
A decentralized Bitcoin exchange - ColanR
https://github.com/bitsquare/bitsquare
======
olegkikin
This will not work, because regular bank wire transfers and cash deposits have
been reversed in the past, the sender simply claimed hacked account or fraud.

Examples:

[https://medium.com/@TheAlexGalaxy/why-i-m-suing-td-canada-
tr...](https://medium.com/@TheAlexGalaxy/why-i-m-suing-td-canada-trust-
for-20-123-btc-e3435a299fac)

[https://www.reddit.com/r/PersonalFinanceCanada/comments/6guh...](https://www.reddit.com/r/PersonalFinanceCanada/comments/6guhxz/i_took_a_direct_deposit_as_payment_for_bitcoins/)

[https://www.reddit.com/r/Bitcoin/comments/1zruvf/warning_cas...](https://www.reddit.com/r/Bitcoin/comments/1zruvf/warning_cash_deposits_can_be_reversed_at_bank_of/)

[https://www.reddit.com/r/Bitcoin/comments/1sglge/the_bank_ar...](https://www.reddit.com/r/Bitcoin/comments/1sglge/the_bank_are_about_to_reverse_my_sale_for_3500/)

~~~
gfody
still not a bad alternative to localbitcoins.com, you could arrange to
exchange cash in person or mail money orders around which could still be
cancelled if the escrow fails.

~~~
Sleeep
Money orders you get from strangers are almost always fake.

------
runeks
The fundamental problem is that practically all exchanges are credit-based,
and decentralized credit doesn't make sense.

When you want to purchase bitcoins on an exchange, you start out by depositing
e.g. dollars on the exchange, thus converting your dollars to that exchange's
dollar token (IOU x USD). You then sell your dollar tokens for bitcoin tokens
on the exchange, which is super fast because it centrally controls token
ownership, and when you want to get your bitcoins out you sell/redeem your BTC
tokens for actual BTC. This system, which is how all large exchanges work, is
inherently centralized, because it uses a central debitor (owes USD/BTC to
customers) to handle token ownership, which works really well because it puts
no limit on performance (as opposed to a system where we use a blockchain to
define ownership).

One partial solution is to separate the debitor (funds holder) from the actual
exchange: instead of exchanges issuing their own tokens (bitstampBTC,
bitfinexUSD, mtggoxBTC, etc.), there would be dedicated issuers (lots of
them), and an exchange would constitute a central meeting place, which accepts
a specific set of issuers, and to whom people can sign over their tokens in
order to engage in a trade. So, for example, a buy order would constitute
signing over a token worth the buy order's value to the exchange, which
immediately matches it with a sell order, swaps the owner of the matched
tokens (after deducting a small fee), and sends the tokens to the buyer and
seller.

~~~
oelmekki
> When you want to purchase bitcoins on an exchange, you start out by
> depositing e.g. dollars on the exchange, thus converting your dollars to
> that exchange's dollar token (IOU x USD). You then sell your dollar tokens
> for bitcoin tokens on the exchange, which is super fast because it centrally
> controls token ownership, and when you want to get your bitcoins out you
> sell/redeem your BTC tokens for actual BTC.

Wouldn't that be a perfect problem for a smart contract? It could be used to
generate such tethering tokens, hold all real coins (ethereum, here, but if I
got it correctly, lightning will implement smart contracts in btc blockchain
as well in the future), allow for fast token exchanges and then slower
withdrawal from the contract stash. Converting fiat to tokens is still the
problem, here, obviously.

~~~
giergirey
Yes, I also think exchanging tokens is one of the (few?) situations where a
smart contract really is a great solution to a real world problem (as opposed
to blockchain hype).

Definitely an interesting area, I've been watching this space, here's some
interesting ones:

On the tethered tokens side,
[https://decentralizedcapital.com](https://decentralizedcapital.com) seem to
be offering tethered tokens backed by real currencies (and cryptocurrencies on
other chains). Not heard much about them though.

Implementing full exchange matching rules is pushing at the limit of what's
possible in an Ethereum smart contract -
[https://ubitok.io](https://ubitok.io) are working on it (disclaimer: I'm
involved with them!).

