The killer problem with this idea is DDOS. This is a major problem for real exchanges and actually gets worse for exchanges thinking of decentralising to bitshares transparently.
Fees are the issue. Creating/changing an order has an associated cost. Exchanges are forced to swallow this cost, or attempt to offset it by charging more for fills, but this does not mitigate the DDOS problem.
A motivated attacker can easily game this system by creating/modifying orders using a bot over and over until it triggers whatever mechanism the exchange has to prevent it. If the attacker uses enough accounts to mount this attack it becomes very difficult to repel, and will effectively DDOS the entire exchange.
Regarding DDOS, By charging order creation fee (without refund when cancelled) during the DDOS, you can effectively prevent the attack. In centralized exchanges, users sometimes cannot use the service due to DDOS. DEX has better option. They choose not to use the service to avoid additional fees, or choose to use the service with small amount of fees.
Regarding DDOS, By charging order creation fee (without refund when cancelled) during the DDOS, you can effectively prevent the attack. In centralized exchanges, users sometimes cannot use the service due to DDOS. DEX has better option. They choose not to use the service to avoid additional fees, or choose to use the service with small amount of fees.
All that happens then is users are forced to move away from this exchange to another one which doesn't charge them fees (for creation/change); therein the DDOS attack succeeds. Motivation for the attack in this case is clear: competitors.
I am not sure that users really care about the temporal fee of 1 BTS per creating order during DDOS.
If you want to be more active, you can charge much more fees during DDOS (say, 10 BTS by adjusting CER), collect BTS from the attacker, and payback to normal users for their fees paid during the DDOS. Isn't it a good idea?
Well other chains might have other methods to deal with this problem.
But in BTS, specifically, what if witnesses detected the spamming and simply didn't include those transactions on the blocks? I mean, this would be a very serious action, they would need to be sure but... Or why not make fees escalate if they're done within X blocks? That makes sense? If number of tx > X and the transaction IDs are all within [w, z] blocks, they scale up.
If it passes that defined threshold then fees go up OR transactions get delayed and spread throughout the next X number of blocks as a mean to distribute it evenly
Well other chains might have other methods to deal with this problem.
But in BTS, specifically, what if witnesses detected the spamming and simply didn't include those transactions on the blocks? I mean, this would be a very serious action, they would need to be sure but... Or why not make fees escalate if they're done within X blocks? That makes sense? If number of tx > X and the transaction IDs are all within [w, z] blocks, they scale up.
If it passes that defined threshold then fees go up OR transactions get delayed and spread throughout the next X number of blocks as a mean to distribute it evenly
Then you give attackers a chance to DDOS the entire chain by raising fees so high as to make transactions financially unviable to send. Shorting the coin at the same time would make this profitable, potentially.
I am not sure that users really care about the temporal fee of 1 BTS per creating order during DDOS.
If you want to be more active, you can charge much more fees during DDOS (say, 10 BTS by adjusting CER), collect BTS from the attacker, and payback to normal users for their fees paid during the DDOS. Isn't it a good idea?
No, I don't think it is. Charging users to place or modify orders will cause them to seek another exchange which doesn't charge them. Trading bots execute thousands of such actions per day in the busiest exchanges.
No. I'm talking per account. If an account does what I mentioned above, that account's fees scale or get delayed.
How can you prevent DDos without charging any costs on them in DEX? It's impossible unless you verify users' identity.
What about refunding accounts their order creation fees at the end of the week/month?
If the account is involved in DDOS it will be red-flagged and those fees won't be re-imbursed.
No. I'm talking per account. If an account does what I mentioned above, that account's fees scale or get delayed.
And so the attacker moves accounts and continues his attack?
What about refunding accounts their order creation fees at the end of the week/month?
If the account is involved in DDOS it will be red-flagged and those fees won't be re-imbursed.
Why would any user accept this compromise when they could switch to a competing exchange which didn't charge them? Opportunity cost.
How can you prevent DDos without charging any costs on them in DEX? It's impossible unless you verify users' identity.
PoW is the only way this makes sense, I think.
Why is this conversation taking place? At the current price, a 1 BTS order placement fee would cost an active bot about $3 per 1,000 cancelled trades. Are you seriously saying that someone operating such a bot would be looking to avoid $3 in fees? So now we have to remove the order placement fee, which in turn exposes us to DDOS, and now the answer is switch to PoW?
How can you prevent DDos without charging any costs on them in DEX? It's impossible unless you verify users' identity.
PoW is the only way this makes sense, I think.
Why is this conversation taking place? At the current price, a 1 BTS order placement fee would cost an active bot about $3 per 1,000 cancelled trades. Are you seriously saying that someone operating such a bot would be looking to avoid $3 in fees? So now we have to remove the order placement fee, which in turn exposes us to DDOS, and now the answer is switch to PoW?
I'm not saying you should or shouldn't do anything. I'm just illuminating my own thought process as an exchange owner and bitshares user. I think any fees levied onto customers which are not present on a competitors exchange are very relevant.
And can you tell how much users have to pay per transaction to do PoW? (If the cost is linear, bots are less likely to come to the exchange)