Topic: The Beauty of an Exchange---Server Side (Read 711 times)
the problem is that people want the best of both worlds. they want a currency that the government won't touch or monitor and they want all the safeties that the government(or any other agency) provide. they want to jump in there and swim in the water that has the sharks and the dangers, but they want to take a life preserver with them. true, decentralized currency is packed with dangers and possible theft.
Why don't the exchanges do what the banks do, which is take out insurance against hacking? I think Coinbase has insurance, but they appear to be the only ones.
I wonder what the requirements for an exchange to get insurance against hacking would be? I'm assuming they would require some sort of code audit in order to qualify? Seems like it would be pretty risky for insurance companies to ensure against hacking for these large exchanges.
Especially when we're talking bitcoin here. An insurance will not be given easily that's for sure.
Then again given there's a lot of speculation of hacks often being an inside job think that would make it even harder...
Why don't the exchanges do what the banks do, which is take out insurance against hacking? I think Coinbase has insurance, but they appear to be the only ones.
I wonder what the requirements for an exchange to get insurance against hacking would be? I'm assuming they would require some sort of code audit in order to qualify? Seems like it would be pretty risky for insurance companies to ensure against hacking for these large exchanges.
Thanks for the reply. Why don't the exchanges do what the banks do, which is take out insurance against hacking? I think Coinbase has insurance, but they appear to be the only ones.
If lots of exchanges got bespoke insurance from the LLoyds insurance market, for instance, they'd be pooling the risk and be less likely to go down in the event of a hack.
Insured exchanges would attract more users, and the exchange would make more profit as a result. Coinbase's insurance is the reason Circle found it had to compete with them, and withdrew from the bitcoin market.
If lots of exchanges got bespoke insurance from the LLoyds insurance market, for instance, they'd be pooling the risk and be less likely to go down in the event of a hack.
Insured exchanges would attract more users, and the exchange would make more profit as a result. Coinbase's insurance is the reason Circle found it had to compete with them, and withdrew from the bitcoin market.
they might have it, who knows. it is likely something that has to go as out there as lloyds, i doubt most insurance companies would touch crypto right now in that manner
Thanks for the reply. Why don't the exchanges do what the banks do, which is take out insurance against hacking? I think Coinbase has insurance, but they appear to be the only ones.
If lots of exchanges got bespoke insurance from the LLoyds insurance market, for instance, they'd be pooling the risk and be less likely to go down in the event of a hack.
Insured exchanges would attract more users, and the exchange would make more profit as a result. Coinbase's insurance is the reason Circle found it had to compete with them, and withdrew from the bitcoin market.
If lots of exchanges got bespoke insurance from the LLoyds insurance market, for instance, they'd be pooling the risk and be less likely to go down in the event of a hack.
Insured exchanges would attract more users, and the exchange would make more profit as a result. Coinbase's insurance is the reason Circle found it had to compete with them, and withdrew from the bitcoin market.
that was getting long winded, the point is that no single person can do everything themselves and that means that at least a small team has to be in control and any one of those people could jack the whole system up and cause enough chaos that the site is over
A genuinely interesting article, OP.
I had no idea that new coin developers paid to get their coins listed for example.
I agree with what others said about security - it is the weak point in the exchange business model. If if the exchange owners and all their staff were scrupulously honest, it just takes one hack for people to lose confidence and withdraw their coins and stop trading.
Can you give us an idea of what sort of security measures Yobit has taken? For example, are they insured in case of a hack (which would allow them to weather the storm and continue trading).
I had no idea that new coin developers paid to get their coins listed for example.
I agree with what others said about security - it is the weak point in the exchange business model. If if the exchange owners and all their staff were scrupulously honest, it just takes one hack for people to lose confidence and withdraw their coins and stop trading.
Can you give us an idea of what sort of security measures Yobit has taken? For example, are they insured in case of a hack (which would allow them to weather the storm and continue trading).
i do not work for them, i know that one thing is the fact that crypto takes care of some of its own security in a way. using confirmations on deposits into your exchange will prevent some issues. some things that people think would be a security issue are not. for example, trading bots. firstly, if a coin gains or loses value, that has no direct effect on the exchange as a plus or minus factor. both situations create trades and those create fees. a trading bot is fine on your exchange, as it is trading and that is what you want. there has yet to a person that has made a bot that can outright cheat the market, they simply follow trends and trade, and that is good business.
