary (which could include e-mail account, 2FA, Bitfinex login details as you type them in)
* The adversary has owned your computer and everything on it and knows everything you type but not your mobile phone (or your main mobile phone but not your dedicated 2FA phone)
* The adversary has owned your e-mail but nothing else.
* The adversary has owned your Bitfinex username and password but nothing else (only 2FA stands in the way).

I know I've been ranting. I'd just like some input and attention to this issue and I would not like to find my Bitfinex account empty one morning because someone used social engineering and/or script-kiddie level "hacking" to fool them into handing out my password and disabling my 2FA.

This is an interesting post, and I am looking into it. However, one thing off the bat, I can't just create any email account and then email from it. You have to email FROM THE EMAIL USED TO OPEN THE ACCOUNT. So, as long as you were the original user to open the account, you should
A) Know what email was used.
B) Be the only one to have access to it.

Of course, I am glad to look over the suggestions, and I think some of them might be useful as user requested additional settings. Security, from the user perspective, is a tradeoff between convenience and security. So, while making them fly to Hong Kong is super secure, it means that you could be locked out of your account for quite a long time. This is obviously just an extreme example. I, personally, hate when companies REQUIRE me to jump through hoops, and don't allow me to judge my personal preference for level of security. I think we struck a good balance, in that we allow you to lock your withdrawal address, offer automated withdrawals only if 2FA is enabled, and require 2FA for login. Obviously, this is heavily dependant on 2FA, and on a users own security measures. One thing I would highly recommend, again this isn't perfect security, but is have a passphrase on your phone, AND a separate one on your 2FA (in my case, you have to have my thumb to open Authy). Again, I stress that there is no perfect method that will make you unhackable, and if someone really wants it bad enough, there is always the $5 wrench. So, I think that doing a reasonable amount of preventative work, and getting into good security habits is effective for most accounts, while more extreme measures could be worthwhile for very large accounts, or for corporate accounts.

Really want to continue this conversation, so let me know your thoughts.
legendary
Activity: 1680
Merit: 1001
CEO Bitpanda.com
I love the ideo of futures trading on Bitfinex.

BUT FOR THE LOVE OF GOD, don't offer a high leverage, OKCoin and co have all had to socialise losses, because of high leverage.
full member
Activity: 154
Merit: 100
People are talking about futures trading.  I really hate the existing futures at 796 / OKCoin / etc., not because of the counter-party risk, but that it is settled in BTC - if it's like real commodities futures, where it's settled by 'physical delivery', or paying the difference in fiat - I'm all for it.  Imagine you went short BTC, BTC fell which is great, but then you get paid by having more BTC in your account - o crap, now you have more of the thing that you wanted to short in the first place!

that´s exactly my concern with futures trading on the other BTC sites. Good point!

@Mythoughts
after reading your reply I really like your proposal.

@Bitfinex
make it happen!  Grin
member
Activity: 77
Merit: 13
2586, much appreciate people giving thoughts to the issue - but I see this as a "big" change.  The (x=0, y=0) => lend at highest available swap demands will kill all the swap demand; I wouldn't be shocked if a lot of people leave it or make it x=0 , y =0.

That would be the same as offering your swaps at a fixed rate of 0%. It seems like very few people if any would choose to do that. When was the last time that the USD swap book had no demands on it?

After thinking about it some more, I like my second idea better, though:

  • Place new swap offers at x%
  • Reduce swap offer rate by y% for each hour(or minute?) that it remains unfilled
  • Do not reduce swap offer rate below z%

This one also has the advantage that default values can be provided, since it will still create a range of offers even if everyone uses the same parameters.

Offers slowly cascade down until they reach the current supply/demand equilibrium point. As demand for swaps rises, it pushes that equilibrium rate up. As swap supply rises, it gradually pushes the equilibrium rate back down. You could set everyone at a default of x=1%, y=0.1% (per hour, or 0.00167% per minute), z=0.05%, and let people fiddle around with it from there. With those settings, your offers usually won't sit idle for more than 10 hours, which is probably better than the FRR on average. When demand goes crazy and the offer book gets cleared, your new offers start getting filled near %1, which they'd never do if set to the FRR.

Quote
I believe my idea of creating an 'effective FRR' by charging a markup over FRR (do not change the way FRR is calculated) involves less disruption to the way people react to it right now, it somewhat solves the wall issue as lending offers that are taken slightly below FRR will still result in FRR increasing.

