How to build a safe centralized exchange: lessons from our past
Building a customer safe cryptocurrency exchange.
- If I were to build a customer safe cryptocurrency exchange, my approach would be different from the current Proof of Reserves model, which is complicated and difficult to understand.
- Instead I would take another approach, from a different point of view, the view of the customer.
- I would take this view because of what I have learned on Leofinance. Build something easy for the customer by making it familiar to something the customer already knows.
- My approach would contain two elements:First look like a bank, and second be safe like a bank.
- As a customer of a centralized exchange, these two things would help me sleep better at night.
Step one make it look like a bank.
- I would adopt the current process used by banks to open a bank account. Customers know this process, they would provide the usual name, address and other KYC information. It's familiar and so it's easy.
Step two: make it safe like a bank.
- This is the tricky part, how to offer some of the same safety features of a bank for cryptocurrency, and I would do this in six ways:
- My crypto exchange will segregate customer fiat/cash and customer cryptocurrency from my exchange's cryptocurrency, so there is no comingling of funds.
- My exchange would deposit all customer cash/fiat money in a 3rd party bank, as in one I don't own.
- My exchange would keep 95% of my customers' crypto in cold storage, as in cold wallets, as in offline and not connnected to the internet.
- My exchange would keep 5% of customers funds in a hot wallet on the exchange for trading, but I would back up that 5% 1:1 in a second exchange controlled cold wallet.
- My exchange would pay for a 3rd party audit once a year, to verify compliance with these practices.
- My exchange Terms of Service and all of my exchange creditor agreements would state that my customers are first in line to receive payments from assets I control, in the event of an exchange bankruptcy.
Last Words
- I think this would protect my customers from hacks, due to my exchange keeping their cryptocurrency in offline wallets.
- I think this would protect my customers from employee theft, embezzlement or other methods of theft of their cash/fiat and their cryptocurrency having it in carefully monitored cold wallets.
- I think this would protect customers from loss of funds during bankruptcy, because custonmer funds are the number one asset on any exchanges balance sheet of assets and liabilities, so making sure all my creditors agree to let the customers get their funds out first, then creditors get funds from my exchange company wallets after customers empty my cold wallets holding customer only funds.
- What do you think? Would you deposit funds?
@shortsegments
Posted Using LeoFinance Beta
0
0
0.000
Addendum:
My exchange would have a dashboard , which lists all accounts by public address, and account balances. This Dashboard would be maintained by a 3rd party.
Addendum: customer accounts would be wallet addresses. They would have public addresses to deposit funds, and the exchange would have a separate section for withdrawals processed from the cold storage wallet, and sent to the customer wallet, which would then transfer to a withdrawal wallet address specified by the customer.
I think those are some good rules but what would happen when someone takes a loan? I think one of the dangers is the fact that people can take loans against the funds in the accounts while showing the assets are there backed 1:1.
Posted Using LeoFinance Beta
If the exchange offers margin trades or Collateralized loans there would be rules for that similar to successful models like MakerDao
Posted Using LeoFinance Beta
Some really good ideas here, and I like the idea of delivering a secure environment that looks familiar and (by the sound of it) won't be the unnecessarily over-complex juggernaut so many crypto exchanges become.
But I'm going to play Devil's Advocate here and ask some questions. The idea isn't to shoot the concept down in flames, it's just to help ask questions as constructive criticism to help towards solutions.
So....
If you're segregating customer cash, you'll be doing better than legacy banks or current exchanges, which use deposits to generate returns. Does this create a risk that you'd have to charge fees at the higher end of the spectrum in order to fund the whole operation ?
Depositing customer funds in a 3rd party bank sounds great, but I reckon it just introduces another level of risk. Can you trust a 3rd party, and what happens if they go down ? We've all seen the impact of contagion between exchanges. Would it be better to put customer funds into cold storage wallets and find some way to ensure only they had the keys ?
The audit is an excellent idea, but you'd have to find an independent auditor who is trustworthy. The auditing profession itself (at least here in the UK) is under some significant scrutiny right now, mainly due to conflicts of interest with auditors who also have a consulting division working for the same businesses they audit. You might also want to have a policy to change auditors every 3 or 5 years. It's less cozy, but that would be a good thing !
You'd probably find it impossible to put customers at the head of the queue for payment in the event of bankruptcy. There's a huge amount of legislation about this - it varies from country to country, but is almost always along the lines of the tax authorities and banks are preferred creditors, anyone else gets in line behind them as unsecured creditors. Trying to bump unsecured creditors ahead of the banks and taxman tends to come with incredibly long prison stays - "Do Not Pass Go, Do Not Collect 200 BTC"....
But I do think there is definitely a place for more stable and trustworthy exchanges that are attractive to investors who are more familiar with legacy finance (including institutional investors). Without access to customer funds to generate returns, it'll be a challenge to make the financials work.
Posted Using LeoFinance Beta
These are very good questions.
I think further research into bankruptcy laws in the intended domicile country would be needed, but I see your point, and it would require a legislative move approving these standards by each countries legislative body, and a plain language exception. If necessary, exchanges may need to incorporate a second entity just for custody, with little or no liabilities to custody customer assets.
The bank is a good question. Due to widespread acceptance of fractional banking we would normally expect some use of the deposited funds by banks. But there are two options. One is a contractually agreement to share revenues as well as provide safety for deposits. In this manner no additional costs are incurred. Another option is leasing banking as a service from a bank, and funds would be safe. These are good things to consider.
Posted Using LeoFinance Beta
Another thought is that using a bank does introduce 3rd party risk, so using the banking as a service model eliminates the 3rd party but introduces the risk of the exchange holding fiat/cash.
Posted Using LeoFinance Beta
Sadly, and having worked in a closely related business a few years ago, I have far less trust in legacy banks than even the dodgiest of crypto exchanges ! The only difference is that banks have had time to build up the kind of influence which makes governments bail them out when it all goes wrong ;)
That's why I reckon the safest solution is to use the "not your keys, not your crypto" maxim, and let the customers effectively have custody of their own funds. At that point, the exchange becomes just that - a place where they can inject their fiat, crypto or whatever, and exchange it to turn it into what they want.
Posted Using LeoFinance Beta
I think that is a very safe practice, and it is one which I follow, putting all my money to work as soon as possible.
Posted Using LeoFinance Beta
This is another gem. I enjoy your insight and your metaphors. I look at what your articles earn and I can't help but think you could write for many mainstream media outlets and do better then their current staff. I think the community is so lucky to have you.
Posted Using LeoFinance Beta
You are very kind, and I am glad you enjoy my writing. That would be my dream job: writing on cryptocurrency for a major newspaper.
Posted Using LeoFinance Beta