BitShares Forum

Main => General Discussion => Topic started by: teenagecheese on January 09, 2015, 07:33:20 pm

Title: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: teenagecheese on January 09, 2015, 07:33:20 pm
I've heard a lot of talk about how Bitshares is a decentralized exchange, which it is in one form, but this made me wonder. Could it be made to work like a real exchange where you can send your actual cryptocurrency, not an IOU, and exchange it for another? You could have IOU's working within the client and backed by Bitshares somehow, but from a user experience point of view it would just be like using BTER or Cryptsy or whatever.

Yes, I realize this is probably technically very difficult. But, if you did this obviously that would bring HUGE adoption. Nobody likes trusting the current centralized exchanges.

I suppose the most difficult part would be getting around the need for the user's client to have multiple blockchains. Maybe this could be solved in the same way the BTS lightweight client is? Curious to hear devs' thoughts.

Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: matt608 on January 09, 2015, 07:42:18 pm
BitShares is an actual decentralised exchange.  On centralised exchanges when you deposit a cryptocurrency you no longer control the private keys which means what you are seeing is an IOU.  It's not a metaphor, it really is an IOU, they just don't call it an IOU because it being held on the exchange makes it implicit that they owe you that amount.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: onceuponatime on January 09, 2015, 07:46:51 pm
I've heard a lot of talk about how Bitshares is a decentralized exchange, which it is in one form, but this made me wonder. Could it be made to work like a real exchange where you can send your actual cryptocurrency, not an IOU, and exchange it for another? You could have IOU's working within the client and backed by Bitshares somehow, but from a user experience point of view it would just be like using BTER or Cryptsy or whatever.

Yes, I realize this is probably technically very difficult. But, if you did this obviously that would bring HUGE adoption. Nobody likes trusting the current centralized exchanges.

I suppose the most difficult part would be getting around the need for the user's client to have multiple blockchains. Maybe this could be solved in the same way the BTS lightweight client is? Curious here to here devs thoughts.

https://bitsharestalk.org/index.php?topic=12317.0
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: Riverhead on January 09, 2015, 07:49:50 pm
What most people use an exchange for isn't actually an exchange. They are value traders and speculators. Trading in derivatives accomplishes the same thing in pretty much the same way except it takes advantage of the fungible nature of currency.

Traditional Exchange:
- Send them your your money, trade on their site.
- If they get hacked, shutdown, run away, you've lost your money.

BitShares Exchange:
- Send the tradition exchange your money, buy bitAsset and send it back to your wallet.
- If the traditional exchange is hacked, shutdown, etc. they lose (or steal) that money, but not your money. You can still sell your bitAssets at another exchange because your bitAsset isn't tied to their wallets.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: teenagecheese on January 09, 2015, 09:08:32 pm
I feel like not everyone is understanding me. Regardless of the technical definition of an actual exchange, what I meant was:

I want to be able to just send my bitcoin or dogecoin or whatever directly to my bitshares client and then use it to buy bitusd or maybe bts (and also the reverse, bitusd or bitshares to btc or dogecoin) without having to do any extra steps. It needs to be that convenient. Anything can happen in the background, I don't care, but I don't want to have to interact with a traditional exchange or gateway at all unless I am converting to or from actual fiat.

I think onceuponatime's link is sort of getting at what I'm saying, not totally sure. If so that's awesome.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: Riverhead on January 09, 2015, 09:33:34 pm

I get where you're coming from now. You want the bitUSD/BTC market in the BitShares client to trade actual BTC on the BTC blockchain for bitUSD on the BitShares blockchain.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: fluxer555 on January 09, 2015, 09:38:17 pm
I think the problem is that bitcoin private keys need to be owned by real people, and cannot exist trustlessly on the bitshares blockchain. Please tell me if that is incorrect.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: Riverhead on January 09, 2015, 09:45:15 pm
I think the problem is that bitcoin private keys need to be owned by real people, and cannot exist trustlessly on the bitshares blockchain. Please tell me if that is incorrect.

This may be were Toast's graph edge  theory comes into play. Something about having encrypted information only visible between two transactions. So the private key can be stored on the BitShares blockchain and pass to the other party once the order fills while still being private to everyone else. It can then execute a sweep on the key to the receiver's public BTC address via the BTC blockchain.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: onceuponatime on January 09, 2015, 09:51:21 pm
I feel like not everyone is understanding me. Regardless of the technical definition of an actual exchange, what I meant was:

I want to be able to just send my bitcoin or dogecoin or whatever directly to my bitshares client and then use it to buy bitusd or maybe bts (and also the reverse, bitusd or bitshares to btc or dogecoin) without having to do any extra steps. It needs to be that convenient. Anything can happen in the background, I don't care, but I don't want to have to interact with a traditional exchange or gateway at all unless I am converting to or from actual fiat.