This would cause FRR offers to sit idle for even longer than they already do, and doesn't remove the wall. It's less bad than the current FRR setup, but still has the same primary weakness: spikes in demand aren't apparent until the offer book has been entirely cleared out. The wall is allowed to float up slowly, but the price (interest rate) signalling mechanism still gets suppressed. The main benefit of your proposal would be that it'd make the FRR less attractive to lenders. May as well just remove the FRR and its distorting effect entirely.
hero member
Activity: 756
Merit: 500
People are talking about futures trading.  I really hate the existing futures at 796 / OKCoin / etc., not because of the counter-party risk, but that it is settled in BTC - if it's like real commodities futures, where it's settled by 'physical delivery', or paying the difference in fiat - I'm all for it.  Imagine you went short BTC, BTC fell which is great, but then you get paid by having more BTC in your account - o crap, now you have more of the thing that you wanted to short in the first place!
newbie
Activity: 48
Merit: 0
Woah, what happened there?

BTC Swaps just halved from under 10k to 5. Was there any corresponding price action?

Someone bought back a 5k short and then reserved 5k BTC. If you plan to add a big short then you reserve first and wait (days if need be) for the right price. The obvious reason is that people look at bfxdata and notice big shorts. If you reserve 200 BTC or 5000 BTC at one point in time and do the trade at another then nobody knows when you actually did the trade.
hero member
Activity: 756
Merit: 500
Here's an idea for replacing the FRR while still catering to lazy lenders.

When choosing variable rate autolending, lenders will have two parameters to set:

  • Allow no more than $x of competing offers to be priced lower than or equal to mine
  • Do not reduce my offer below y%

Do not provide default values.

The system should place the lenders offer as high as it can without violating the specified parameters. If two competing offers would end up in a race to the bottom (for example, x=0, y=0), just match them with the highest available swap demands.

This would break up the massive FRR wall while still allowing autolenders to benefit from increases in swap demand.

An alternative that might be simpler to implement:

  • Place new swap offers at x%
  • Reduce swap offer rate by y% for each hour(or minute?) that it remains unfilled
  • Do not reduce swap offer rate below z%

This one also has the advantage that default values can be provided, since it will still create a range of offers even if everyone uses the same parameters.

2586, much appreciate people giving thoughts to the issue - but I see this as a "big" change.  The (x=0, y=0) => lend at highest available swap demands will kill all the swap demand; I wouldn't be shocked if a lot of people leave it or make it x=0 , y =0.  I believe my idea of creating an 'effective FRR' by charging a markup over FRR (do not change the way FRR is calculated) involves less disruption to the way people react to it right now, it somewhat solves the wall issue as lending offers that are taken slightly below FRR will still result in FRR increasing.
member
Activity: 63
Merit: 14
Only if there's
- a steady stream of really cheap swap offers (they'll adjust their cheap offers upwards if people use them instantly to re-offer them) and
- the guys taking the cheap offers can lend most of them out. If they take offers cheap but cant find anyone who want them, they risk losing money

It would adjust in a way more natural way than it does now.

Could try this slowly by requiring a big margin for re-lending.
full member
Activity: 154
Merit: 100
Wouldn't the swap/FRR issues solve themselves if it was possibly to take (cheap) swap offers and lend them out at higher rates?

Nearly everyone wins here:
- the cheap lenders can set everything on auto-pilot
- those who care to micro-manage their swaps can use market inefficiencies to earn some more
- more commission for BFX

would be too easy to manipulate the market:
buy up everyones cheap swap offers and offer all the funds at 1 % a day... many traders don´t care about rates or would be forced
be forced to pay your usurious interest rates  Wink
member
Activity: 63
Merit: 14
Wouldn't the swap/FRR issues solve themselves if it was possibly to take (cheap) swap offers and lend them out at higher rates?

Nearly everyone wins here:
- the cheap lenders can set everything on auto-pilot
- those who care to micro-manage their swaps can use market inefficiencies to earn some more
- more commission for BFX
hero member
Activity: 697
Merit: 501
if i offer swap of btc for 2 days and some ppl take it only for 3 hours, do i receive interest of 1 day or  just 3 hours Huh


thanks
Pretty sure interested is compounded hourly so if someone returns a swap after 3 hours you only receive 3 hours of interest, not 1 whole day. 
legendary
Activity: 1456
Merit: 1000
if i offer swap of btc for 2 days and some ppl take it only for 3 hours, do i receive interest of 1 day or  just 3 hours Huh


thanks
Jump to: