pooya87 (OP)
Legendary
Offline
Activity: 3640
Merit: 11041
Crypto Swap Exchange
|
|
December 30, 2016, 04:36:16 AM |
|
we have all seen exchanges being hacked and lost our precious bitcoins or at least heard about them. and these days i keep seeing these two topics saying there is a possibility for a new one! i say lets talk about a solution. there is no point sitting around waiting for one to happen then start crying! - what can we do?
and don't keep your money on exchange site is not an acceptable answer! because you have to do it if you want to trade, the exchange may get hacked (allegedly or for real) 1 minute after you deposit.
- what is the substitute for these exchanges?
decentralized exchange? how do they work? is there any good one around? why aren't they famous? what are the pros and cons?
i'll admit that i don't know much about decentralized exchanges and i am sure i am not alone here let this topic be a compilation of all suggestion for either an existing solution or future possibilities and ideas.
|
|
|
|
BingoDog
|
|
December 30, 2016, 04:54:26 AM |
|
I don't think there is anything we can actualy do. Exchangers are attractive target and from time to time tho will be attacked. It's up to them to put their security to a higher level and protect themselves as well as their customers. Also they should have a policy how to treat their customers if damage has been done and how to return the coins. I don't know much about the decentralized exchangers too but O don't know how this could be a solution. Can't they be attacked also?
|
malaj
|
|
|
traderethereum
|
|
December 30, 2016, 05:57:10 AM |
|
we have all seen exchanges being hacked and lost our precious bitcoins or at least heard about them. and these days i keep seeing these two topics saying there is a possibility for a new one! i say lets talk about a solution. there is no point sitting around waiting for one to happen then start crying! - what can we do?
and don't keep your money on exchange site is not an acceptable answer! because you have to do it if you want to trade, the exchange may get hacked (allegedly or for real) 1 minute after you deposit.
- what is the substitute for these exchanges?
decentralized exchange? how do they work? is there any good one around? why aren't they famous? what are the pros and cons?
i'll admit that i don't know much about decentralized exchanges and i am sure i am not alone here let this topic be a compilation of all suggestion for either an existing solution or future possibilities and ideas. for me, my solution is never put all of your bitcoin into one exchangers, but split it into many exchangers and don't use large amount in that exchangers, the most of your bitcoin will be store in your private wallet so if there is something bad happen with exchangers, we still have our bitcoin in our wallet that is safe in that wallet.
|
|
|
|
Wendigo
Legendary
Offline
Activity: 2604
Merit: 1036
|
|
December 30, 2016, 06:13:53 AM |
|
Set up your own exchange and try to be your own boss. Maybe aspire to organize some kind of a peer-to-peer offline exchange but still you will need to procure clients from the real world and be a sweet talker in order to get your margins worth your time Or just use an online Butcoin exchange like everyone else and be alert.
|
|
|
|
piloder
Legendary
Offline
Activity: 966
Merit: 1006
|
|
December 30, 2016, 06:17:46 AM |
|
I have heard about bitsquare being one of the decentralized trading platform however it seems they still lack lots of things or are not capable of handling large volumes. I found it more like localbitcoins but they say its completely p2p trading, i still don't know how actually they work but i don't think there are other decentralized trading platform like bitsquare right now.
|
|
|
|
franky1
Legendary
Offline
Activity: 4410
Merit: 4772
|
|
December 30, 2016, 09:41:06 AM |
|
exchanges need to change
firstly exchanges should ask their customer to register an empty public key. (emphasis PUBLIC) the customer keeps the private key a secret.
next to log in users are shown a message. and the user has to paste in the signed message, to prove who they are. that way 'passwords' are not saved on databases or involved because the message and reply(signature) is unique at each login.
next the public key is used with a public key belonging to the exchange to form a multisig. the multisig becomes the deposit address.
then when users want to make an order they sign a multisig transaction to give the exchange X of total balance. to place that X onto an order. this way funds are made more so as a 50% user-50% exchange control of funds. and outside and inside hackers cannot take 100% control
in short LN will become useful for exchanges, because LN is about multisigs.