As others have mentioned,
[https://etherdelta.github.io](https://etherdelta.github.io) is one of the
better known decentralised token exchanges - though they do use an off-chain
matching engine so it's not totally on-chain.

[https://oasisdex.com](https://oasisdex.com) have gone the other way - they're
100% on-chain, but they don't try to do best execution / automated matching -
you have to pick an order to trade with.

~~~
zdkl
If I want to transform (BTC|LTC|eth) tokens to cash, how does introducing an
intermediate token help?

~~~
giergirey
OK, suppose you want to sell Litecoins for USD cash in a bank account.

Now, admittedly, it might be that today a one stop centralised exchange is the
best choice for you.

But by introducing intermediate Ethereum based tokens, you've broken down the
task into three parts, potentally allowing more competition for each part:

1\. finding someone willing to exchange your Litecoins for an Ethereum
tethered-LTC token

2\. finding someone willing to exchange your Ethereum tethered-LTC token for
an Ethereum tethered-USD token

3\. finding someone willing to exchange Ethereum tethered-USD tokens for bank
account USD.

Part 1 is purely crypto-currency-based (albeit on different chains), and so
should have lower fees than anything involving fiat transactions. It's also
free of exchange rate risk, so doesn't need a fully-fledged exchange - should
be easy to automated and audit.

Part 2 is purely Ethereum-based, and this is where competition should drive
fees down to near-zero. Because a smart-contract can run this, there's
(potentially!) zero risk of the exchange being hacked / running off with your
coins / taking weeks to verify you / being shut down by regulators.

Part 3 still involves the ugly movement from crypto to banking. But now it's
just going from tethered-USD to USD - so for the processor there's no exchange
rate risk, or need to deal with weird and wonderful cryptocurrency networks.

And perhaps one day you'll be able to live without Part 3 - you might start to
find you can spend tethered-USD in more and more places without needing to go
to a bank account ...

Disclaimer: I'm involved with the [https://ubitok.io](https://ubitok.io)
decentralised Ethereum exchange so I do have a bit of a vested interest in
decentralised exchanges! Would love to hear some counter opinions though ...

~~~
zdkl
Thank you for taking the time to answer. Respectfully, I see no point in the
mechanism you outline above. You're moving the icky cash-for-tokens risk
source from the established coin markets to your private coin with no added
benefit I can discern.

If you already assume I as user don't trust the established exchange, what
makes you confident that this setup with the added complexity alters any
downside/risk/cost of transferring value from coin tokens to cash?

[Edit] For instance given a user with a diversified portfolio of coins, in
what way does adding _another_ coin like asset facilitate any of the coin-coin
or coin-cash transactions?

~~~
giergirey
I agree you probably won't see much benefit if most of your transactions
involve cash-in-a-bank-account or coins on non-Ethereum chains.

However, if:

\- Ethereum continues to grow; and

\- we continue to see more and more successful/useful coins/tokens built on
top of Ethereum (especially if asset-backed ones are accepted as payment);

Then we're going to see a lot more coin-coin transactions that /can/ be done
on-chain - at which point a smart contract exchange is attractive (no
counterparty risk, no fees, no waiting weeks for document verification, no
limits).

Right now today it's possible for me and you to trade millions of dollars
worth of tokens such as WINGS, BAT, USD.DC, GNO with each other on
[https://etherdelta.github.io](https://etherdelta.github.io) or
[https://oasisdex.com/](https://oasisdex.com/) (and soon
[https://ubitok.io/](https://ubitok.io/)) - without needing to get verified or
sign up, and only needing to trust that the exchange smart contract behaves as
claimed (well, and that we're interacting with the right contract!).

If you don't see smart contracts / decentralised apps working well here, are
there any problems where you do see them as being a good solution? A
distributed exchange always seemed to me like a bit of a poster child for
smart contracts ...

~~~
zdkl
What I don't follow is why Ethereum is a good target to implement this type of
program on. If you have the know-how to implement a bulletproof/trustable
multi-token transaction clearing platform, why would you want to tie yourself
to this platform?

The only advantage I see for smart contracts is that it would allow you to
implement security-like mechanisms without regulatory burden associated with
the SEC and other financial entities. Apart from this "new world" thing, in
what concrete ways is using an etherium based exchange more advantageous for
me-user than traditional financial organisms who must submit to oversight and
scrutiny with safeguards in place to prevent hostile behaviour from my peers?

