(RE: Exchanges hack) Let's talk about a solution before instead of crying after

[franky1]

if we want to starting trade bitcoin or altcoins putting our bitcoin to exchange is necessary to do so

imagine old concept is depositing funds into your wifes account so that when you want to pay for something you need to ask her and its her that makes the payment. but she decides to run away with the milkman and your cash

imagine a new concept of a joint account where your wife cant run off with the milkman with all your funds, because she needs your authorisation to make payments aswell as hers.

multisig is the new concept but i feel exchanges will wait for LN to be the 'tool' to make that a userfriendly process because at the moment trying to do multisigs is not 'granny friendly' in current popular bitcoin implementations

[cpfreeplz]

imagine old concept is depositing funds into your wifes account so that when you want to pay for something you need to ask her and its her that makes the payment. but she decides to run away with the milkman and your cash

imagine a new concept of a joint account where your wife cant run off with the milkman with all your funds, because she needs your authorisation to make payments aswell as hers.

1st of all, fuck milkmen. I mean seriously. They were obviously screwing everyone's mom. No wonder they don't exist anymore. Too many love-childs.

Anyways, with bank accounts you can have anyone can sign (ie 1 signature required) or everyone must sign (ie everyone on the account must sign). This is both in personal and business banking. Most joint accounts are probably anyone can sign though, but you do have a choice. It's definitely not a new concept.
Imagine this:

"Johnson!" Says your boss.

"Yessir!" You reply.

"I just got this $1,000,000 cheque that I need you to deposit into our business account that you're a signer for."

"I'll get on it right away sir!"

Deposits money. Withdraws $1million. Lives happy ever after in the Cayman Islands.


There's a reason this doesn't happen literally every minute of every day.

[royalfestus]

The right question is how were they hacked? Hacking is inevitable, so what are exchanges doing to prevent the hack. We will always use exchange even if we have the safest wallets but are precautions being engaged?

Actually no any exchange platform have ever made a detail announcement regarding how their security system fails on hack which make it quite suspicious and i believe majority of hack is just inside job.

The only way to minimize loss during hack is to use multiple trading platform till we don't get any working decentralized trading platform, and this may take few more years.

If this is the case, all exchanges with criminal records should not be protected. They should be exposed to world, to reduce transaction on their the sites where bye reducing victims. Not everyone can create an exchange from himself, we should protect those who cant.

[franky1]

imagine old concept is depositing funds into your wifes account so that when you want to pay for something you need to ask her and its her that makes the payment. but she decides to run away with the milkman and your cash

imagine a new concept of a joint account where your wife cant run off with the milkman with all your funds, because she needs your authorisation to make payments aswell as hers.

1st of all, fuck milkmen. I mean seriously. They were obviously screwing everyone's mom. No wonder they don't exist anymore. Too many love-childs.

Anyways, with bank accounts you can have anyone can sign (ie 1 signature required) or everyone must sign (ie everyone on the account must sign). This is both in personal and business banking. Most joint accounts are probably anyone can sign though, but you do have a choice. It's definitely not a new concept.
Imagine this:

"Johnson!" Says your boss.

"Yessir!" You reply.

"I just got this $1,000,000 cheque that I need you to deposit into our business account that you're a signer for."

"I'll get on it right away sir!"

Deposits money. Withdraws $1million. Lives happy ever after in the Cayman Islands.


There's a reason this doesn't happen literally every minute of every day.

i didnt mean literally bank accounts. i was just putting multisig into a prospective common people understand. and yes in multisig you can have 1-of-2 also.. but then again in joint bank accounts you can also require dual signature where in multisig you can require 2-of-2

there are multiple purposes requirements you can set on a multisig and bank account.
EG child trust fund require both parents signatures and only unlocked at a certain date.
=2 of 2 multisig with a CLTV script

i only mentioned it as some people dont understand multisig/LN at its most basic use-case concept

[Geronimomo]

All this talking, while the solution is obvious: decentralized exchange. With an OpenLedger account YOU keep the private keys, you can setup multi-sig accounts of 1/1 1/2 1/3 1/4 2/2 2/3 2/4 etc.

With a decentralized exchange there is no counterparty risk. Nobody can take your funds. You can trade BTC/USD BTC/CNY and BTC/BTS as well as many other markets.

BTS exchange used to have pretty low volume but now why anyone uses centralized exchanges with their chances of failure is beyond me.

Trade fees for core assets are tiny, like .001c, per trade. For OpenLedger backed assets it's .1%.

How to stay safe: trade on a blockchain!

See cryptofresh.com to see live trading activity.

[calkob]

Bitsquare is a good decentralised exchange but there is just not enough people using it, i am not sure why.  maybe it is to complicated and people dont trust it yet.

[DomainMagnate]

Is it possible to create a back up wallet by exchanges?Like some offline cold wallet where all the coins are kept and unless user request a withdrawal ,coins do not become online?

[CraigWrightBTC]

I have heard about markets on base blockchains technology, I think it is good solution for anticipation of hacking problem on the markets, although i am not sure about that because it is still new.
But there is the markets that used blockchains technology for markets, but i don't know about the progress of market and i am forget the name of market too.  .

