Bitcoin Exchanges are Failing
MtGox has made international news in its catastrophic failure and nauseating incompetence (which cannot be overstated enough). More recently Vircurex announced its lack of reserves from hacking. People new to Bitcoin as well as people experienced with Bitcoin are starting to seriously despair at the Bitcoin exchange industries fragility. Bitcoin exchanges server as gateways into the Bitcoin world, with trust in these exchanges nose-diving the entire Bitcoin ecosystem is suffering badly.
A movement is now being started for exchanges to cryptographically verify their reserves to prove their solvency. Kraken is an example of one exchange doing this. Verification of liquidity isn't a solution to the problem as some people seem to tout, it's simply a reassurance that the exchange is liquid at that particular moment in time. These exchanges are still bloated with Bitcoin, rouge employees still could run off with them as well as a multitude of other scenarios that could play out in the future that will primarily hurt those who trusted those exchanges to hold onto their Bitcoin for whatever period of time.
Exchanges suffering some sort of catastrophic failure through loss of Bitcoins is a very real risk.
The truth quite simply is that Bitcoin exchanges are trusted with far too many of other peoples Bitcoins.
The fact that Bitcoins are so easy to steal as well by rogue employees, rogue businesses feigning theft and hackers make exchanges with deep reserves incredibly lucrative targets, perhaps the most lucrative targets that have ever existed online.
Exchanges are often used as storage by their users. This is a significant misuse of the exchanges, and bloats their reserves which cause far greater shockwaves in the Bitcoin ecosystem when they are eventually hacked or stolen. Blaming the users and victims of loss is entirely non-productive, users will always misuse services. If Bitcoin aspires to attract wider and more diverse audiences these issues need addressing.
A Possible Solution?
Perhaps an exchange that only temporarily holds Bitcoin would be highly beneficial, in effect serving as an automated escrow. Here's how I see it working:
The user wanting to sell Bitcoins
- Seller 1 has 100 Bitcoins to sell
- Seller 1 registers on this exchange.
- Exchange asks for public address of a wallet in their control
- Exchange requests 1-100 Satoshis from this address to prove Seller 1 is in control of this address
- Exchange constantly monitors balance of this wallet
The user wanting to buy Bitcoins
- Buyer 1 registers with exchange
- Exchange asks for wallet address withdrawals are to be sent to
- Buyer 1 deposits $1,000 USD
The buying/selling process
- Buyer 1 places an order to buy 2 Bitcoins for $1,000 ($500 each)
- Exchange deducts $1,000 from buyers balance
- Exchange creates a temporary address
- First seller to send Bitcoins to this address takes the $1,000
- Slower sends are returned to sender (we know where they came from, and that the address they came from is in the sellers control)
- Sends must be from the wallet sellers registered when signing up
- Once order is filled, Bitcoin in exchanges temporary address are forwarded to Buyers withdrawal address. USD balance transferred to sellers account balance
Slow transaction time. Sellers selling Bitcoin are in a race to get the first confirmed transaction if they wish to fulfil the order. This could at least partially be solved with a trust system. Sellers can automatically reserve buy orders. If they fulfil the order within 1 hour everything is fine, if they don't fulfil it they lose their right to reserve orders.
Slowness in order fulfilment could quite possibly be exploitable in some way.
Transaction fees could rack up for sellers if they are too slow to send Bitcoins to fulfil orders. Fortunately transaction fees have recently been significantly reduced.
- Exchanges no longer are in control of large amounts of Bitcoin reserves
- Hacking this website would only be able to steal live orders as they happen by publishing alternative order fulfilment addresses. It should also be fairly easy to build monitoring tools that can specifically stop these types of attacks as they happen.
- Easy to pause to limit damage. If an attack is in progress, simply stopping the website is enough to stop the attack in its tracks
- Sellers retain total control of their Bitcoins
- Sellers can remain entirely anonymous until they wish to cash out fiat
- Exchange knows roughly how many Bitcoin are available to trade
- Can be entirely automated except for the fiat aspect of the business
Good idea or bad? Feel free to run with it if you think it's good, I don't have time and I'd like to see alternative solutions out there!
I think this is going to be a trade-off between speed/convenience and safety. Currently the Bitcoin exchange industry is leaning far too much over on the speed/convenience side of things, and I think an exchange that focussed on safety would stand to attract a lot of customers.