I think onceuponatime's link is sort of getting at what I'm saying, not totally sure. If so that's awesome.

Did you read today's update? I think it is close enough to what you are wishing for. Here it is:

https://bitsharestalk.org/index.php?topic=12317.15

Ok, made some good progress this week:

Set up another machine in order to test this process more correctly.
Tested sending BTC to the daemon address and correctly got BTS back out again.

Still working on the opposite way around, having some slight issues when the sender is not a registered bitshares account.

All in all, this is close to being the first releasable version! Once this outstanding bug is fixed and I can get some more testing done it will be ready to go!

Have a great weekend!

Cheers, Paul.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: teenagecheese on January 09, 2015, 10:59:10 pm
I think the problem is that bitcoin private keys need to be owned by real people, and cannot exist trustlessly on the bitshares blockchain. Please tell me if that is incorrect.

This may be were Toast's graph edge  theory comes into play. Something about having encrypted information only visible between two transactions. So the private key can be stored on the BitShares blockchain and pass to the other party once the order fills while still being private to everyone else. It can then execute a sweep on the key to the receiver's public BTC address via the BTC blockchain.

Yes, this is what I was talking about. I share the same kind of concerns about the technical/trust issues, but it would be so great if people who know more than I about this stuff could figure it out. Very interesting conversation I think.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: teenagecheese on January 09, 2015, 11:04:49 pm
I feel like not everyone is understanding me. Regardless of the technical definition of an actual exchange, what I meant was:

I want to be able to just send my bitcoin or dogecoin or whatever directly to my bitshares client and then use it to buy bitusd or maybe bts (and also the reverse, bitusd or bitshares to btc or dogecoin) without having to do any extra steps. It needs to be that convenient. Anything can happen in the background, I don't care, but I don't want to have to interact with a traditional exchange or gateway at all unless I am converting to or from actual fiat.

I think onceuponatime's link is sort of getting at what I'm saying, not totally sure. If so that's awesome.

Did you read today's update? I think it is close enough to what you are wishing for. Here it is:

https://bitsharestalk.org/index.php?topic=12317.15

Ok, made some good progress this week:

Set up another machine in order to test this process more correctly.
Tested sending BTC to the daemon address and correctly got BTS back out again.

Still working on the opposite way around, having some slight issues when the sender is not a registered bitshares account.

All in all, this is close to being the first releasable version! Once this outstanding bug is fixed and I can get some more testing done it will be ready to go!

Have a great weekend!

Cheers, Paul.

Onceuponatime, thanks. I've read it now. I think this is only sort of what I am talking about, still not as convenient. It doesn't sound like it would act as a traditional exchange from the user point of view, i.e., this wouldn't allow me to trade for btc within the bts client and then withdraw actual btc, directly from the bts client, whenever I wanted.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: fluxer555 on January 10, 2015, 01:17:45 am
This may be were Toast's graph edge  theory comes into play. Something about having encrypted information only visible between two transactions. So the private key can be stored on the BitShares blockchain and pass to the other party once the order fills while still being private to everyone else. It can then execute a sweep on the key to the receiver's public BTC address via the BTC blockchain.

The problem with this is that for a short period of time two individuals have access to the private key.

Is there any way the bitshares blockchain can:
1. Randomly generate a public key / private key pair
2. The private key is encrypted, and known by no-one besides the blockchain
3. An event triggers the blockchain to decrypt the private key to a specific user

My intuition says this is not possible... but I'm not sure.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: arhag on January 10, 2015, 03:00:20 am
Is there any way the bitshares blockchain can:
1. Randomly generate a public key / private key pair

Yes.

2. The private key is encrypted, and known by no-one besides the blockchain

No.

That's the problem. The very nature of the blockchain means that all of the transactions on it are publicly known and the database state they modify can be deterministically computed by anyone.