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
shorena
Copper Member
Legendary
Offline
Activity: 1498
Merit: 1540
No I dont escrow anymore.
|
|
December 30, 2016, 09:53:02 AM |
|
|
Im not really here, its just your imagination.
|
|
|
royalfestus
|
|
December 30, 2016, 09:54:35 AM |
|
The right question is how were they hacked? Hacking is inevitable, so what are exchanges doing to prevent the hack. We will always use exchange even if we have the safest wallets but are precautions being engaged?
|
|
|
|
franky1
Legendary
Offline
Activity: 4410
Merit: 4772
|
|
December 30, 2016, 10:05:14 AM |
|
The right question is how were they hacked? Hacking is inevitable, so what are exchanges doing to prevent the hack. We will always use exchange even if we have the safest wallets but are precautions being engaged?
they were not hacked. they just wont admit to embezzling funds. the solution is to prevent them from being able to embezzle funds.. which means that if there was also an outsider hacker. they cant steal either. this is done by not giving exchanges 100% control of funds
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
1Referee
Legendary
Offline
Activity: 2170
Merit: 1427
|
|
December 30, 2016, 10:27:39 AM |
|
I doesn't really matter what people here are proposing to reduce victims at the time exchanges get "hacked". People are too lazy and don't care as their behaviour didn't change a single bit after all incidents that we have seen. If you put decentralized exchanges aside, then the only possible outcome will be that exchanges store all their coins offline and thus get rid of hot wallets. It will annoy people as cashouts will be more time consuming as exchanges have to process everything manually, but at least it will have an immediate effect. But then again, it will protect you from hackers, but there are also the employees or the exchange operators that may turn out to be filthy thieves.
|
|
|
|
franky1
Legendary
Offline
Activity: 4410
Merit: 4772
|
|
December 30, 2016, 10:47:34 AM |
|
I doesn't really matter what people here are proposing to reduce victims at the time exchanges get "hacked". People are too lazy and don't care as their behaviour didn't change a single bit after all incidents that we have seen. If you put decentralized exchanges aside, then the only possible outcome will be that exchanges store all their coins offline and thus get rid of hot wallets. It will annoy people as cashouts will be more time consuming as exchanges have to process everything manually, but at least it will have an immediate effect. But then again, it will protect you from hackers, but there are also the employees or the exchange operators that may turn out to be filthy thieves.
no no no putting funds offline in exchanges full control is the problem.. not the solution the solution is to have funds not be able to move without users authorisation. by this i mean get rid of "passwords" stored on an exchange, because this is still giving exchanges/hackers control. and instead use a bitcoin feature built in since day one.. SIGNATURES
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
1Referee
Legendary
Offline
Activity: 2170
Merit: 1427
|
|
December 30, 2016, 11:15:02 AM |
|
I doesn't really matter what people here are proposing to reduce victims at the time exchanges get "hacked". People are too lazy and don't care as their behaviour didn't change a single bit after all incidents that we have seen. If you put decentralized exchanges aside, then the only possible outcome will be that exchanges store all their coins offline and thus get rid of hot wallets. It will annoy people as cashouts will be more time consuming as exchanges have to process everything manually, but at least it will have an immediate effect. But then again, it will protect you from hackers, but there are also the employees or the exchange operators that may turn out to be filthy thieves.
no no no putting funds offline in exchanges full control is the problem.. not the solution the solution is to have funds not be able to move without users authorisation.by this i mean get rid of "passwords" stored on an exchange, because this is still giving exchanges/hackers control. and instead use a bitcoin feature built in since day one.. SIGNATURES How would that work out since coins people deposit will get mixed within their system? As soon as you request a cashout, you'll get different coins than what you deposited. They don't appoint a certain amount of coins just for you where you can request a cashout and receive exactly these coins. I really don't see how exchanges are willing to change the way their system is set up. Every proposed change has to comply with the policies of the insurer (in case they have everything insured).
|
|
|
|
sportis
Sr. Member
Offline
Activity: 406
Merit: 252
Veni, Vidi, Vici
|
|
December 30, 2016, 01:53:55 PM |
|
In my opinion exchanges should follow or copy policies following from banks. I am pretty sure hackers have stolen funds from banks but the latter (of course) does not make any announcement. So a predefined amount must be given to any customer in case of hacking. Secondly, I don't know if is possible to make contracts with any insurance company. Lastly very strict selection of their employees. Most of the hack problems are due to careless or over confident or crooks employees. It is almost impossible to avoid hacking. So, at least, let's restrict the loss.
|
|
|
|
mobnepal
Legendary
Offline
Activity: 1218
Merit: 1006
|
|
December 30, 2016, 02:09:43 PM |
|
The right question is how were they hacked? Hacking is inevitable, so what are exchanges doing to prevent the hack. We will always use exchange even if we have the safest wallets but are precautions being engaged?
