[OFFICIAL]Bitfinex.com first Bitcoin P2P lending platform for leverage trading

[mjr]

As an example of what I meant, here is a post that someone just sent me...

https://github.com/HFenter/MarginBot

https://bitcointalk.org/index.php?topic=865250.0

Here is a bot for the swaps market that prioritizes keeping it active, it doesn't care the rate, it would just prefer that its funds are always in use. With no FRR, this would be the norm. The simple fact remains, that as long as people can get something, rather than nothing, they will probably take it. That being said, I really want to update the FRR, and hopefully it makes it more responsive.

As the author of this bot, I'd like to point out this bot was originally developed specifically because of how frustrating the FRR is.  It's not a "something  rather than nothing" philosophy so much as  "FRR wall breaks realistic lending rates, and keeping my money lent 100% of the time at least improves my return a little bit".  I do very much care about the rate, I just came to accept most investors are lazy and will dump everything into FRR auto renew and never think another thought about it, and I had to figure out a way to combat that as  best I could...  I would also point out the 30 day returns with this bot are almost always much higher than FRR set and forget lenders returns are...

I agree, and those who are creating a massive wall, by definition, while the wall is there, are getting nothing. So people who use the FRR choose to get whatever they can get, in exchange for not having to manage it. A bot, of course, will be much more useful, and will give you better returns. Instead of having to compete with those people, whose funds are NOT active, you are able to get in front of them, and have your funds be active.

With no FRR, everyone who chooses to manage their funds with a bot would prioritize active over inactive, and you would see more competition.

[mjr]

As an example of what I meant, here is a post that someone just sent me...

https://github.com/HFenter/MarginBot

https://bitcointalk.org/index.php?topic=865250.0

Here is a bot for the swaps market that prioritizes keeping it active, it doesn't care the rate, it would just prefer that its funds are always in use. With no FRR, this would be the norm. The simple fact remains, that as long as people can get something, rather than nothing, they will probably take it. That being said, I really want to update the FRR, and hopefully it makes it more responsive.

As the author of this bot, I'd like to point out this bot was originally developed specifically because of how frustrating the FRR is.  It's not a "something  rather than nothing" philosophy so much as  "FRR wall breaks realistic lending rates, and keeping my money lent 100% of the time at least improves my return a little bit".  I do very much care about the rate, I just came to accept most investors are lazy and will dump everything into FRR auto renew and never think another thought about it, and I had to figure out a way to combat that as  best I could...  I would also point out the 30 day returns with this bot are almost always much higher than FRR set and forget lenders returns are...

So, if I add all that and make it compete with you for being active, you will see higher or lower rates? In other words, the more effort you put in (writing a bot), the better your returns. Those who "set and forget", won't make as much, but more importantly, they will not compete with you who do want to actively manage (via bot) your positions.

[mjr]

Since a mail by an address of the account owner seems to be enough to get rid of 2FA, please look into various ways to spoof this (http://en.wikipedia.org/wiki/Email_spoofing) - hopefully you are aware that it is fairly trivial to send convincingly looking mail from any address...

It is not "enough", in that it takes more than just an email, it takes an email to a person who will then respond to that email, it is not an API. Secondly, removing 2FA does not grant you access to the account, you would still need the log on credentials. Thirdly, knowing WHICH email it is you are supposed to spoof is not automatically granted.

If you, are targeting a specific account, as an attacker, if you were to spoof a 2FA disable request for every likely email, this would be obvious to the human who is receiving the emails, and would raise a red flag. So, if they A. Get your login credentials, B. Obtain the email address you used to open your account, C. Spoof the email succesfully THEN they could access your account. Which means that they have to 1. Get your login credentials, 2. Defeat the 2FA.

[HowardF]

As an example of what I meant, here is a post that someone just sent me...

https://github.com/HFenter/MarginBot

https://bitcointalk.org/index.php?topic=865250.0

Here is a bot for the swaps market that prioritizes keeping it active, it doesn't care the rate, it would just prefer that its funds are always in use. With no FRR, this would be the norm. The simple fact remains, that as long as people can get something, rather than nothing, they will probably take it. That being said, I really want to update the FRR, and hopefully it makes it more responsive.

As the author of this bot, I'd like to point out this bot was originally developed specifically because of how frustrating the FRR is.  It's not a "something  rather than nothing" philosophy so much as  "FRR wall breaks realistic lending rates, and keeping my money lent 100% of the time at least improves my return a little bit".  I do very much care about the rate, I just came to accept most investors are lazy and will dump everything into FRR auto renew and never think another thought about it, and I had to figure out a way to combat that as  best I could...  I would also point out the 30 day returns with this bot are almost always much higher than FRR set and forget lenders returns are...