To actually trade BTC (or any other cryptocurrency other than the ones existing on the blockchain in which the exchange is implemented on) with other cryptoassets, the exchange would need to be able to control that BTC. Meaning it needs to be able to create signatures on arbitrary hashes using the private key corresponding to the BTC address. Now I believe there is a way using threshold signatures that is compatible with ECDSA to do this while distributing the trust to many parties. For example, one could transfer the BTC to an address that can be only be compromised by collusion of at least 51 of the 101 delegates but still allow transactions to be signed if approved by all 101 delegates. (In practice I would probably make this 46-of-101 because I don't want to require all 101 active delegates to participate. With the t <= (n+1)/2 requirement (https://freedom-to-tinker.com/blog/stevenag/threshold-signatures-and-bitcoin-wallet-security-a-menu-of-options/), t=46 gives t'=91, which means at least 90% of the delegates need to participate in the interactive signature process. This relaxation also helps with the transition process as the set of active delegates gradually changes.) While this is an improvement in decentralization of trust, it is not trust-free like a typical blockchain is. You cannot switch over to a fork of a blockchain and have the ownership properties of that BTC change with it. Also, as the active delegates change, the old delegates are still the ones who control the BTC given to them. You would need to provide economic incentives for them to keep moving the BTC to the updated set of 101 active delegates in a timely manner.

In short, it is not doable in a truly trust-free way. Instead, forget about actually trading BTC. What you care about is trading the value of BTC, and that is what BitBTC is about. Then use gateways that spread the trust of the BTC reserves using multisig to withdraw and deposit your BTC in exchange for GATEBTC.

Edit: Although I have to say, the idea of using the 101 delegates and threshold signatures to implement a BitShares standard gateway for ECDSA-compatible cryptocoins (basically Bitcoin and probably all other altcoins) is a compelling idea. Since it is placing trust in the same entities that are already trusted (via economic incentives) to behave, it gives that gateway a little more legitimacy than any other.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: fluxer555 on January 10, 2015, 04:12:46 am
Although I have to say, the idea of using the 101 delegates and threshold signatures to implement a BitShares standard gateway for ECDSA-compatible cryptocoins (basically Bitcoin and probably all other altcoins) is a compelling idea. Since it is placing trust in the same entities that are already trusted (via economic incentives) to behave, it gives that gateway a little more legitimacy than any other.

Arhag, I feel that you outlined an outstanding way we could actually trade real bitcoin with much, much less centralization than a traditional exchange, and then immediately said it was not doable. I think the BitShares Standard Gateway is brilliant, and we should look into this further.

Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: arhag on January 10, 2015, 04:19:47 am
Although I have to say, the idea of using the 101 delegates and threshold signatures to implement a BitShares standard gateway for ECDSA-compatible cryptocoins (basically Bitcoin and probably all other altcoins) is a compelling idea. Since it is placing trust in the same entities that are already trusted (via economic incentives) to behave, it gives that gateway a little more legitimacy than any other.

Arhag, I feel that you outlined an outstanding way we could actually trade real bitcoin with much, much less centralization than a traditional exchange, and then immediately said it was not doable. I think the BitShares Standard Gateway is brilliant, and we should look into this further.

Okay, I edited it to say "not doable in a truly trust-free way". We are still trusting that 46 of the 101 delegates don't collude to steal ALL of the reserves, but perhaps this is low enough trust that it is fair to call it "decentralized". Also, the economic incentives to behave are probably stronger than any other cryptogateway because they would also lose their well-paid delegate job.

It is an idea worth considering. Not sure if it is worth actually implementing or not. But even if it was done, this would still be a way to have a decentralized crypto gateway. The actually decentralized trading should be between the BitAssets in my opinion. The less time you have the GATEBTC held in order books (to just quickly move between BitBTC and GATEBTC), the less BTC reserves will accumulate that can be compromised by 46 of the active delegates.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: toast on January 10, 2015, 04:26:40 am
Actually I think there is some "moon math" crypto where you can obfuscate arbitrary circuits which lets you generate public secret private keys. Vitalik wrote about this I think.

Pretty much all other decentralized fiat exchanges look the same and use basic escrow + risk management (reputation or bonded escrow)

Sent from my SCH-I535 using Tapatalk

Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: arhag on January 10, 2015, 04:44:57 am
Actually I think there is some "moon math" crypto where you can obfuscate arbitrary circuits which lets you generate public secret private keys. Vitalik wrote about this I think.

I guess you are talking about this https://blog.ethereum.org/2014/12/26/secret-sharing-daos-crypto-2-0/ ?

It's a good read. Not sure how practical it will all be.

