If exchanges convert to Bitshares 2.0 they could guarantee theft protection

[monsterer]

I disagree, the premium can be small if they are liquid.  And if the exchange is taking bitAsset and giving you real asset in return, and the bitAsset is at a premium, then the exchange makes money off that transaction.

And if they're buying they make a loss?

Honestly I'm really not sure what the logic was with this aspect of the design; to me it seems ill advised, and a marketing nightmare.

[Ander]

BTC could be held at Circle, Coinbase, Xapo or some other heavily regulated BTC exchange.  All they would have to do is accept bitBTC in exchange for actual BTC which I don't see why they wouldn't because they could immediately exchange for bitUSD on their own exchange.

Unfortunately, that will never be possible since bitAssets always trade at a premium by design.

I disagree, the premium can be small if they are liquid.  And if the exchange is taking bitAsset and giving you real asset in return, and the bitAsset is at a premium, then the exchange makes money off that transaction.

[monsterer]

BTC could be held at Circle, Coinbase, Xapo or some other heavily regulated BTC exchange.  All they would have to do is accept bitBTC in exchange for actual BTC which I don't see why they wouldn't because they could immediately exchange for bitUSD on their own exchange.

Unfortunately, that will never be possible since bitAssets always trade at a premium by design.

[luckybit]

But the OP is basically talking about IOU's being somehow magically safer on bitshares 2.0, when the reality is they will be subject to exactly the same risk profile as on a centralised exchange.

Thinking more about it .. you are right .. in case of BTC-bitBTC gateways .. but not for bitUSD-USD gateways because they hold their FIAT in a regular BANK!

BTC could be held at Circle, Coinbase, Xapo or some other heavily regulated BTC exchange.  All they would have to do is accept bitBTC in exchange for actual BTC which I don't see why they wouldn't because they could immediately exchange for bitUSD on their own exchange.

So for example Coinbase has coinbase USD. They could keep offering coinbase USD or they could offer bitUSD or they could offer a coinbase token on the Bitshares platform itself as a UIA, and then when people buy the coinbase token they can simply send the token to coinbase to get the BTC.

So you could in theory simply buy Coinbase BTC or Coinbase USD on the Bitshares 2 platform itself with Coinbase themselves issuing the UIA. Banks could also issue their own UIA for actual USD on the Bitshares platform so when people want to cash out on the decentralized exchange the trade would be for BitUSD for Santander USD.

So all of this could be done on the decentralized exchange in a decentralized way without much risk. Multisig could be used by Coinbase and by the bank to secure their UIA, and also they have plenty of money to handle that part. The rest would just be a front end on top of Bitshares so for example Crypsy or something similar can convert.

As far as mixing goes, there is no need for that. Confidential transactions would make it so no one knows the amounts you trade for even if they can see all your trades. So this way you're actually safer because you can prove you didn't buy terrorist tokens because your trades are public, but your amounts are private so no one can know what your net worth is.

Total privacy combined with an exchange could bring risks. It also will mean you can't trade actual stocks because there are regulations which have to be followed where you can prove you purchased it. Now of course I could be wrong about the law, or about how it will play out, but I think there is a sort of sweet spot for traders where it's private enough that the world cannot monitor their trades, but transparent enough that regulators and the world can  not worry about violation of bank secrecy or other anti-terrorism or anti-money laundering laws.

Ideal situation is you can trade and no one will know how many shares of Apple stock you just bought. They might see you bought some stock, but who cares if they don't know how much? And if you really don't want them to see that you bought the stock, you might be able to use some alias or purchase indirectly, it will have to be worked out to see what regulators are willing to accept. Perhaps we will be stuck using Identabit.

[luckybit]

But the value of the IOU is held on the gateway, which cannot use mutli-sig for the reasons I outlined?

Sure .. how much the IOU is worth is a different thing .. an exchange can issue IOUs and get robbed (physically) .. then you will see the same thing as with mt.gox .. people trade gox-btc
BUT ... the exchange/gateway does hold only two instruments that can be stolen that result in that:

* FIAT (hard to steal because they are stored in a regular bank and are secured by insurance contracts
* the key that allows issuing of new IOUs ... (that one should really be MULTI-sig and stored very securely .. because that thing can kill your business quickly)

Did I miss something?

