Hacker News new | past | comments | ask | show | jobs | submit login
Bitcoin arbitrage without market risk (github.com)
138 points by butor on Mar 16, 2017 | hide | past | web | favorite | 77 comments



All the US dollar exchanges with substantial volume are within 1% of each other. [1] Some of the little guys are a few points out there, but any significant order would blow the price. All the exchanges lock together within the range of the cost of trading, which is usually at least 1% when you combine buying, selling, short-selling loan, blockchain reward, and cash withdrawal fees.

[1] http://bitcoincharts.com/markets/currency/USD.html


They are right now but this isn't always the case. For example you can see just from that page that in the past 24h, Kraken reached a low of 1025 while Bitstamp only reached a low of 1118, a difference of 9%. If at that low, you'd bought BTC on Kraken and sold BTC on Bitstamp, you would have made that 9% difference.

This is the point of the strategy. Whenever they diverge for whatever reason, assume it's temporary and that they'll reconverge. Make money converging them.


Kraken has a horrible trading engine, I've seen a lot of examples of delayed executions (in the class of minutes), so the peanuts of earnings can be lost very easily on the immature trading engines of these exchanges.


Right. Arbitrage on small differences works only if you can get quick execution, before the difference disappears. If the site gives favorable execution to some customers, as Mt. Gox did, it's hopeless.


Hanlon's razor though. I would presume malice only maybe to Bitmex, but for most other exchanges, I think it's plainly low-quality/bad engineering.


Why Bitmex?


This would work if trades could be cleared instantly. If, for any reason, they're delayed you're taking a risk. It might turn in your favor or not.


Is the liquidity there to take advantage of it?


How does the engine know the direction the converge will take? I'm missing something here.. :?


The direction doesn't actually matter since you're trading both sides. An example:

Exchange 1: 1000 Exchange 2: 900

You sell 1 of exchange 1 and buy 1 of exchange 2.

Scenario 1: Exchange 2 rises to meet exchange 1, exchange 1 stays stable. You make $100 as you bought exchange 2 at 900 and its price is now 1000. You lose nothing on exchange 1 since the price hasn't changed.

Scenario 2: Exchange 1 falls to meet exchange 2, exchange 2 stays stable. You make $100 as you sold exchange 1 at 1000 and its price is now 900. You lose nothing on exchange 2 since the price hasn't changed.

Scenario 3: Exchange 1 rises to 1100 and exchange 2 rises to meet it. You make $200 as you bought exchange 2 at 900 and its price is now 1100. You lose $100 as you sold exchange 1 at 1000 and its price is now 1100. The ultimate profit is $100.

The important thing is that you trade both sides.


The different exchanges are selling the exact same instrument. It's like having bank A offering $1.10 CAD for your USD, and bank B offering $1.20 CAD. If the spread is unusually large (eg, 9%) due to transient factors, they will definitely converge again in the future. There might be other risks involved, like counterparty risk, or fraud risk. But with a spread that large for an instrument as liquid as Bitcoin, there is no market risk.


The difference is 1.09%, not 9%. Also, what was the time delta between those quotes?


1118/1025 yields the multiplication factor, not the relative difference which is 9%.


I think I may have a better visualization for that [1]. But I definitely agree. Differences in prices come from fees and how hard and expensive it is to get cash from one exchange to another. Plus most exchanges offer preferential fees for bigger players so when you are just starting you are already at disadvantage.

One need to also consider order books not just the price difference (I also have a chart! [2]). Price difference may be 10% but there may be 0.01BTC in order book within that difference. Or if you just look at the price of the last trade, there may actually be nothing in order book to arbitrage against.

There may be some window to make money when there are really big price changes and basically those who do the arbitrage run out of money on one side (fiat is slow to move). But then you have to deal with high volatility.

1. https://data.bitcoinity.org/markets/arbitrage/USD

2. https://data.bitcoinity.org/markets/books/USD


Historically, exchanges that are failing have significant spreads from stable exchanges (Mt. Gox comes to mind).

So, there is risk with this strategy. One of the exchanges could fail and you lose everything you have on that exchange.


This is correct. That's why I specified market risk. Of course not all the risks are overcome.


I know. I'm pointing out that seemingly profitable arbitrage opportunities carry very significant risks besides market risk.


I agree. Exchange failure is generally something separate from "market risk", and is sometimes categorized as "counterparty risk". With bitcoin, counterparty risk with exchanges is a very real thing, and an added risk beyond what would be considered "market risk" (i.e. asset price fluctuations).


Are you eliminating execution risk? with these exchanges and this liquidity I wouldn't be surprised if your algo slips and actually loses money on the attempted executions on the arbitrage prices. Isn't that too dangerous to claim you've eliminated "market risk"?


Some exchanges are going to be more permanently divergent. Does the software handle this well?

An exchange can be permanently cheaper if withdrawals are limited, trust is lower, or some other effect reduces trader confidence in the exchange.

Major events like hacks are also imo likely to cause this software to stumble. Are there safety features to make sure it'll stop trading if something sufficiently unusual is happening?


You're absolutely right: some exchanges are systematically divergent. It has been the case with BTC-e for a long time. This is not natively handled by the software.

The long/short mechanism overcomes the market risk (i.e. risk of losing money due to market moves) and reduces the slippage risk, but not the other risks, like technical issues on an exchange.


Why is BTC-e divergent? Are prices in blackbird adjusted for that, or other more easily quantifiable things such as fees?


The reason this doesn't profit is because the spread tends not to exceed the difference in exchange fees. So while there may be a $1 spread between two exchanges, the sum total of two 0.5% exchange fees on a $1000 coin will only net the exchange profits in fees, and you might earn a penny.


I always wondered who might be doing this. I never expected to see an open-source tool, since it introduces immediate competition.


Yeah I don't understand -- if it works well wouldn't it be better to keep it to yourself?


Perhaps they wrote it for their own use, then were unable to make it consistently profitable to a worthwhile degree, so they just open-sourced it?


Agreed. I would find it hard to believe that there still exists an arbitrage opportunity here, 5 years after bitcoin went (somewhat) mainstream.


> 5 years after bitcoin went (somewhat) mainstream.

Arbitrage is as much about volume as it is about differences in price. Volume is something bitcoin markets do not really have (compared to most other financial markets).


Definitely worth a healthy dose of skepticism and a code review.


People aren't rational.


Cool to see a project like this open-sourced regardless of it's profitability, fintech/trading is usually such a black box.

Are there any other examples of trading systems like this that are good to read for someone with a passing interest in building simple trading systems?


It would be dangerous to run this open source code, also, since your program could be manipulated with precision timing attacks, if it were to be fooled into making a bid at a price flash. There is in fact plenty of technical risk. Caveat emptor!


This is basically how many closed source Bitcoin trading robots operate. They create giant waves of predictable trades because naive operators leave the default parameters for trading signals. Other traders just get in (and out) right before the robots.


How do you know that?


Trading with my own robots and by hand.

I found that automated triangular (and 4, 5...) arbitrage was possible in the past, mainly due to fee-raking exchanges providing superfluous instruments. Opportunities were usually small, counterparty risk and fees usually large.

There also seemed to usually be someone else's bots doing the same thing, although occasionally decent sized trades appeared in slow/extraneous markets. Exploiting these mechanically eventually results in humans looking for the source of the arbitrage, and even if there aren't competing bots running it won't last long.

Arbitrage based on first-moving markets and slower moving markets was pretty common, and some people seemed to have automated it.

And of course the market making robots run by the exchanges are the most fun to watch. Lots of times they trigger the crossover bot traders' algorithms on purpose.


When building an automated trading system the first thing you write should be the risk system. Simply having a 'MaxExposure' per exchange doesn't cut it.

