Among cryptocurrency’s most prized attributes is the high level of security facilitated by the blockchain when conducting transactions. Through the use of cryptography, a decentralized network can ensure that the ledger upon which all transactions are recorded is effectively tamperproof.
And yet we’re constantly hearing stories of hackers making off with millions of dollars’ worth of crypto at a time. How is this possible, given blockchain’s fortress-like qualities? Well to date, the responsibility for this failure has mostly lay with crypto exchanges.
Indeed, it already seems anachronistic that despite all the talk of security when it comes to crypto and blockchain, exchanges continue to represent a distinct weak link in this space. Well, centralized exchanges do, that is…
Bittrex, Binance, Poloniex and hundreds more exchanges play a crucial role in the crypto world. Between them, they provide venues to purchase virtually every token on the market. They also generate much-needed market liquidity by matching buyers and sellers, they offer stable trading platforms for crypto investors to make money, and they are relatively easy to use.
But it’s also no secret that centralized exchanges are also prime targets for cyberhackers – from the $473 million hack of Mt. Gox which led to its eventual bankruptcy, to the $72 million Bitcoin theft from Bitfinex in August 2016, and most recently to the biggest heist of all – January’s $530 million hack of Japanese exchange Coincheck. Many of the biggest thefts of all time have taken place on centralized cryptocurrency exchanges.
The Problems with Centralized Exchanges
The moment you put your crypto on a centralized exchange, you no longer control it. Even if it is stored in your exchange wallet, the exchange itself remains in control of your holdings, as well as your wallet’s private keys, until you withdraw and send the coins elsewhere (to a personal wallet, for example).
That’s clearly disconcerting to say the least. And to compound matters, the exchange holds all customer funds in just a few addresses. Known as ‘honey pots’, these addresses become prime targets for hackers.
As a Reuters investigation last year found, many cryptocurrency exchanges are “plagued with poor security and lack investor protections common in more regulated financial markets”. Although the SEC recently asserted that exchanges should seek appropriate registration with regulators on the back of such security concerns, it doesn’t seem as though the rate of successful hacks will decelerate any time soon.
And speaking of regulation, given that centralized exchanges are centrally domiciled businesses, this subjects them to the rules of the country in which they are based. So, if the exchange has been operating in China, for instance, the chances are that its very existence as been severely threatened by the country’s crackdown on cryptocurrencies and ICOs that began in earnest last September.
Furthermore, the trading fees that are taken by centralized exchanges can be hefty and are not necessarily transparent in how they are calculated. Such fees are indicative of the costs centralized exchanges have to bear, such as the costs of maintaining the infrastructure required to securely manage user funds.
With such concerns in mind, the need for an alternative system of exchange has become a priority for crypto users, authorities, and in many cases, the exchanges themselves.
Decentralized Exchanges as a Viable Option
A decentralized exchange (DEX) primarily differs from a centralized exchange by not having a centralized third party to take custody of user funds or to settle trades and disputes. Instead, DEXs enable peer-to-peer transactions on a blockchain, which in turn means that users can retain control of their crypto and private keys at all times.
DEXs are governed openly by their users, as opposed to one single authority, which allows them to operate in a trustless and significantly more secure environment than their centralized siblings. With funds not being kept in one centralized place, the likelihood of large-scale hacks is therefore greatly reduced.
To date, most DEXs have been built on the Ethereum blockchain, and are therefore able to support the exchange of ETH and ERC-20 tokens. Using smart contracts, transactions between network peers are executed using the private keys of the participants.
Thus far, the process to trade on existing DEXs has been fairly similar across the board:
- Create your own wallet and accompanying private keys
- Use a bridge such as Metamask, MyEtherWallet, or a hardware wallet to enable safe transfer of tokens between the DEX and your wallet.
- Link your wallet address to the exchange via the bridge facility.
- Send your coins to the DEX’s smart contract and begin trading
Popular Decentralized Exchanges
- Etherdelta– one of the first and best-known DEXs. It operates using Ethereum-based smart contracts, into and out of which you can move your funds without the need for third-party interference. The code for these contracts can found on Etherscan.
- Idex– a product of the Aurora DAO, Idex is the most traded DEX at present, and is a significant improvement over Etherdelta. Whilst also allowing the trading of ERC-20 and ETH tokens, Idex has a significantly more user-friendly interface. It also has an active team that seemingly make consistent upgrades to the exchange, while the recent introduction of the AURA token allows market makers to be suitably rewarded.
- Bisq (formerly Bitsquare)– this open-source DEX has a few key features. It can be downloaded on Windows, Mac and Linux and used for trading, it enables trading with fiat currencies in addition to cryptocurrencies, and allows for virtually full anonymity by using the Tor network and requiring identity/email verification. Bisq supports over 100 altcoins at present.
- Radar Relay– Another DEX for ETH and ERC-20 tokens, Radar Relay is built using the 0x protocol, which uses smart contracts to complete orders on the Ethereum blockchain. You can trade tokens on Radar Relay without having to disclose your personal information, and unlike Etherdelta or Idex, no lockup period or fees for deposits and withdrawals are required to use the exchange.
Many more DEXs exist, and can be identified on a comprehensive list that is being updated on GitHub, along with their respective protocols.
Advantages of Using Decentralized Exchanges
- Security– given that you retain control of your funds in your personal wallet, a DEX will not require you to place your trust in the hands of the exchange/third party. And like blockchain, there is no single point of failure, making it much more difficult to hack than a centralized exchange. Moreover, the peer-to-peer nature of DEXs eliminate counterparty risk associated with a centralized exchange, which could engage in market manipulation (such as front-running the order book) and also tamper with clients’ funds.
- Privacy/Anonymity– There is no need to register with the exchange or provide any personal information. With stricter KYC/AML laws now being enforced, it is becoming more difficult to trade anonymously on centralized exchanges.
- Regulation– Decentralization removes the central domicile of business for the exchange, which means that it is not at the mercy of any one country’s regulatory policy. As such a DEX can operate securely without the threat of restrictive oversight coming into play.
- Cost– Removing the need for a centralized third-party greatly reduces the costs associated with managing users’ funds, which ultimately leads to reduced trading fees for DEXs.
- Hardware wallet integration– Many DEXs seamlessly integrate with hardware wallets such as Ledger and Trezor. Users can directly send their coins from their hardware wallets to the DEX’s smart contract. This is not possible with centralized exchanges, where transfers from hardware wallets require you to manually enter your private keys, and thus potentially expose you to phishing and keylogging attacks.
Such benefits could ultimately mean that DEXs become the preferred venue for trading digital assets, especially if there is no end in sight to the cyber-attacks being carried out on centralized exchanges.
At this stage, however, DEXs have their own challenges to overcome. In our next piece on this topic, we outline a few of those challenges, and some of the potential solutions currently being proposed.