I agree, and those who are creating a massive wall, by definition, while the wall is there, are getting nothing. So people who use the FRR choose to get whatever they can get, in exchange for not having to manage it. A bot, of course, will be much more useful, and will give you better returns. Instead of having to compete with those people, whose funds are NOT active, you are able to get in front of them, and have your funds be active.

With no FRR, everyone who chooses to manage their funds with a bot would prioritize active over inactive, and you would see more competition.

but it would be competition without a massive wall that us active investors are FORCED to stay below if we want any worthwhile returns at all.  The wall is the high limit of returns I can make at a given time, with or without a bot.  Without the FRR, there would be no high limit, just active competition.

[HowardF]

So, if I add all that and make it compete with you for being active, you will see higher or lower rates? In other words, the more effort you put in (writing a bot), the better your returns. Those who "set and forget", won't make as much, but more importantly, they will not compete with you who do want to actively manage (via bot) your positions.

and of course they compete... they compete by setting an unnatural, unmanaged wall above which no other loans will go out, thereby creating a high limit I can't go above.

[HowardF]

I will say, I don't particularly want to get involved in the FRR debate though.  I'm pretty sure you guys are gonna do what you're gonna do, and my opinion won't much change that.  I just wanted to get involved to the extent that I didn't really want my bot used as the talking point in saying people will "take what they can take" and implying that people are ok with FRR.  I personally feel it's extremely damaging to the swap market, but that's just my opinion FWIW.

On the other hand, feel free to use my Bot as a talking point for any other discussions you wish to have.   Free publicity is free publicity....   

[btcisreal]

PLEASE ANSWER EVERYONE
How long does it take from the day you request a USD withdrawal until you receive the payment? What's your experience (regular & not express) with Bitfinex withdrawal times?

Thanks in advance.

[noggin-scratcher]

If you, are targeting a specific account, as an attacker, if you were to spoof a 2FA disable request for every likely email, this would be obvious to the human who is receiving the emails, and would raise a red flag. So, if they A. Get your login credentials, B. Obtain the email address you used to open your account, C. Spoof the email succesfully THEN they could access your account. Which means that they have to 1. Get your login credentials, 2. Defeat the 2FA.

Step 1: Get your email account compromised.

Step 2: Attacker uses password reset form: "Reset your password -- Enter your email address -- Click here to reset your password", so they now have your account credentials... you don't, just them.

Step 3: Attacker sends a nice email to support@bitfinex asking for the 2FA to be disabled, and is able to follow up with any further exchange of emails.

So in the event of an email security failure, your security model ends up resting largely on the idea that your support staff can tell apart a hacker from a real user. If they ask sufficiently probing questions before complying, maybe that isn't too bad an assumption (it's still a bit dodgy from a formal security point of view, but pragmatically might at least pass a sniff test), but it would be reassuring to know that there's some sort of actually-rigorous process employed to be certain that you're talking to the real account holder.

For verified accounts, you have identity-establishing documents to refer to. I'd feel comfortable ticking a box that said "Please require me to provide that same sort of documentation again before disabling my Authenticator".

[2586]

As the author of this bot, I'd like to point out this bot was originally developed specifically because of how frustrating the FRR is.  It's not a "something  rather than nothing" philosophy so much as  "FRR wall breaks realistic lending rates, and keeping my money lent 100% of the time at least improves my return a little bit".  I do very much care about the rate, I just came to accept most investors are lazy and will dump everything into FRR auto renew and never think another thought about it, and I had to figure out a way to combat that as  best I could...  I would also point out the 30 day returns with this bot are almost always much higher than FRR set and forget lenders returns are...

So, if I add all that and make it compete with you for being active, you will see higher or lower rates? In other words, the more effort you put in (writing a bot), the better your returns. Those who "set and forget", won't make as much, but more importantly, they will not compete with you who do want to actively manage (via bot) your positions.

That would depend in large part on what minimum rates people set. The default minimum rate on MarginBot is 0.05% per day (18.25% per year). The non-configurable minimum rate on FRR loans is 0%. If you were to switch all current FRR auto-lenders over to using an aggressive undercutting bot with a non-configurable 0% minimum rate, then yes, they'd clear out all the swap demands on the book and make it so that no offers above 0% get taken except when there's enough demand to bust the wall.