This has nothing to do with it being a market-neutral strategy or not. All code has bugs in it, exchanges have hiccups, quotes from many exchanges are notoriously wonky, programs freeze, Internet connections go down, users fat finger inputs etc. This needs a real risk system built into it.


But there is no market risk, because the project says so.


It's weird that over the course of 7 hours no one on a site called Hacker News noticed that send_email.cpp passes unsanitized user-supplied args to system(). I've spent less than 5 minutes looking at this code, so maybe that's the worst of it. But if 5 minutes of investigation found 1980's style bugs I doubt that's the worst of it.


I haven't read the code, but regarding unsanitized user input... Isn't the user the, well, user, in this case?

Complaining about bad data in that situation is like complaining that an admin could hit the power switch.

Or maybe I've completely misunderstood the purpose of this software.


System() creates child processes, specified by parameters. If you don't sanitize your parameters, any child process could be created. If you run this software as root, that means root will run the command. If you run this as user, it's safer than root, but not actually safe.

1) The user isn't always the one providing user input.

2) When the user does provide input, the user isn't always smart.

3) Users do things that you never would have conceived.

Unsanitized system() calls are even worse than leaving your system wide open to a sql inection attack.


All of the above apply to bash, but it still happily creates processes from user supplied input. As previously mentioned, not all software is run on a remote-access system for strangers on the internet.


You're right, unsanitized user input is a risk when its externally crafted. At best in this case, its more sloppy coding then a high security risk.


Do the arguments come from the user or the exchange? If the email is telling me my profits, and the exchange says my profits are ``cat /etc/passwd`` that could be bad.


Assuming input is from a benign source is literally the cause every single security issue ever. It's bizarre that I've been downvoted for this. And you're commenting about how I'm wrong without even reading the code. I seriously don't understand this site.


I've read it, it's sloppy but fine.

The same user who feeds in the values for 'system' is also trusting the program with their bitcoins! This is (in my opinion) like saying "bash" is a security issue because you can give it bash scripts.


I, for one, am astounded at the responses in this thread of discussion.

> why shouldn't my financial system be as open as bash?

Oh my lord...


... but it ain't your financial system. Unless I've seriously misunderstood the README.

I put my cups in the dishwasher, not the autoclave. I use 2fa for my financial accounts, but not for my frisbee league. Security is about appropriate paranoia.


In no scenario is it better to allow arbitrary hidden process creation than to spend 10 minutes writing a function that validates parameters provided to launch a process.


I respectfully disagree.


welcome to the internet, where few actually look at or understand the details of posts the comment on :)

floats to represent currency?

https://github.com/butor/blackbird/issues/118


For someone to "exploit" this they must already have code execution.


Have you made much profit using the software?


Looks like a great app for anyone looking to accidentally destroy their life savings and get arrested by the IRS.


Why? Genuine question.


Short selling is significantly more dangerous than other forms of investing, because it requires borrowing the securities that you then immediately sell. You eventually have to return those securities to the person you borrowed them from, so that requires a purchase in the future. If the price of the security goes up, you don't just lose your money, you take on a debt that you must repay.

The worst thing that can happen if you buy a security is that it will become worthless, thus you lose all the money you put in. The worst thing that can happen if you use any form of debt to leverage your investments is that you get wiped out completely because you end up owing more money than you can possibly pay back.


See: Help! My short position got crushed, and now I owe E-Trade $106,445.56

http://www.marketwatch.com/story/help-my-short-position-got-...


What you're talking about is a "naked short", which is of course very risky. No Bitcoin exchange allows for this. In fact, most exchanges don't allow for shorts or any sort of leverage.

While what you're saying may be true in some context, it doesn't apply here.


Are the price differences between markets already arbitraged to the point of maximum profitability?

(which wouldn't be 100% due to eg exchange failure risk, transaction fees, risk of getting hacked while currency is in play, etc)


There is at least one exchange that has enough discount, but their reputation is horrible, so if you want to arbitrage that then it's on your head. In general that's the case if there is any opportunity. While they don't make mainstream headlines, mini MTGox'es still happen, like a Polish exchange some months ago.