Actually no any exchange platform have ever made a detail announcement regarding how their security system fails on hack which make it quite suspicious and i believe majority of hack is just inside job. The only way to minimize loss during hack is to use multiple trading platform till we don't get any working decentralized trading platform, and this may take few more years.
|
|
|
|
franky1
Legendary
Offline
Activity: 4410
Merit: 4772
|
|
December 30, 2016, 02:23:46 PM |
|
I doesn't really matter what people here are proposing to reduce victims at the time exchanges get "hacked". People are too lazy and don't care as their behaviour didn't change a single bit after all incidents that we have seen. If you put decentralized exchanges aside, then the only possible outcome will be that exchanges store all their coins offline and thus get rid of hot wallets. It will annoy people as cashouts will be more time consuming as exchanges have to process everything manually, but at least it will have an immediate effect. But then again, it will protect you from hackers, but there are also the employees or the exchange operators that may turn out to be filthy thieves.
no no no putting funds offline in exchanges full control is the problem.. not the solution the solution is to have funds not be able to move without users authorisation.by this i mean get rid of "passwords" stored on an exchange, because this is still giving exchanges/hackers control. and instead use a bitcoin feature built in since day one.. SIGNATURES How would that work out since coins people deposit will get mixed within their system? As soon as you request a cashout, you'll get different coins than what you deposited. They don't appoint a certain amount of coins just for you where you can request a cashout and receive exactly these coins. I really don't see how exchanges are willing to change the way their system is set up. Every proposed change has to comply with the policies of the insurer (in case they have everything insured). exchanges need to change
firstly exchanges should ask their customer to register an empty public key. (emphasis PUBLIC) the customer keeps the private key a secret.
next to log in users are shown a message. and the user has to paste in the signed message, to prove who they are. that way 'passwords' are not saved on databases or involved because the message and reply(signature) is unique at each login.
next the public key is used with a public key belonging to the exchange to form a multisig. the multisig becomes the deposit address.
then when users want to make an order they sign a multisig transaction to give the exchange X of total balance. to place that X onto an order. this way funds are made more so as a 50% user-50% exchange control of funds. and outside and inside hackers cannot take 100% control
in short LN will become useful for exchanges, because LN is about multisigs.
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
BigBoom3599
|
|
December 30, 2016, 02:29:14 PM |
|
What about exchanges like ShapeShift? They don't hold your funds (not for long atleast) so if they get hacked, not much would be lost. Or is it just too impractical?
|
|
|
|
franky1
Legendary
Offline
Activity: 4410
Merit: 4772
|
|
December 30, 2016, 02:38:58 PM |
|
What about exchanges like ShapeShift? They don't hold your funds (not for long atleast) so if they get hacked, not much would be lost. Or is it just too impractical?
thats a coin swap service. not a full day-trade exchange that handles fiat. but lets play devils advocat. lets say full exchanges were to have been hacked. this is because private keys are on the same front-end server as the users place orders. this can also be mitigated by exchanges having a front-end with only publicly(deposit) keys and a 'command' database. EG instead of the front end signing transactions, the front end puts a user withdrawal request into a database. and secretly a secondary system is checking that command database in seconds and processes it from another system. double checking the user actually authorised it. the 'delay' is not stupidly a long manual process but a milisecond response time. just separated instead of combined into one system though i would still prefer this separate system to use multisigs to not have 100% control of funds
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
cpfreeplz
Legendary
Offline
Activity: 966
Merit: 1042
|
|
December 30, 2016, 02:40:55 PM |
|
Idiots keep money on exchanges and idiots read newspapers about 'bitcoins being hacked' so idiots have to use fiat made by other idiots because other idiots will keep those idiots' money in a vault for them.
If you ever keep anything on an exchange you're just dangling some raw meat in the ocean. Good luck with that.
|
|
|
|
DooMAD
Legendary
Offline
Activity: 3948
Merit: 3191
Leave no FUD unchallenged
|
|
December 30, 2016, 03:02:38 PM Last edit: December 30, 2016, 03:17:51 PM by DooMAD |
|
I was rather hoping for ACCT to be a thing by now, so you could exchange directly through your wallets between different coins and on different blockchains, but it seems we're still waiting for a breakthrough on that one. Certain altcoins can already do it, but BTC needs to catch up, so we can trade in a completely decentralised manner without any third party middlemen like exchanges. Out of all the myriad potential solutions, this one (IMHO) is the best. The code works right now, so someone just needs to integrate it into Bitcoin. Hoping for good news in 2017. What about exchanges like ShapeShift? They don't hold your funds (not for long atleast) so if they get hacked, not much would be lost. Or is it just too impractical?
That depends if you think $230,000 counts as "much". Even the swap services aren't bulletproof. A motivated attacker will usually find a weakness given sufficient time.
|
|
|
|
Nahl
Legendary
Offline
Activity: 1652
Merit: 1000
|
|
December 30, 2016, 03:11:13 PM |
|
this is difficult options because the hackers will always be aiming the exchange especially the big exchange which have huge market volume and if we want to starting trade bitcoin or altcoins putting our bitcoin to exchange is necessary to do so but i would go for my own solution that don't keep my money to the exchange too long because nothing 100% safe in crypto world
|
|
|
|
|