Edit:
Also huge caveat on this (from the blog post):
Quote
If 51% of the maintainers of a secret sharing DAO at some particular time decide to collude, then they can uncover any of the data that is under their supervision. Furthermore, this power has no statute of limitations: if a set of entities who formed over half of the maintaining set of a secret sharing DAO at some point many years ago collude, then even then the group would be able to unearth the information from that point in time.

Basically, Nothing-at-Stake actually becomes an issue here because you cannot guarantee the economic incentives will last to prevent past maintainers from uncovering your "public secrets". This is not a problem as long as these secrets expire in a reasonable amount of time. Meaning you can expect that private key to be discovered but it doesn't matter because the BTC balances would have long since been moved to another address. On the other hand if that secret is the decryption key for some encrypted data stored in the cloud that stores some reputation-ruining information about you... not sure if I would trust this thing with that.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: fluxer555 on January 10, 2015, 05:26:37 am
That article is way over my head. How difficult would it be to implement this in BitShares? It seems that with out delegate structure, we're in a perfect position to do address these nothing-at-stake issues. This is huge!
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: toast on January 10, 2015, 06:21:20 am
No, a different article

Sent from my SCH-I535 using Tapatalk

Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: toast on January 10, 2015, 06:30:18 am
http://bitcoinmagazine.com/10055/cryptographic-code-obfuscation-decentralized-autonomous-organizations-huge-leap-forward/
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: arhag on January 10, 2015, 07:51:46 am
http://bitcoinmagazine.com/10055/cryptographic-code-obfuscation-decentralized-autonomous-organizations-huge-leap-forward/

That was interesting. But as far as I understood, that wouldn't actually satisfy the property that no one knows what is the secret stored in the obfuscated program. In order to create the obfuscated program that can sign arbitrary Bitcoin transactions (which the blockchain could use to implement decentralized gateways for example), someone would have to first construct the non-obfuscated program then obfuscate it. The entity trusted to construct the non-obfuscated program would also have to be trusted to generate the random private key. So this same entity could, for example, steal all the reserves held at that address at any time.

Let's say this program was instead supposed to generate the private key itself. Well it would need sources of entropy to do this. The person who constructed the program would know how the program uses the entropy given to it to construct the private key, so if they had access to the entropy input (which they should since it is all on a public transparent blockchain) they can reconstruct the private key.

Am I misunderstanding?
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: jsidhu on January 10, 2015, 08:38:31 am
I've heard a lot of talk about how Bitshares is a decentralized exchange, which it is in one form, but this made me wonder. Could it be made to work like a real exchange where you can send your actual cryptocurrency, not an IOU, and exchange it for another? You could have IOU's working within the client and backed by Bitshares somehow, but from a user experience point of view it would just be like using BTER or Cryptsy or whatever.

Yes, I realize this is probably technically very difficult. But, if you did this obviously that would bring HUGE adoption. Nobody likes trusting the current centralized exchanges.

I suppose the most difficult part would be getting around the need for the user's client to have multiple blockchains. Maybe this could be solved in the same way the BTS lightweight client is? Curious here to here devs thoughts.
U can transfer btc yes then exchange for whatever.. I think you can import btc priv keys
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: fluxer555 on January 10, 2015, 05:45:07 pm
Toast, the article arhag posted first references the article you posted:

Quote
Essentially, one can think of SMPC as offering a set of tools roughly similar to that which it has been theorized would be offered by cryptographically secure code obfuscation (http://bitcoinmagazine.com/10055/cryptographic-code-obfuscation-decentralized-autonomous-organizations-huge-leap-forward/), except with one key difference: it actually works on human-practical time scales.

Arhag, you said that the article toast posted would not be able to satisfy the property that no one knows what is the secret stored in the obfuscated program. How is SMPC different in this regard? How would the system work in the context of a decentralized bitcoin exchange?
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: arhag on January 11, 2015, 02:19:15 am
Arhag, you said that the article toast posted would not be able to satisfy the property that no one knows what is the secret stored in the obfuscated program. How is SMPC different in this regard? How would the system work in the context of a decentralized bitcoin exchange?

Well, first I have to say that my knowledge in this field is limited, so what I say could be inaccurate.

From what I understood, the code obfuscation method requires there to be at least one person who at some point in time knew the obfuscated secret because someone had to make the program in the first place before obfuscating it.