Of course, gradually the auto-lenders would log in, see that the party is over, and withdraw their funds. This would allow rates to start rising again; possibly quite rapidly, depending on how many fixed-rate lenders called it quits too.

Whatever you guys do about the FRR situation, I would strongly encourage you to require auto-lenders to explicitly choose a minimum rate for their offers. Providing a default risks recreating the wall at that rate, or at least distorting the market towards that rate. You may also want to consider allowing (or requiring) borrowers to explicitly choose their maximum auto-borrow rate (instead of the current fixed %1 per day), so that we better incorporate borrower preferences as well.

Having thought about this some more, I'm going to take my own advice and remove the default minimum rate from my bot, and require users to set it themselves. HowardF, you may want to consider doing the same with yours.

[freakbits]

So, if I add all that and make it compete with you for being active, you will see higher or lower rates? In other words, the more effort you put in (writing a bot), the better your returns. Those who "set and forget", won't make as much, but more importantly, they will not compete with you who do want to actively manage (via bot) your positions.

and of course they compete... they compete by setting an unnatural, unmanaged wall above which no other loans will go out, thereby creating a high limit I can't go above.

I just hope that your bot isn't costing me (as someone who isn't using it) money in the end. In one way or another.

[HowardF]

and of course they compete... they compete by setting an unnatural, unmanaged wall above which no other loans will go out, thereby creating a high limit I can't go above.

I just hope that your bot isn't costing me (as someone who isn't using it) money in the end. In one way or another.

If you're relying on FRR autolending, then of course it will cost you money, as it should.  Take a more active role in your investments if you want good returns, or use a good bot to manage them for you.  If on the other hand you actively manage your account, I would be very surprised if you see any effect, since we're all basically fighting the FRR, not each other.  People using bots aren't likely to ever have the volume to change that.

[HowardF]

Having thought about this some more, I'm going to take my own advice and remove the default minimum rate from my bot, and require users to set it themselves. HowardF, you may want to consider doing the same with yours.

Taking out a default isn't really practical for my app, and I don't think it will have a big effect anyways, since it's always going to end up lending just a few points below FRR,  but I will change it to the minimum I use on the next update .065%. People using bots are not likely to ever get the volume necessary to really create significant competition below the FRR. I'm also going to put some better notifications in to warn users when the FRR is getting so low that theis minimums won't get hit, so people can move their money to higher return investments as needed.

[DoubleSwapper]

As the author of this bot, I'd like to point out this bot was originally developed specifically because of how frustrating the FRR is.  It's not a "something  rather than nothing" philosophy so much as  "FRR wall breaks realistic lending rates, and keeping my money lent 100% of the time at least improves my return a little bit".  I do very much care about the rate, I just came to accept most investors are lazy and will dump everything into FRR auto renew and never think another thought about it, and I had to figure out a way to combat that as  best I could...  I would also point out the 30 day returns with this bot are almost always much higher than FRR set and forget lenders returns are...

So, if I add all that and make it compete with you for being active, you will see higher or lower rates? In other words, the more effort you put in (writing a bot), the better your returns. Those who "set and forget", won't make as much, but more importantly, they will not compete with you who do want to actively manage (via bot) your positions.

That would depend in large part on what minimum rates people set. The default minimum rate on MarginBot is 0.05% per day (18.25% per year). The non-configurable minimum rate on FRR loans is 0%. If you were to switch all current FRR auto-lenders over to using an aggressive undercutting bot with a non-configurable 0% minimum rate, then yes, they'd clear out all the swap demands on the book and make it so that no offers above 0% get taken except when there's enough demand to bust the wall.

Of course, gradually the auto-lenders would log in, see that the party is over, and withdraw their funds. This would allow rates to start rising again; possibly quite rapidly, depending on how many fixed-rate lenders called it quits too.

Whatever you guys do about the FRR situation, I would strongly encourage you to require auto-lenders to explicitly choose a minimum rate for their offers. Providing a default risks recreating the wall at that rate, or at least distorting the market towards that rate. You may also want to consider allowing (or requiring) borrowers to explicitly choose their maximum auto-borrow rate (instead of the current fixed %1 per day), so that we better incorporate borrower preferences as well.

Having thought about this some more, I'm going to take my own advice and remove the default minimum rate from my bot, and require users to set it themselves. HowardF, you may want to consider doing the same with yours.

Having thought about this some more, I'm going to take my own advice and remove the default minimum rate from my bot, and require users to set it themselves. HowardF, you may want to consider doing the same with yours.

Taking out a default isn't really practical for my app, and I don't think it will have a big effect anyways, since it's always going to end up lending just a few points below FRR,  but I will change it to the minimum I use on the next update .065%. People using bots are not likely to ever get the volume necessary to really create significant competition below the FRR. I'm also going to put some better notifications in to warn users when the FRR is getting so low that theis minimums won't get hit, so people can move their money to higher return investments as needed.

0.05% and 0.065% is higher than we were at some point. A few months ago a 3m FRR wall was sitting tightly above 0.04% iirc.

I just hope that your bot isn't costing me (as someone who isn't using it) money in the end. In one way or another.

Sorry to burst your bubble preemptively but if enough lenders use it the bot will definitely create additional downward pressure in combination with the FRR simply by increasing the supply through ensuring more money is on the book. Without the FRR, well...that might be completely different.

Also, funny how mjr tries to use this recent bot release as a defense for the FRR and then the bot creater himself comes here and scolds mjr for the FRR.

[HowardF]

0.05% and 0.065% is higher than we were at some point. A few months ago a 3m FRR wall was sitting tightly above 0.04% iirc.

I remember all too well those days.  In fact it's the reason I don't have good data back more than a few months, I took most of my money out of margin lending and put it towards better investments. (I also remember the glorious days back in January '14 , before the FRR wall got out of control and .8 - .9% daily returns were common....  man those were the days)  The reason for a .065% minimum default would be to encourge people to consider their options if it got that low.  I think however anyone with the knowledge and willingness to set up my bot also has the intelligence to set a minimum rate that works for them. 

Sorry to burst your bubble preemptively but if enough lenders use it the bot will definitely create additional downward pressure in combination with the FRR simply by increasing the supply through ensuring more money is on the book. Without the FRR, well...that might be completely different.

I think this may actually be a bit more complicated than that.  If lots of people start using the bot,  they may well be the ones currently using FRR auto.  Moving their cash to bot managed will also reduce the size of the single point wall, and maybe make market movements a bit more natural...  then again, it may just crash the rate completely.  Could go either way, but if other world markets are any indication, natural competition markets tend to work quite well...

Also, funny how mjr tries to use this recent bot release as a defense for the FRR and then the bot creater himself comes here and scolds mjr for the FRR.

 

[russianptr]

For verified accounts, you have identity-establishing documents to refer to. I'd feel comfortable ticking a box that said "Please require me to provide that same sort of documentation again before disabling my Authenticator".

this is true for verified accounts.

Bitfinex should simply ask any user to sign a message with of the last 5 deposit addresses. Because not every user knows how to do that you could also link
to a guide (https://multibit.org/en/help/v0.5/help_signAndVerifyMessage.html).

If that is a requirement the scenario described by noggin-scratcher would not be possible anymore, because the hacker would
now need to control both of your bitcoin wallet + your e-mail account.



+1 to Twinwinnerd also, increase the "cool-off" period to more than 1 week, 1 week is definitely too short

[Timetwister]

So now people keep undercutting the FRR and there's no way to lend at FRR. It would be nice to be able to autorenew with a market order or something like that. I don't really want to be monitoring my account all the time to make sure that all the USD are lent.

[Sukrim]

Feature request (hopefully not too hard to implement):
CSV download made available for the swap related lists in "History" tabs, notably "Margin Swaps" (https://www.bitfinex.com/account/margin_swaps) and "Unused Swaps" (https://www.bitfinex.com/account/unused_swaps).

[atlosas]

I have a question. Can i use bitfinex on my android smartphone?

[2586]

So now people keep undercutting the FRR and there's no way to lend at FRR. It would be nice to be able to autorenew with a market order or something like that. I don't really want to be monitoring my account all the time to make sure that all the USD are lent.

If you set autolend to a low enough rate, it should act like a market offer and pair you with the highest swap demand that's currently on the book.

Alternatively, you could set up my bot or HowardF's bot, and let the bot manage lending for you.

[HowardF]

So now people keep undercutting the FRR and there's no way to lend at FRR. It would be nice to be able to autorenew with a market order or something like that. I don't really want to be monitoring my account all the time to make sure that all the USD are lent.

Alternatively, you could set up my bot or HowardF's bot, and let the bot manage lending for you.

Exactly, thats kind of what these bots are for.  If you rely on FRR to keep your money lent out, you're not going to get very good returns.  If you want to be hands off, you're going to have to put at least a little work in at first.