Exactly. 

[xeroc]

But the OP is basically talking about IOU's being somehow magically safer on bitshares 2.0, when the reality is they will be subject to exactly the same risk profile as on a centralised exchange.

Thinking more about it .. you are right .. in case of BTC-bitBTC gateways .. but not for bitUSD-USD gateways because they hold their FIAT in a regular BANK!

[monsterer]

BitShares does not do crosschain trading .. it trades derivatives .. hence you can speculate on the price movements without holding the real thing ..
But I agree .. once you want to trade the "real" thing you are exposed to a different set of risks ..

But the OP is basically talking about IOU's being somehow magically safer on bitshares 2.0, when the reality is they will be subject to exactly the same risk profile as on a centralised exchange.

[xeroc]

Yes, you missed all crypto-currencies. Some proportion of which must be kept in the exchange's hot wallet. If the hot wallet is compromised, the IOU becomes basically worthless, so the situation is no different in reality from a centralised exchange default.

BitShares does not do crosschain trading .. it trades derivatives .. hence you can speculate on the price movements without holding the real thing ..
But I agree .. once you want to trade the "real" thing you are exposed to a different set of risks ..

[monsterer]

Sure .. how much the IOU is worth is a different thing .. an exchange can issue IOUs and get robbed (physically) .. then you will see the same thing as with mt.gox .. people trade gox-btc
BUT ... the exchange/gateway does hold only two instruments that can be stolen that result in that:

* FIAT (hard to steal because they are stored in a regular bank and are secured by insurance contracts
* the key that allows issuing of new IOUs ... (that one should really be MULTI-sig and stored very securely .. because that thing can kill your business quickly)

Did I miss something?

Yes, you missed all crypto-currencies. Some proportion of which must be kept in the exchange's hot wallet. If the hot wallet is compromised, the IOU becomes basically worthless, so the situation is no different in reality from a centralised exchange default.

[xeroc]

But the value of the IOU is held on the gateway, which cannot use mutli-sig for the reasons I outlined?

Sure .. how much the IOU is worth is a different thing .. an exchange can issue IOUs and get robbed (physically) .. then you will see the same thing as with mt.gox .. people trade gox-btc
BUT ... the exchange/gateway does hold only two instruments that can be stolen that result in that:

* FIAT (hard to steal because they are stored in a regular bank and are secured by insurance contracts
* the key that allows issuing of new IOUs ... (that one should really be MULTI-sig and stored very securely .. because that thing can kill your business quickly)

Did I miss something?

[monsterer]

In BitShares the IOUs can be sent to the customer directly .. no need to secure tokens for them ..
In practice an UIA and a MPA are both just tokens on the ledger .. and you can set rules to access them (also multi sig)

But the value of the IOU is held on the gateway, which cannot use mutli-sig for the reasons I outlined?

[xeroc]

In BitShares the IOUs can be sent to the customer directly .. no need to secure tokens for them ..
In practice an UIA and a MPA are both just tokens on the ledger .. and you can set rules to access them (also multi sig)

[monsterer]

Actually, I meant it another way .. the exchange is BitShares, the deposit goes into an address under your "control" .. you can only "control" the funds via multi sig .. that includes withdrawals and trades .. and that actually IS possible with BitShares!

But for gateways under bitshares 2.0 who are issuing IOUs while holding the crypto, this can't apply, can it?

[xeroc]

Agreed ... multi sig exchange deposits

I'm pretty sure this is impossible. Consider, under this scheme:

*) In order for an exchange to provide withdraw facility it needs another signature (apart from its own) for the private key's holding the funds
*) Since all users funds are necessarily mixed together on deposit*,  you need signatures of a random set of users who's keys correspond to the collection of outputs being used in any given withdraw request

*) This mixing is essential because users can trade inside the exchange, so you can't tie them to one address/account like you can in an online wallet

Actually, I meant it another way .. the exchange is BitShares, the deposit goes into an address under your "control" .. you can only "control" the funds via multi sig .. that includes withdrawals and trades .. and that actually IS possible with BitShares!

[monsterer]

Agreed ... multi sig exchange deposits

I'm pretty sure this is impossible. Consider, under this scheme:

*) In order for an exchange to provide withdraw facility it needs another signature (apart from its own) for the private key's holding the funds
*) Since all users funds are necessarily mixed together on deposit*,  you need signatures of a random set of users who's keys correspond to the collection of outputs being used in any given withdraw request

*) This mixing is essential because users can trade inside the exchange, so you can't tie them to one address/account like you can in an online wallet

[joele]

I'm waiting for bitshares 2 specially the lending feature, right now I'm using the lending service of poloniex but I don't want to put more fund to it because I don't trust centralize exchanger.

[xeroc]

Agreed ... multi sig exchange deposits

[luckybit]

If you are worried somehow a hacker could steal the IOU tokens, then you could secure it through multisig on Bitshares 2.0. I don't see how an attacker would be able to hack a multisig account in control of the IOU tokens. So the chance of that happening isn't very high, as everyone involved would have to be hacked at the same time.

So even if the exchange controlled the IOU tokens, they could control it through Bitshares 2.0, in a decentralized manner using multi-sig. The only vulnerability I can see would be at the gateway itself, which would basically accept bitBTC for BTC. A smart contract could be programmed to accept bitBTC for BTC automated at the gateway and treat it just like a purchase of BTC.

Ripple could be used, or Ethereum, and I would only see this as necessary when people want to withdraw to actual BTC, when they want to take their BTC off the exchange. So while their BTC is on the exchange they would be safe because it would be bitBTC on Bitshares 2.0, and the risk would happen upon withdraw, but you can minimize it with smart contracts and the trusted entity such as a financial institution or bank to be the gateway.

So the exchange could guarantee that it can't lose your money, but the gateway could not guarantee that. The gateway would have to be regulated but the gateway could be Coinbase or Ripple. If you want to really get fancy, you could probably even sell directly to random people who want to trade BTC for bitBTC using a smart contract, and then give the BTC over to people who want to buy BTC, but that seems unnecessarily complicated, it seems to be how counter party does it.

[luckybit]

How so?
As an attacker .. I can gain access to a server that holds IOUs of the exchange .. I quickly transfer them to me and trade them for bitUSD .. then people that sold their bitUSD to me would end up having a worthless token due to exchange's bankruptcy .. and I hold the bitUSD I traded ..

Can an exchange be so quickly to DETECT an attack AND disable the trading and transfer of their IOUs? In theory .. yes .. but in practice?

The exchange would just be a front end or skin on Bitshares 2.0 so if you could do that attack you would be attacking one of the gateways. The gateways are separate entities from the exchanges which could just be front ends to Bitshares 2.0.

Bytemaster mentioned that you may someday be able to buy bitGold and then send that to a gateway where it becomes real gold. The gateway can be a bank or some heavily regulated trusted entity, but the exchange itself, that could be transformed into just a website or even a plugin of some sort for wordpress.

The IOUs of the exchange wouldn't even have to be on any server, I'm not sure why you would think it couldn't be handled by smart contract. The actual trust is in the gateways and the gateways could just be banks, it would give banks a role.

If you're talking about buying Bitcoins with bitBTC, you would only have to do that when they want to withdraw. Upon the withdraw, it could trade bitBTC for BTC and give them BTC. So there seems to be nothing to steal as the whole process could be automated and decentralized via smart contracts.

[xeroc]

How so?
As an attacker .. I can gain access to a server that holds IOUs of the exchange .. I quickly transfer them to me and trade them for bitUSD .. then people that sold their bitUSD to me would end up having a worthless token due to exchange's bankruptcy .. and I hold the bitUSD I traded ..

Can an exchange be so quickly to DETECT an attack AND disable the trading and transfer of their IOUs? In theory .. yes .. but in practice?

[luckybit]

This would give exchanges an advantage over all exchanges which are centralized and cannot guarantee that. It would seem the era of the centralized exchange might come to an end quickly, at least on the backend.

Shapeshift.io would be able to benefit from Bitshares 2.0 backend. If people use coinbase or some centralized exchange it would offer no practical advantage, if the gateway network for Bitshares works.