In the case of secure multi-party computation (http://en.wikipedia.org/wiki/Secure_multi-party_computation) (SMPC), you have N secrets (d_1, d_2, ..., d_N) each of which is only known to a respective participant (p_1, p_2, ..., p_N). There is also some general public function F(d_1, d_2, ..., d_N) that is a function of the N secrets. SMPC allows the N participants to work together to compute F(d_1, d_2, ..., d_N) without needing to reveal their secret with any of the other participants nor revealing any additional information about their secret that isn't naturally leaked by the result of the function.

This could be useful in the context of a decentralized bitcoin gateway in the sense that you could in theory construct a function F that takes the N secrets, combines them together to make the seed that generates a private key, and uses that private key to sign some hash embedded publicly in the function. This is a private key that no one individual knows. However, if the N participants colluded together by sharing their individual secrets, they could derive the private key. Furthermore, even if none of the participants reveal their individual secrets, they can still always collude together to sign any arbitrary hash they want. So the security of the funds protected by the private key depends on these participants not colluding together to do things they are trusted to not do.

Anyway, I don't think the above example is the practical way of even implementing the decentralized bitcoin gateway. I believe threshold signatures (like the example given in my original post) would be much faster. The problem with threshold signatures compatible with ECDSA (and thus compatible with bitcoin) is that there is a limitation on their use. If you require at least t' participants of the total n participants to have to work together to be able to sign transactions, then any t = (t' + 1)/2 participants of the total n participants can collude together to reconstruct the private key to allow them to sign any transaction. Still, that may be good enough security. If we weren't limited to only ECDSA and could use Schnorr signatures instead, then we could use threshold signatures without this annoying limitation. I should mention there was some talk about potentially adding those signatures to Bitcoin, and Gavin is a fan (http://www.reddit.com/r/Bitcoin/comments/2jw5pm/im_gavin_andresen_chief_scientist_at_the_bitcoin/clfp3xj), but who knows if it will ever actually happen.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: starspirit on February 18, 2015, 10:15:24 am
Just trying to clarify some of the ideas in this and related threads. Is the ultimate model for a decentralised exchange to:

1) have one or more gateways between real fiat/crypto and crypto-derivatives (bitAssets), and
2) trade the crypto-derivatives on a truly decentralised exchange (i.e. BitShares), and
3) expand bitAsset trading to include major cryptos and crypto-pairs to provide similar diversity to centralised exchanges

The benefits of this are:

1) transaction speeds are higher than trading the real cryptos in any sort of decentralised fashion
2) counterparty risk is limited to conversions made at the gateway (and can be reduced through better control processes such as multi-sig)

The disadvantage the market may perceive is that bitAssets are backed by volatile BTS tokens rather than real fiat/crypto reserves, although the counterargument is that there is over-collateralisation to compensate for the volatility and the reserves are un-hackable.

Am I seeing this correctly?
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: julian1 on February 18, 2015, 10:40:58 am

The disadvantage the market may perceive is that bitAssets are backed by volatile BTS tokens rather than real fiat/crypto reserves, although the counterargument is that there is over-collateralisation to compensate for the volatility and the reserves are un-hackable.

I fear that someone will create a stable MPA using feeds, while locking up Bitcoin as the collateral on the ethereum chain. And they'll successfully win over the bitcoin crowd because they'll claim it's bitcoin based.

I was wondering about the possibility of a MPA like BitUSD except collaterialized by an IOU such as GATEBTC (with delegate multisig signing or otherwise). I believe the Bitshares code-base is heavily based around BTS though.
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: betax on February 21, 2015, 07:23:23 am
If it is an issue to hide the private key, why not collaborate with Bitcoin. Our delegates can check an account signed with a message to deliver bitBTC and lock those funds. To release those funds miners can check our chain, which for extra security can maybe add more delegates for this type of transaction. Speed should not be an issue here.

Once this is done we can incorporate other chains, litecoin, ethereum...

The key is collaboration (crypto 2.0)
Title: Re: Can Bitshares incorporate an ACTUAL decentralized exchange?
Post by: bitmeat on February 21, 2015, 08:25:26 am
https://blog.ethereum.org/2014/12/26/secret-sharing-daos-crypto-2-0/

I think this can be used to implement decentralized bitcoin deposit. It will be complex and slow, but would effectively implement side-chains without asking the BTC blockchain for approval. In other words - the blockchain could generate deposit address, hold funds in it, and then sign transactions for the cash outs, but then it's up to the recipient to publish them on the BTC network.