There are a lot of people going after it, and probably some that do it wrongly thinking they are profitable while they are not. If you look at some of those bitcoin bots, they full of wrong calculations.


Highly doubtful, considering the spreads between even highly regulated exchanges


Just curious why someone would open source a project like this?

If it works, it should be making money consistenly, but giving away the system will make the arbitrage opportunity non-existant if enough people use it.


Perhaps he realises that other people are doing it too and, as you said, realised the more people who do arbitrage the more it goes away. He could be out to stabilise the bitcoin exchanges as well as provide liquidity to the market.

Perhaps as more people use it, the demand for bitcoins go up also, and since limited supply the price goes up. And he might have substantial holdings of bitcoin he wants to sell. More people trying to find arbitrage opportunities makes it easier to sell his bitcoin which are now higher value.


A big red flag in the SEC decision was that large arbitrage opportunities exist in bitcoin markets for far longer than is considered normal.

Anyone wanting more mainstream adoption of bitcoin would do well to promote arbitrage trading to as many as possible.


given the high latency with the exchanges the choice of language seems an unnecessary risk


The main bitcoin codebase is in C++ so C++ has the most mature library and best support for the protocol.

Other implementations, including two Javascript ones and a Go one, have had significant bugs in handling the protocol correctly.

Seems like a pointless risk and waste of time to use any non-c++ language for dealing with the BTC protocol


Does the library directly use the Bitcoin protocol? I had the impression that it only uses the Rest API of the individual exchanges interact with them.


Your impression was correct, the only crypto this touches is signing API calls to the REST APIs of exchanges.


This is a bit of a orthogonal argument as this only deals with exchanges directly and never touches the Bitcoin protocol directly. Agreed that the choice of language is an odd one as there's no "high performance"/HFT involved here.


"without market risk"

> Blackbird doesn't sell but actually short sells Bitcoin on the short exchange.

Because nobody ever faced risk short selling. That big market crash that was part of the worst recession in 60 years had nothing to do with short selling. Long Term Captial Management totally came out of that just fine. Bear Sterns is alive today and doing swell.

Jesus.


What does that have to do with anything? You don't understand the point.

You go short on one market, while simultaneously going long on the other market. That's how you profit (arbitrage).


"Going short on one market" = "I can expose myself to losing a sum of money that I don't have if it goes tits up"


Not if you simultaneously BUY ON THE OTHER MARKET.

Jesus.

You also can't lose money beyond what you put in (on the exchanges that allow for this), your position just gets terminated.


The liability from short-selling on exchange A is balanced by the buy order on exchange B. The failures you described in LTCM and Bear Sterns bear no relation whatsoever to what the OP is describing. I suggest reading more on long-short arbitrage before disparaging someone's ideas with such condescension.


I am familiar with long-short arbitrage. I'm sure that long-short arbitrage is swell for the hedge funds that use it and have the resources to manage their shorts very carefully and millions of dollars to absorb losses when they screw up.

I think it's completely irresponsible to present that as "without market risk" to an audience that doesn't have similar resources and in some cases doesn't even understand what a short is. I think that presention should be disparaged.


You're cleary not familiar with the context at hand. You don't know how exchanges like Bitfinex operate, what the terms of use are, etc.

Everything you said so far is just wrong in context.


> https://en.wikipedia.org/wiki/Short_%28finance%29

First line: Potential loss on a short sale is theoretically unlimited.


Second Line:

"However, in practice, the short seller is required to post margin or collateral to cover losses, and inability to do so in a timely way would cause its broker or counterparty to liquidate the position."

That's exactly what the Bitcoin exchange will do, as well. Since the exchange actually holds the assets (i.e. bitcoin and dollars), it can also determine whether such liquidation is backed by orders.




Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: