there are exchanges like bitalo.com out there that do not take control over the coins at all but have user-side generated keys that are stored only in encrypted form on the servers, combined with full multi-signature wallets and backup transaction so that you can get the coins back, even when the site loses all data or goes completely offline.
People just need to use it :-)
Good initiative, thanks for showing us that this can work, and illustrating how irresponsible and borderline criminal established exchanges are for not adopting such practices.
Think about what Bitstamp have been working on instead: A fancy chart UI for trading and an Android app. Meanwhile, they can't even ensure or prove that cold wallet coins aren't lost.
You do realize that a multi-signature address on an exchange involves other issues that greatly impact usability as an exchange
Multi signature means both you and the exchange need to agree for funds to be spent. If the exchange is compromised in a way that does not let them use their own keys your funds will still be stuck.
Multi-sig cold storage on exchanges would be a neat feature for added trust but it would make a lot of things more complicated (try filling up a hot wallet from cold storage if you require the signatures from different users. You'd need a whole new scheme where a part of the cold wallet is still owned by the exchange which kind of defeats the whole point).
The bottom line is that if you want to be able to make fast trades in both directions (usd <-> btc) you will have to place trust in the system to some degree because the blockchain can't help you here.
I would actually argue that currently for the majority of users it is best that an exchange handles their funds rather than sharing that responsibility (if you lose your key(s) for a multisig address on an exchange the funds are basically gone).
Transparency on how cold storage is implemented however is of prime importance. We'll see what bitstamp has to say soon and if they have done their job remotely well the damage should be minimal.
Btw it is clear that people can't withdraw if the hot wallet might be compromised. If I were running the exchange that would be my first reaction too. Stop all movements of funds until it is clear what is safe and what is not.
This is exactly the point: Multi-Signature implementations make it possible that YOU must explicitly agree that the exchange or whatever service provider can move or take control of your coins! That way you keep control, which is the basic principle of Bitcoin and why it was invented. People dont trust banks and go into bitcoin and then they use bank-like and even more shady services like Gox or Stamp? Does not make much sense to me.
Instant trading should be rather done with BTC-IOUs, not with bitcoins