~~~
zdkl
I should've bet on it.

[https://news.ycombinator.com/item?id=14807779](https://news.ycombinator.com/item?id=14807779)

------
contingencies
Fiat transfer systems are typically unreliable. They can be intercepted,
halted, delayed, reversed, and generally cannot be considered objectively
predictable, with a wide variety of unique and nontrivial failure modes - not
all of which are recoverable - and no objective SLA / service description.

The problem with assuming good faith and using actor reputation (even third-
party arbitrated) is that, in becoming a trusted actor, the amount of money
available for cut-and-run scenarios increases exponentially (both for
arbitrator and actor), until it ultimately makes sense and happens (eg.
numerous scam darknet markets, etc.)... often the claim is "sorry we got
hacked!"

Using real world user identities as insurance has the issue that using one's
fiat bank account to perform automated or semi-automated trades on behalf of
others is probably dubious to against terms of service, or at a minimum
vaguely arguably so when politically expedient. Therefore, revealing the real
world user identity of an accused bad actor (ie. fiat account holder) as an
insurance against bad behavior is likely to expose them to an undue scale of
legal hassle and/or asset seizure, which is not something wise to trust a
third party with no matter how trustworthy the arbitrators are supposed to be.

My gut feeling is that such systems work only at small scale, with a veneer of
trust that can be established in different ways: deposit is placed with
counterparty, reputation within some shared community, mafia boss will murder
you if you rip off the system, etc. Between absolute strangers, it is
exceptionally difficult to reliably scale, even if you can establish it.

Finally, an important point is that frequent <1BTC transfer activity to random
destinations on conventional fiat accounts are likely to trigger bank anti
money laundering (AML) heuristics.

------
Jaepa
This is interesting, but I could see some possible issues.

It would be fun to ask the Devs some questions.

eg: if peers are able to select their arbitrators, how do you prevent a peer
and & arbitrator from gaming the system. There is a secondary arbitrator but
from the docs it looks like after the initial arbitration the funds are
released.

Is there a way to protect against root DHT node hijack? Only refernce I see to
this is a TODO: See how btc does this.

~~~
oelmekki
> if peers are able to select their arbitrators, how do you prevent a peer and
> & arbitrator from gaming the system

Actually, it doesn't even need a criminal association : what if arbitrator is
malicious? FAQ answers both our questions :
[https://bisq.io/faq/#8](https://bisq.io/faq/#8) and
[https://bisq.io/faq/#10](https://bisq.io/faq/#10)

The defense mechanism chosen is to make arbitrators pay a high registration
fee, so that it would supposedly cost them more to trick the system than they
would win (because of the 1btc trade limit). To be noted is that current
arbitrators are handpicked by founders, but they want it to be fully
decentralized ultimately.

What is not addressed is this : if arbitrator management is fully
decentralized, how will people be triggering their safety payment if they do
something bad? Will there be some kind of a vote or something? How much time
would it takes? (because if it's long enough, malicious arbitrator can steal
money from several trades and outperform their safety deposit). It seems like
the hardest part to decentralize, and I don't think it's addressed well enough
yet.

~~~
ManfredKarrer
Good questions: See the new concept for securing the arbitration system by the
DAO tokens:
[https://docs.google.com/document/d/1DXEVEfk4x1qN6QgIcb2PjZwU...](https://docs.google.com/document/d/1DXEVEfk4x1qN6QgIcb2PjZwU4m7W6ib49wCdktMMjLw)

In short: The arbitrator will have to lockup a high amount of BSQ (DAO
tokens)and in case he would default that deposit can get confiscated by
voting. He also is limited to do not more than 20 cases.

------
benjaminmbrown
Etherdelta has been doing this for ERC20 tokens for some time:
[https://etherdelta.github.io/](https://etherdelta.github.io/)

~~~
divislight
ERC-20 == scamcoin. Very different from this.

~~~
seibelj
An ERC20 token is a token that conforms to the ERC20 protocol, that's all that
ERC20 means.

~~~
nosuchthing
Are there currently any ERC tokens with applicable utility other than wild
speculation and claims about unproven future features which the ERC20 tokens
are created in completely arbitrary (artificial scarcity, sidestepping SEC IPO
investments) limited amounts for?