technically, an exchange does not lose money on compromised accounts, but they lead to loss of new clients and reputation, therefore one high security issue is protecting the clients account, this is also lumped in with your licensing requirements. that brings us to the rub. the most secure team is a team of one, but i have yet to find the perfect businessperson and the perfect coder in the same body. i know business and i can write code, but i would not trust the integrity of clients accounts to my coding of security. so, you now have to bring in freelance or increase the team size. code injection and such are the biggest fears.
as a basic hack example from way back, and no it shouldn't work anywhere anymore. say i login into my account and deposit 10 BTC. in the old days you might see a url like "myexchange.com/account/deposit?btc=10". a good hacker would note that and then, rather than actually deposit funds simply type that url in the browser after logging in and the server would think the deposit has been made. do it over and over and then withdraw the funds.
these days on a poorly protected site, a hacker can use javascript in the browser to fool a website into assuming facts that are not true, like a deposit or withdrawal. without ddos protection, anyone can use a script to try a username and brute force passwords. there are millions of types of attacks and that is where the security comes in. hell, an attacker can simply render your site unable to use for short periods and take advantage of that on other sites
In the general you have to pay a fee to your coin be listed at the most well know exchanges, usually those makes your coin get more attention and be pumped, and if its a good coin it will get better value in the medium time, this happens at poloniex, once the coin achieves those people pump it. Exchanges looks amazing source of income but remember even getting great income they must focus into security and online security isnt something cheap, there is a concern to invest into those exchanges with high security and staff to help you anytime. Look at yobit they are on the market but they are knowed as pump and dump of shitcoins in the general, sure its a great way to make as well loose fast bitcoins, but they still into the market with a good volume daily.
I don't think that mismanagement is the primary cause for exchanges scamming people. It's simply greed. Many people just can't get enough - no matter how much you pay them.
Normally, exchanges are not operated by a single person. So even if the founder/CEO is a honest individual, one of his employees can still feel ''underpaid'' and might run an inside job.
Normally, exchanges are not operated by a single person. So even if the founder/CEO is a honest individual, one of his employees can still feel ''underpaid'' and might run an inside job.
A genuinely interesting article, OP.
I had no idea that new coin developers paid to get their coins listed for example.
I agree with what others said about security - it is the weak point in the exchange business model. If if the exchange owners and all their staff were scrupulously honest, it just takes one hack for people to lose confidence and withdraw their coins and stop trading.
Can you give us an idea of what sort of security measures Yobit has taken? For example, are they insured in case of a hack (which would allow them to weather the storm and continue trading).
I had no idea that new coin developers paid to get their coins listed for example.
I agree with what others said about security - it is the weak point in the exchange business model. If if the exchange owners and all their staff were scrupulously honest, it just takes one hack for people to lose confidence and withdraw their coins and stop trading.
Can you give us an idea of what sort of security measures Yobit has taken? For example, are they insured in case of a hack (which would allow them to weather the storm and continue trading).
For those that do not know, and I am highly paraphrasing here, provably fair is a third party system that compiles and checks the results for many games and insures there is no tampering, it is there to protect the site and the player, throwing up alerts if there is an issue(I think). I have not touched it, but it should be a few lines of code added to any game and server side registration. Think of them like the United States Lottery Commission.
This is not what provably fair is. A provably fair dice game is a game where the site nor the player can cheat or be cheated in any way. The results of a provably fair dice game are typically calculated by a few variables. On most sites these are the server seed (which the site determines), client seed (which the player can choose) and a nonce (this just helps that the seeds mentioned earlier don't have to be changed each round and that a new result is produced each roll). What is done is these variables are combined and they produce the result. Why each party can't be cheated? That is because the site is free to choose the server seed at their will and the player can choose any client seed (within some limitations usually such as amount of digits etc.) Usually the seeds are a string of numbers and letters etc. (symbols can be used on some sites too). They are also chosen prior to the bet being placed so cheating is virtually impossible.
Provably fair is (probably) explained better and in a more detailed fashion here: https://dicesites.com/provably-fair
i appreciate the correction, let me make sure i understand, the game "code" itself is not on the site hosting the game, in this case yobit, rather the site handles passing their seed and the players seed to the third party where all the calculations are made. does this sound correct?
There's no third party. The calculations don't have to be made anywhere else as the site can't change the client seed without the player knowing and neither can the player know the results ahead. I forgot to mention that the server seed is hashed. The player knows the server seed hash prior to the bet and thus knows the site doesn't change it in the middle of anything. If the site does change the server seed without the player's knowledge, the hash wouldn't match to the new server seed. The server seed is hashed because showing the server seed fully would result in player being able to determine the results.