[pooya87]

i am a bit late to reply but i'll read all comments.

Set up your own exchange~

lets keep things realistic here!

~ bitsquare ~

i have also checked that one but i get the same feeling that it is lacking lots of features, and it doesn't seem to be fast enough for selling at market rate or at least that was my impression. if it is worked on more, it may have some potential.

The right question is how were they hacked?~

your right question is off-topic here.

~

please read OP!

and don't keep your money on exchange site is not an acceptable answer! because you have to do it if you want to trade, the exchange may get hacked (allegedly or for real) 1 minute after you deposit.

Is it possible to create a back up wallet by exchanges?Like some offline cold wallet where all the coins are kept and unless user request a withdrawal ,coins do not become online?

That is on the exchanges, and they should do it, and they say they are doing it. all those exchanges that were hacked (claimed to be hacked) said they have multisignature, cold storage, blah blah and they ran away with our funds just fine.

[pooya87]

exchanges need to change

firstly
exchanges should ask their customer to register an empty public key. (emphasis PUBLIC)
the customer keeps the private key a secret.

next to log in users are shown a message. and the user has to paste in the signed message, to prove who they are.
that way 'passwords' are not saved on databases or involved because the message and reply(signature) is unique at each login.

next
the public key is used with a public key belonging to the exchange to form a multisig.
the multisig becomes the deposit address.

then when users want to make an order they sign a multisig transaction to give the exchange X of total balance. to place that X onto an order.
this way funds are made more so as a 50% user-50% exchange control of funds. and outside and inside hackers cannot take 100% control

in short LN will become useful for exchanges, because LN is about multisigs.

now this is a good answer.
i like it mainly because it is using the "multisig" feature which is already available in bitcoin protocol itself so it doesn't need something weird or new.

but also that is going to make things complicated.
lets assume you want to make a trade, you have to do all the signing,... and specially if you are keeping things in cold storage, that will be harder (time consuming) and time is sometimes important in trading with volatile prices.

also the first thing that came to my mind was confirmation time, but i don't think confirmation is necessary since it is a multisignature transaction and neither party can double spend, right?

i am not familiar enough with LN though, but from what i have read it seems like it can be good in this case as long as there aren't that much additional fees.

[davis196]

we have all seen exchanges being hacked and lost our precious bitcoins or at least heard about them. and these days i keep seeing these two topics saying there is a possibility for a new one!

i say lets talk about a solution. there is no point sitting around waiting for one to happen then start crying!

• what can we do?
  and don't keep your money on exchange site is not an acceptable answer! because you have to do it if you want to trade, the exchange may get hacked (allegedly or for real) 1 minute after you deposit.
  
  
• what is the substitute for these exchanges?
  decentralized exchange? how do they work? is there any good one around? why aren't they famous? what are the pros and cons?
  

i'll admit that i don't know much about decentralized exchanges and i am sure i am not alone here

let this topic be a compilation of all suggestion for either an existing solution or future possibilities and ideas.

Everything onlne can be hacked.Any exchange platform or any online btc wallet.

I don`t know about any decentralized exchanges.

I guess that a decentralized exchange will look like a multi-cryptocurrency hardware wallet with

peer-to-peer connection with other wallets.There is still risk of being hacked.

[jacaf01]

What about exchanges like ShapeShift? They don't hold your funds (not for long atleast) so if they get hacked, not much would be lost. Or is it just too impractical?

Most of the people that leave their BTC on exchanges are day traders, so it is not financially correct to use shapeshift, the transaction fee is high and again they just sell or buy at the current price order, so for a coin with low volume and high spread you will just be losing money on each trade.

[pooya87]

What about exchanges like ShapeShift? They don't hold your funds (not for long atleast) so if they get hacked, not much would be lost. Or is it just too impractical?

Most of the people that leave their BTC on exchanges are day traders, so it is not financially correct to use shapeshift, the transaction fee is high and again they just sell or buy at the current price order, so for a coin with low volume and high spread you will just be losing money on each trade.

i have never used shapeshift myself to know for sure, but what the site says is that there are no additional fees for exchanging one coin to another except network fees.
and as for the price, it seems to be the same as what it is on exchanges.

the downside (as it was mentioned) is lack of trading with fiat. and also there is a limit for how much you can exchange for example it was ~1BTC for buying litecoin.

[Velkro]

i say lets talk about a solution. there is no point sitting around waiting for one to happen then start crying!

• what can we do?
  and don't keep your money on exchange site is not an acceptable answer! because you have to do it if you want to trade, the exchange may get hacked (allegedly or for real) 1 minute after you deposit.
  

This is just plain bad luck then, u can die walking on street by falling brick or car crashing into u.
We are not talking about back luck here. 99% of btc are lost on exchanges because they are keeped there for extended period of time.
That can be avoided.