~~~
SeoxyS
Numeraire for example (NMR) is a ERC-20 token which has a real-world
application today.

~~~
atomical
You can say that about 99% of the ICO's. That doesn't make them good
investments.

------
Uptrenda
It may have changed since the last time I used this, but here's how it works:

    
    
      1. There are two sides to a trade, Alice and Bob.
    
      2. Alice has USD and Bob has Bitcoins.
    
      3. Both sides wish to trade money but they don't trust each other.
    
      4. To do this, they deposit collateral in the form of Bitcoins into a escrow
      account (multiple mediators need to sign to give back the collateral to their owners.)
      This is a bond separate from the money they are already trading.
    
      5. Alice sends her USD to Bob.
    
      6. Bob sends his Bitcoins to Alice.
    
      7. If either side cheated the mediators won't sign
      the "check" to release funds from the Escrow account.
      Therefore, so long as the value of the collateral is
      worth more than their potential profit from scamming
      -- there is no incentive to scam.
    

In BitSquare step 4 I think is done with third-party mediators and the
mediators make decisions based on evidence. So first, how do you prove that a
user sent Bitcoin: easy, its on the blockchain. Second, how do you prove that
a user sent USD? Well, I believe BitSquare uses something called "TLS
Notaries" \-- this allows a person to cryptographically prove that an SSL
website was in their browser, potentially enabling a person to prove that they
sent funds.

As you can see this scheme has a few problems:

    
    
      1. Users are required to have Bitcoins for collateral.
      So if you don't already have Bitcoins you can't buy
      any (strange scenario.)
    
      2. It relies on collateral, period, so you can never
      buy and sell the full amount of funds that you have.
    
      3. Liquidity is poor. BitSquare could be improved if
      they had more investors and structured the exchange
      to provide liquidity themselves at a premium.
    
      4. It's unclear how secure the notaries are and whether
      or not it can be cheated.
    
      5. Reputation isn't that secure and the model
      doesn't account for attackers, though I think
      BitSquare solves this with multiple mediators.
    

Another option to solve the same problem is to use micro-payment channels. A
service would have credit that represented a USD balance and micro-amounts of
this balance would be sent to the recipient as the sender receives micro-
amounts of Bitcoin. This is a better model, IMO, but still can potentially be
reversed.

It's good to see that BitSquare is still around though. Decentralized
exchanges haven't had much adoption so far and I haven't seen anyone who
nailed every usability problem that these exchanges have. Even assets on
Ethereum where you can literally write simple code that says "a transfer
occurs if two users agree to it" are traded on "decentralized exchanges" with
multiple vulnerabilities and bad UX for traders.

~~~
tgb
Thanks for the summary. Just to make it clear, if _either_ party refuses to
sign the escrow release, then _neither_ of them gets the escrow-ed funds? If
so, then doesn't that mean that I lose out on 2X money when the other party
fails to pay me X (I send them X and I lose X or more from the escrow)? If
not, then doesn't that mean that a "troll" can refuse to sign after a trade
just to screw me out of X? Or am I missing something?

~~~
Uptrenda
This is the same problem that BitHalo has (in my opinion.) But the escrow step
for Bitsquare is done with multiple third-party mediators instead of between
the users. This has problems of its own because now you have to trust that the
mediators are going to act honestly (and pseudo-anonymous reputation systems
don't reveal what prior relationships might exist between actors.)

I guess the assumption here is that reputation is good enough.

Edit: I edited the explanation for clarity.

~~~
ManfredKarrer
At the moment I (the founder) is the only arbitrator as the project has not
implemented the fully decentralized arbitration system. We recently changed
the concept how to get there with using a high security deposit in BSQ tokens
(DAO tokens) which the arbitrator need to lock up. In case he would cheat he
would risk that his deposit get confiscated by voting of the DAO stakeholders.
There will be also introduced mediators who don't have the 3rd key, and who
are handling the big majority of cases (customer care, there have been
basically no real disputes so far). See
[https://docs.google.com/document/d/1DXEVEfk4x1qN6QgIcb2PjZwU...](https://docs.google.com/document/d/1DXEVEfk4x1qN6QgIcb2PjZwU4m7W6ib49wCdktMMjLw)
for more details...

