I'm going to pitch a different take than a few others: Yes, great initiative, please keep trying things and building things, but end this project now. There are no probable outcomes where you do not end up having to explain where thousands of dollars of other people's money went to some angry people. There's also very nontrivial odds of being on the wrong end of armed Federal agents, based on some of the other comments you've made here. This is a horrible, horrible first-project sort of project.
Let me put it this way: Would you be willing to convert the BitCoins in your system into cash, put it in your front window, and post daily pictures of the pile of cash to your Facebook account, set to public visibility? Because that's roughly what you're doing.
You're very smart, zhoutong, and your eager and polite acceptance of feedback does you great credit. But I would not attempt what you're doing, and I know a fair amount about both trading infrastructure and security.
And though your site is very impressive, I immediately spot a major omission: you say nothing about your margin call policy. Do you have one? What will you do when one of your users' accounts goes to zero, and then negative?
We have two metrics: net value and minimum net value. When NV < MNV, all positions are immediately liquidated. When NV < 2MNV, a warning is visible on trading panel. (Future feature: margin call email)
These metrics are completely transparent, showing in different colors to represent health status. Once you give it a try you will know.