[franky1]

the shapeshift model wont work for daytraders.

but multisig/LN would.
this is because instead of seeing some mysql 'balance' you are seeing a signed tx of real unspent bitcoin value between you and an exchange and shows who owns what share of that value.
EG
[in: 1cU5t0m3r: 1.0btc]
[in: 13xCh4nG3: 1.0btc]
[out: 1cU5t0m3r: 0.999btc]
[out: 13xCh4nG3: 1.001btc]
[sig: 1cU5t0m3r]
[sig: 13xCh4nG3]

and that tx changes and gets resigned when a customer places an order (example below of placing an order for another 0.001btc)
[in: 1cU5t0m3r: 1.0btc]
[in: 13xCh4nG3: 1.0btc]
[out: 1cU5t0m3r: 0.998btc]
[out: 13xCh4nG3: 1.002btc]
[sig: 1cU5t0m3r]
[sig: 13xCh4nG3]

when the customer want to 'withdraw' he just broadcasts that tx to the network to get confirmed
the exchange cant run away with 2btc because he needs the customers signature
the customer cant run away with 2btc because he needs the exchanges signature

so they both have to mutually agree on who owes who what and both sign to show agreement

[franky1]

but also that is going to make things complicated.
lets assume you want to make a trade, you have to do all the signing,... and specially if you are keeping things in cold storage, that will be harder (time consuming) and time is sometimes important in trading with volatile prices.

the individual public keys used to form the multisig are empty of value. thus no need to 'coldstore' exactly.
because they are separate, that alone is a line of defense

because multisig involves dual signatures. an exchange via API can sign the tx(not on the front end) send the signed tx to the front end and then the front end sends the signed tx via api to the customers LN/multisig client.
thus the private key is not on the front end and transmission time is miliseconds (think how proxies work)

knowing the customer needs to sign too. the customer would refuse to sign if it noticed the destination of funds were going elsewhere. thus a hacker cant intercept. and also a hacker cannot change the destination after signing because the signature wont match the tx's new content.

lastly the customer just sends back a copy with their signature, thus also protecting their own private key by not having to use the privatekey within the exchange front end. but only on their own personal computer

also the first thing that came to my mind was confirmation time, but i don't think confirmation is necessary since it is a multisignature transaction and neither party can double spend, right?

because tx's are using real unspent funds and double signed it cant be double spend because funds cant move without both sides agreement.
and thus its no need to broadcast it to the network instantly. just holding a tx becomes like a bearer bond/promise/guarantee to pay.

i am not familiar enough with LN though, but from what i have read it seems like it can be good in this case as long as there aren't that much additional fees.

current LN concepts do have MANY 'penalties' so although you can re-sign thousands of tx's at an agreed lower fee per re-sign. LN hubs want to introduce other ways to make money, hold funds and revoke funds. so LN has some faults.

hense why im more interested in traditional multisig utility which has been built into bitcoin for along time now. but lets hope the LN concepts aimed at repaying blockstream investors is not so heavy handed with its penalties, otherwise LN will be impractical

[DooMAD]

the shapeshift model wont work for daytraders.

Having thought about it, I suppose the same potentially applies to ACCT, depending on which currency it is.  Transaction directly on chain tend to involve a miners fee, which (in BTC at least) is usually slightly higher than the exchange's buy/sell fees.  In that regard, ACCT would be better for one-off trades as there's literally zero counterparty risk involved.  But for frequent trades (daytrading) the exchanges would be more profitable, so your multi-sig proposal would be a significant improvement.

If scaling ever gets sorted, I sincerely hope the next big priority is ACCT.

[franky1]

the shapeshift model wont work for daytraders.

Having thought about it, I suppose the same potentially applies to ACCT, depending on which currency it is.  Transaction directly on chain tend to involve a miners fee, which (in BTC at least) is usually slightly higher than the exchange's buy/sell fees.  In that regard, ACCT would be better for one-off trades as there's literally zero counterparty risk involved.  But for frequent trades (daytrading) the exchanges would be more profitable, so your multi-sig proposal would be a significant improvement.

If scaling ever gets sorted, I sincerely hope the next big priority is ACCT.

this is why litecoin, vertcoin and other alts are also doing LN. so that a future LN client can interact with many coins and swap independently and settle on all blockchains at a later('withdraw') time.

but all LN concepts at the moment still have flaws, so its too early to tell

[BigBoom3599]

What about exchanges like ShapeShift? They don't hold your funds (not for long atleast) so if they get hacked, not much would be lost. Or is it just too impractical?

That depends if you think $230,000 counts as "much".  

Even the swap services aren't bulletproof.  A motivated attacker will usually find a weakness given sufficient time.  

Ofcourse that's a lot of money but if you compare that to what other 'hacked' exchanges have lost it's nothing 

[Senor.Bla]

As most of the time there are two solutions to this problem. You can do it on your own or you let other people do it for you.
How can you do it on your own? I am not talking about making your own exchange or trying to improve the exchanges security. I am talking about educating yourself and gaining knowledge. This will take time and effort, but you could protect your money with a cold storage, multi sigs and more. And if you do not want that then you have to let other people do it for you. They will take money for doings so and you have no guarantee that you can trust them.