We did not had time to update all the information on the web page and older
documents to reflect the new concept.

------
dharma1
Coould you have a decentralised p2p fiat <-> ETH exchange with a smart
contract and PayPal, where the sold ETH is being held on the smart contract
until PayPal transfer from buyer to seller is verified by the smart contract?

Like localbitcoin but no need to meet up

~~~
patio11
Paypal will never cooperate this, because the service is selling money
laundering. Without Paypal's cooperation, you can't guarantee that a
transaction presently honored by Paypal will not be reversed in the future,
for reasons including "the buyer, who legitimately controlled the Paypal
account at time of transaction, decided to defraud the seller" and "the buyer,
who has credentials for X,000 Paypal accounts obtained by hacking, does not
have the authority to commit either the Paypal account or Paypal to a
transaction."

~~~
dharma1
If the traffic to PayPal confirming the transaction wasn't from a centralised
server, PayPal would have no way of differentiating between an ETH sale or any
other transaction, so their cooperation might not be needed.

Reversal - might be better solutions but couldn't the smart contract escrow
simply have a timer built in that would allow the fiat receiver to move the
money out of his PayPal account, thus preventing reversal?

I'm just running with a half-baked idea, but it feels like it could work.
Doesn't need to be PayPal, could be any fiat transaction provider that has an
API that allows confirmation of the fiat transfer that the smart contract can
access

~~~
Sleeep
You can't prevent reversal by withdrawing from a PayPal account.

PayPal cooperation is needed because they shut down accounts that appear to be
breaking their rules.

------
Animats
The fundamental problem with this is the same problem Ethereum has - the hooks
to the real world aren't very good. Making them better implies trusting a
third party. If you have to trust a third party, why do you need this?

~~~
giergirey
Yes, that's been my worry with many blockchain projects - it all sounds great
until it needs to interface with the messy real-world.

But - regardless of the merits of this particular project - I think there is
still some benefit in having a decentralised cryptocurrency exchange even if
it doesn't totally eliminate the need for trust. Provided it reduces the scope
of what needs to be trusted, or makes it easier to audit, or reduces how often
it needs to be trusted, then that's still an improvement.

Suppose you want to sell some ethereum-based FOO tokens for US Dollars in your
bank account.

Now, you could trust a centralised exchange to do the whole thing and hope
they don't get hacked / run off with your money / steal your identity docs /
take weeks to verify you / get shut down by regulators. And cough up the 0.25%
fees.

Or, with a decentralised exchange, you can split your problem into two
problems:

1\. finding someone willing to exchange your Ethereum FOO token for an
Ethereum tethered-USD token

2\. finding someone willing to exchange Ethereum tethered-USD tokens for bank
account USD.

Part 1 is purely Ethereum-based, and this is where competition should drive
fees down to near-zero. Because a smart-contract can run this, there's almost
no need to trust - this can be done on-chain.

Part 2 is where you have a point - there is still some trust required. But we
don't need to trust the tethered-USD processor in Part 2 nearly as much as a
full-fledged exchange - and they're easier to audit. There's also a lot less
to go wrong - they're not dealing with lots of different crypto-currencies and
networks, all they have to do is burn Ethereum tethered-USD tokens in exchange
for real USD in a bank account. Fees should be lower, you'd hope.

Also, eventually we might get to the point where part 2 isn't needed - if you
can spend tethered-USD tokens in enough places, why would you need banking-
system-USD?

Disclaimer: I'm involved with the [https://ubitok.io](https://ubitok.io)
decentralised Ethereum exchange so I do have a bit of a vested interest in
decentralised exchanges! Would love to hear some counter opinions though ..

------
mattbeckman
How does this differ from BitShares that's been around a long time?
[https://bitshares.org/](https://bitshares.org/)

~~~
Method-X
The assets traded on the bitshares exchange are derivatives backed by the
value of the BTS token. This is how counterparty risk is eliminated. Bitsquare
is like openbazaar but only for cryptocurrency. Personally, I'm very skeptical
the approach will work in practice.

------
equalunique
Interesting. Previously, the only incarnation of this idea was, to my
knowledge, NVO: [https://nvo.io/](https://nvo.io/)

~~~
Paul_S
And it went awfully quiet after the ico.

I hate myself for using words like ico in every day speech. This the 80s all
over again except with shittier music.

~~~
xj9
the good music is on the internet (no not on spotify)

[http://hypem.com](http://hypem.com)
[http://bandcamp.com](http://bandcamp.com)

------
cupcakestand
Ultra fast trading in millisenconds + real-time updates of all orders are the
key requirements for any exchange.

Not sure how a decentralized exhange could manage this.

~~~
Mahn
That's if you want to trade in real-time, but a slow decentralized exchange
still has value for casual buyers and sellers. An exchange is typically both a
trading platform and a marketplace, but it doesn't have to do both to be
useful.

------
kinnth
I get it. I like it, but I wouldn't use it just yet. I think the fees charged
by most exchanges are low enough for me not to worry. Also there is a large
amount of legal bureaucracy now happening over real money exchanges, how might
that affect it?

------
gragas
This is going to get so destroyed but HFT strategies. A million already come
to mind.

~~~
julian_1
How so? HFT generally provides liquidity and is arguably a good thing, for
people wanting to execute infrequent trades, on otherwise thin volume markets.

~~~
gragas
Not saying all firms do this, but I immediately thought of malicious tactics
like spoofing.

~~~
atomical
Market manipulation is already happening on crypto exchanges. It's much easier
to manipulate a currency when the volume is thin.

------
em3rgent0rdr
I feel there is already a decentralized exchange: openbazaar. That has the
advantage of a decentralized reputation system and a head start in network
effects.

------
max_
A better version already exists
[https://etherdelta.github.io](https://etherdelta.github.io)

~~~
giergirey
Yes, [https://etherdelta.github.io/](https://etherdelta.github.io/) were way
ahead of everyone else, if someone asks me for an example of an Ethereum
contract that's solving a real world problem right now then they're the first
one I think of.

It's a shame that Ethereum tokens are getting a bit of a bad reputation,
because an exchange like EtherDelta coupled with asset-backed tokens could
really open up all kinds of possibilities.

Disclaimer: I'm involved with [https://ubitok.io](https://ubitok.io) which are
similar to EtherDelta (but /totally/ on-chain, no off-chain matching engine
needed!)

------
cbeams
Bisq team member here, thanks everyone for the feedback so far. Happy to field
further questions. Ask us anything...

------
brian_herman
Who enforces it?

~~~
placeybordeaux
Looks like third party arbitration. Guessing it ends up being reputation
enforced.

~~~
Jaepa

       As there is no concept of arbitrator reputation, it makes
       no sense to deselect arbitrators, as this will only 
       reduce his trading possibilities. Traders will only be 
       able to take offers of users with whom they have at least
       one overlapping selected arbitrator
    

\-
[http://bitsquare.io/arbitration_system.pdf](http://bitsquare.io/arbitration_system.pdf)

------
cocktailpeanuts
Just finished watching their video and got nothing other than "Read our white
paper if you're interested", plus bunch of buzzwords.

Why make the video at all? If I were them I would scrap all the bullshit and
just spend the two minutes in the video explaining the basics of WHY and HOW
it works. People visiting that site already know what a "decentralized bitcoin
exchange" is.

~~~
amingilani
Their Github README is more descriptive

 _By running Bisq on their local machines, users form a peer-to-peer network.
Offers to buy and sell bitcoin are broadcast to that network, and through the
process of offering and accepting these trades via the Bisq UI, a market is
established.

There are no central points of control or failure in the Bisq network. There
are no trusted third parties. When two parties agree to trade national
currency for bitcoin, the bitcoin to be bought or sold is held in escrow using
multisignature transaction capabilities native to the bitcoin protocol.

Because the national currency portion of any trade must be transferred via
traditional means such as a wire transfer, Bisq incorporates first-class
support for human arbitration to resolve any errors or disputes._

~~~
nothrabannosir
Asterisks around the block, no spaces indent. The latter is for mono space
which is illegible on mobile.

~~~
dragonwriter
> The latter is for mono space which is illegible on mobile.

Well, it's more the “explicit line breaks only” part of code formatting,
rather than the monospacing, which makes it unreadable on mobile.