Sorry for making it more confusing!
Yes, that would make this possible. The same system can be implemented on many other games besides dice such as roulette and blackjack. Even slots could be made provably fair which would be amazing to see happen on bigger casinos. I have the feeling it won't be happening anytime soon though...
again, thank you very much and I apologize again for answering without really knowing what i was talking about. to return to the subject, the point is simple, an exchange that is doing well is making money from many things and if everything is handled well, they should not have to steal and run
For those that do not know, and I am highly paraphrasing here, provably fair is a third party system that compiles and checks the results for many games and insures there is no tampering, it is there to protect the site and the player, throwing up alerts if there is an issue(I think). I have not touched it, but it should be a few lines of code added to any game and server side registration. Think of them like the United States Lottery Commission.
This is not what provably fair is. A provably fair dice game is a game where the site nor the player can cheat or be cheated in any way. The results of a provably fair dice game are typically calculated by a few variables. On most sites these are the server seed (which the site determines), client seed (which the player can choose) and a nonce (this just helps that the seeds mentioned earlier don't have to be changed each round and that a new result is produced each roll). What is done is these variables are combined and they produce the result. Why each party can't be cheated? That is because the site is free to choose the server seed at their will and the player can choose any client seed (within some limitations usually such as amount of digits etc.) Usually the seeds are a string of numbers and letters etc. (symbols can be used on some sites too). They are also chosen prior to the bet being placed so cheating is virtually impossible.
Provably fair is (probably) explained better and in a more detailed fashion here: https://dicesites.com/provably-fair
i appreciate the correction, let me make sure i understand, the game "code" itself is not on the site hosting the game, in this case yobit, rather the site handles passing their seed and the players seed to the third party where all the calculations are made. does this sound correct?
There's no third party. The calculations don't have to be made anywhere else as the site can't change the client seed without the player knowing and neither can the player know the results ahead. I forgot to mention that the server seed is hashed. The player knows the server seed hash prior to the bet and thus knows the site doesn't change it in the middle of anything. If the site does change the server seed without the player's knowledge, the hash wouldn't match to the new server seed. The server seed is hashed because showing the server seed fully would result in player being able to determine the results.
Sorry for making it more confusing!
Yes, that would make this possible. The same system can be implemented on many other games besides dice such as roulette and blackjack. Even slots could be made provably fair which would be amazing to see happen on bigger casinos. I have the feeling it won't be happening anytime soon though...
For those that do not know, and I am highly paraphrasing here, provably fair is a third party system that compiles and checks the results for many games and insures there is no tampering, it is there to protect the site and the player, throwing up alerts if there is an issue(I think). I have not touched it, but it should be a few lines of code added to any game and server side registration. Think of them like the United States Lottery Commission.
This is not what provably fair is. A provably fair dice game is a game where the site nor the player can cheat or be cheated in any way. The results of a provably fair dice game are typically calculated by a few variables. On most sites these are the server seed (which the site determines), client seed (which the player can choose) and a nonce (this just helps that the seeds mentioned earlier don't have to be changed each round and that a new result is produced each roll). What is done is these variables are combined and they produce the result. Why each party can't be cheated? That is because the site is free to choose the server seed at their will and the player can choose any client seed (within some limitations usually such as amount of digits etc.) Usually the seeds are a string of numbers and letters etc. (symbols can be used on some sites too). They are also chosen prior to the bet being placed so cheating is virtually impossible.
Provably fair is (probably) explained better and in a more detailed fashion here: https://dicesites.com/provably-fair
got it, i apologize for originally making the wrong statements and thank you for clarifying. so in a real casino, this system and coding takes the dealers hands completely off the cards and even hides the way the deck was shuffled.
i appreciate the correction, let me make sure i understand, the game "code" itself is not on the site hosting the game, in this case yobit, rather the site handles passing their seed and the players seed to the third party where all the calculations are made. does this sound correct?
There's no third party. The calculations don't have to be made anywhere else as the site can't change the client seed without the player knowing and neither can the player know the results ahead. I forgot to mention that the server seed is hashed. The player knows the server seed hash prior to the bet and thus knows the site doesn't change it in the middle of anything. If the site does change the server seed without the player's knowledge, the hash wouldn't match to the new server seed. The server seed is hashed because showing the server seed fully would result in player being able to determine the results.
Sorry for making it more confusing!
For those that do not know, and I am highly paraphrasing here, provably fair is a third party system that compiles and checks the results for many games and insures there is no tampering, it is there to protect the site and the player, throwing up alerts if there is an issue(I think). I have not touched it, but it should be a few lines of code added to any game and server side registration. Think of them like the United States Lottery Commission.
This is not what provably fair is. A provably fair dice game is a game where the site nor the player can cheat or be cheated in any way. The results of a provably fair dice game are typically calculated by a few variables. On most sites these are the server seed (which the site determines), client seed (which the player can choose) and a nonce (this just helps that the seeds mentioned earlier don't have to be changed each round and that a new result is produced each roll). What is done is these variables are combined and they produce the result. Why each party can't be cheated? That is because the site is free to choose the server seed at their will and the player can choose any client seed (within some limitations usually such as amount of digits etc.) Usually the seeds are a string of numbers and letters etc. (symbols can be used on some sites too). They are also chosen prior to the bet being placed so cheating is virtually impossible.
Provably fair is (probably) explained better and in a more detailed fashion here: https://dicesites.com/provably-fair
i appreciate the correction, let me make sure i understand, the game "code" itself is not on the site hosting the game, in this case yobit, rather the site handles passing their seed and the players seed to the third party where all the calculations are made. does this sound correct?
There's no third party. The calculations don't have to be made anywhere else as the site can't change the client seed without the player knowing and neither can the player know the results ahead. I forgot to mention that the server seed is hashed. The player knows the server seed hash prior to the bet and thus knows the site doesn't change it in the middle of anything. If the site does change the server seed without the player's knowledge, the hash wouldn't match to the new server seed. The server seed is hashed because showing the server seed fully would result in player being able to determine the results.
Sorry for making it more confusing!
For those that do not know, and I am highly paraphrasing here, provably fair is a third party system that compiles and checks the results for many games and insures there is no tampering, it is there to protect the site and the player, throwing up alerts if there is an issue(I think). I have not touched it, but it should be a few lines of code added to any game and server side registration. Think of them like the United States Lottery Commission.
This is not what provably fair is. A provably fair dice game is a game where the site nor the player can cheat or be cheated in any way. The results of a provably fair dice game are typically calculated by a few variables. On most sites these are the server seed (which the site determines), client seed (which the player can choose) and a nonce (this just helps that the seeds mentioned earlier don't have to be changed each round and that a new result is produced each roll). What is done is these variables are combined and they produce the result. Why each party can't be cheated? That is because the site is free to choose the server seed at their will and the player can choose any client seed (within some limitations usually such as amount of digits etc.) Usually the seeds are a string of numbers and letters etc. (symbols can be used on some sites too). They are also chosen prior to the bet being placed so cheating is virtually impossible.
Provably fair is (probably) explained better and in a more detailed fashion here: https://dicesites.com/provably-fair
i appreciate the correction, let me make sure i understand, the game "code" itself is not on the site hosting the game, in this case yobit, rather the site handles passing their seed and the players seed to the third party where all the calculations are made. does this sound correct?
For those that do not know, and I am highly paraphrasing here, provably fair is a third party system that compiles and checks the results for many games and insures there is no tampering, it is there to protect the site and the player, throwing up alerts if there is an issue(I think). I have not touched it, but it should be a few lines of code added to any game and server side registration. Think of them like the United States Lottery Commission.
This is not what provably fair is. A provably fair dice game is a game where the site nor the player can cheat or be cheated in any way. The results of a provably fair dice game are typically calculated by a few variables. On most sites these are the server seed (which the site determines), client seed (which the player can choose) and a nonce (this just helps that the seeds mentioned earlier don't have to be changed each round and that a new result is produced each roll). What is done is these variables are combined and they produce the result. Why each party can't be cheated? That is because the site is free to choose the server seed at their will and the player can choose any client seed (within some limitations usually such as amount of digits etc.) Usually the seeds are a string of numbers and letters etc. (symbols can be used on some sites too). They are also chosen prior to the bet being placed so cheating is virtually impossible.
Provably fair is (probably) explained better and in a more detailed fashion here: https://dicesites.com/provably-fair
Interesting post! I realized there were a lot of fees paid to the exchange but didn't quite realize all the other little costs there are.
I have one question about YoBit. Is the dice over there provably fair? Last I checked I found no indications about that.
I have one question about YoBit. Is the dice over there provably fair? Last I checked I found no indications about that.
Honestly I have no idea, I will look. I doubt that an exchange as seasoned and large as them are going to outright cheat in the dice game, but that does not mean that the code is approved in that way. It seems to be the simple 50/50 dice thing, with the odds tuned so that it is not quite even odds. An example would be a true "dice" game where you were paid even money to pick whether a single dice would be low 1-3, or high 4-6, each having 3 possibilities, but the single dice is actually 7 sided. There is no hiding this and the example tips the odds way too much, but the principle is the same. On YoBit, you are betting on 49 or under versus 51 or above, therefore a roll of "50" would pay no one and that is the house advantage.
For those that do not know, and I am highly paraphrasing here, provably fair is a third party system that compiles and checks the results for many games and insures there is no tampering, it is there to protect the site and the player, throwing up alerts if there is an issue(I think). I have not touched it, but it should be a few lines of code added to any game and server side registration. Think of them like the United States Lottery Commission.
Interesting post! I realized there were a lot of fees paid to the exchange but didn't quite realize all the other little costs there are.
I have one question about YoBit. Is the dice over there provably fair? Last I checked I found no indications about that.
I have one question about YoBit. Is the dice over there provably fair? Last I checked I found no indications about that.
I personally have no intention in running an exchange. The licensing that we have gotten is solely for covering our ass during private exchanges and a few occasions when we go a little further than that. I was simply putting this out there as a response to some of the people talking about exchanges up and running. They seem to think that the people running them had the intention to run the entire time and while that may be true, I believe that most of the time it is not. I think that the owners get in over their heads and simply lose their footing based on mismanagement and that is followed by grabbing up the last of the funds and bailing out. It does not make it any more "right" or "moral", but it might provide a little insight into the action set.
This is true for many of the sites that pop up on here and then disappear. It is not always a case of bad intentions from the start, but a case of a business plan gone wrong and the just let it go. They do not even think half the time of the people that have time and funds invested in the site or anything like that. It is sometimes way too easy to put a site together, especially if you have a third party do the coding that you do not have constant contact with and then hit a bump in the road.
Sometimes these site owners just fuck the whole thing up and then leave, not knowing any way to fix anything.
This is true for many of the sites that pop up on here and then disappear. It is not always a case of bad intentions from the start, but a case of a business plan gone wrong and the just let it go. They do not even think half the time of the people that have time and funds invested in the site or anything like that. It is sometimes way too easy to put a site together, especially if you have a third party do the coding that you do not have constant contact with and then hit a bump in the road.
Sometimes these site owners just fuck the whole thing up and then leave, not knowing any way to fix anything.
There is still a little talk around about exchanges closing and hitting the road and, yes, this happens frequently, but not that often as an outright theft. It is simply, when done right, too profitable to walk away from.
Think about an exchange like YoBit, I picked them because they are popular, well-known, and obviously my sig-camp.
There are some expenses and especially in the beginning this is likely where most will fail. There are licenses that you need to get and those are expensive and require other things that can get pricey, like an actual office. We are approved as a MSB and there is an inspection of sorts, basically showing that you are not in your garage. The license itself is pretty cheap. State to state there are fees and such, but in the end it is not that bad.
Then, you need the cash in hand to be able to trade back and forth for some time without liquidating your coinage. That can be about $10,000-100,000 depending on how volatile you are willing to be. But, once all is said and done and you get a good number of people trading, it is a VERY fast paying business.
1. EVERY trade pays you a fee. So, every time someone sees a new coin and buys it, then shits themselves and dumps it back to BTC or whatever, there is a fee.
2. Most new coin owners pay to be on your exchange or pay for an ICO
3. Many people deposit BTC and other coins in and never hit the point where there is enough to cash out. A minimum withdrawal amount combined with a withdrawal fee, YoBit charges 0.0005 to withdraw BTC, means that most newbies that find BTC and play around only get enough in their account to get disappointed and never withdraw the coins. This is not technically the property of the exchange, but(like banks) they can leverage that unused coin amount, combined with others, to do more business. Also, I am sure that buried in the T&C, there is an amount of time that can pass and the coins are theirs to keep.
4. Fun things take money too. I can never say enough how much I love the "Dice" link on YoBit. People trade and trade and play faucets and rotators and all that and then one of two things happens to a lot of folks. There find that there are withdrawing a very small real amount, like two bucks in the real world or they are below the minimum withdrawal, or they are feeling great about just making five dollars trading and................they hit the dice link. That is just slightly less than a fifty/fifty shot, meaning you will likely loss.
After you have made you small fortune, after you have slaved at the faucets for six weeks or whatever has gotten you your measly little ten dollars, you still have that one more chance to hand it all back to the exchange in the dice game.
I believe that most exchanges, barring Cryptsy, that bail and run are simply at the end point of months or weeks of mismanagement. They are bleeding money from one of several business points, they are running low on funds and they have no idea how to simply stop the site without owing many people money. They made some cash, blew some cash and then got in way over their heads and every day in business gets deeper and deeper, so they bail and run with what they have.
A well run exchange can make $10,000 a week easily. That can become true within the first year. A small upper management group can drop $1000 per person in their pocket every week and never look back. That is not a rich man's job, but it is a pretty good paycheck for many and still leaves time for other investments. A poorly run exchange will lose money left and right and find the hole getting deeper and deeper, throw money at the fire trying to put it out and then not know what else to do but run.
Think about an exchange like YoBit, I picked them because they are popular, well-known, and obviously my sig-camp.
There are some expenses and especially in the beginning this is likely where most will fail. There are licenses that you need to get and those are expensive and require other things that can get pricey, like an actual office. We are approved as a MSB and there is an inspection of sorts, basically showing that you are not in your garage. The license itself is pretty cheap. State to state there are fees and such, but in the end it is not that bad.
Then, you need the cash in hand to be able to trade back and forth for some time without liquidating your coinage. That can be about $10,000-100,000 depending on how volatile you are willing to be. But, once all is said and done and you get a good number of people trading, it is a VERY fast paying business.
1. EVERY trade pays you a fee. So, every time someone sees a new coin and buys it, then shits themselves and dumps it back to BTC or whatever, there is a fee.
2. Most new coin owners pay to be on your exchange or pay for an ICO
3. Many people deposit BTC and other coins in and never hit the point where there is enough to cash out. A minimum withdrawal amount combined with a withdrawal fee, YoBit charges 0.0005 to withdraw BTC, means that most newbies that find BTC and play around only get enough in their account to get disappointed and never withdraw the coins. This is not technically the property of the exchange, but(like banks) they can leverage that unused coin amount, combined with others, to do more business. Also, I am sure that buried in the T&C, there is an amount of time that can pass and the coins are theirs to keep.
4. Fun things take money too. I can never say enough how much I love the "Dice" link on YoBit. People trade and trade and play faucets and rotators and all that and then one of two things happens to a lot of folks. There find that there are withdrawing a very small real amount, like two bucks in the real world or they are below the minimum withdrawal, or they are feeling great about just making five dollars trading and................they hit the dice link. That is just slightly less than a fifty/fifty shot, meaning you will likely loss.
After you have made you small fortune, after you have slaved at the faucets for six weeks or whatever has gotten you your measly little ten dollars, you still have that one more chance to hand it all back to the exchange in the dice game.
I believe that most exchanges, barring Cryptsy, that bail and run are simply at the end point of months or weeks of mismanagement. They are bleeding money from one of several business points, they are running low on funds and they have no idea how to simply stop the site without owing many people money. They made some cash, blew some cash and then got in way over their heads and every day in business gets deeper and deeper, so they bail and run with what they have.
A well run exchange can make $10,000 a week easily. That can become true within the first year. A small upper management group can drop $1000 per person in their pocket every week and never look back. That is not a rich man's job, but it is a pretty good paycheck for many and still leaves time for other investments. A poorly run exchange will lose money left and right and find the hole getting deeper and deeper, throw money at the fire trying to put it out and then not know what else to do but run.
I agree that an exchange should basically be a licence to print money, but there are costs that you have to consider, along with the slow start-up time as people won't send their precious Crypto to a new and unknown exchange.
Security: This is obviously the main thing. Many have tried and failed. You need to have an online hot wallet that covers what people will trade daily, but you need to have it 100% secure. That isn't easy. The cold wallet should be easier. If your exchange is just for Bitcoin, then it is probably not too tricky to keep everything up to date, if you accept lots of alts, I imagine that keeping wallets up to date would be a nightmare, often you have to manually add nodes etc.
Regulation: If you are in a first world country, the regulators are going to come and get you. You need to have a full KYC database, which is secure. You also have to follow the local laws for trading of currencies. Declaring your profits could also be tricky, especially if you don't convert to fiat. You will need a good accountant.
Trust: Are you going to be running the exchange 24/7? No. You will have to employ people to help you. They need to be technically proficient too, that might not be your friends and family. If you employ strangers, they will have access to large amounts of money, will they steal it? How do you know that they won't?
I personally woouldn't do it. Those that have done have run into problems very frequently. Now the remaining exchanges are more professional, but I still think we will lose some in the next few years due to the above mentioned reasons.
Jump to: