If 2017 has taught us anything in the cryptosphere it's that safety is priority. The high number of hacks throughout the year and the millions of dollars’ worth of stolen securities sent a clear message: centralisation of cryptocurrency exchanges needs to be rethought.
Centralized Exchange Vs Decentralized Exchange
All these compromised exchanges - Bitstamp, Bitfinex, Youbit, Bithtumb - are centralized. When an exchange is centralized, it takes two forms: the control of assets and the management of the system. A centralised exchange acts much like a bank, they control your assets holding your cryptocurrency in their wallets which requires trust while reliance is needed that the exchange has robust security protecting your assets from risks. With asset control, trading functions much like other trusted institutions such as banks. When you use a centralized exchange, you agree to let the exchange keep your funds for you until you want to withdraw your assets. Crypto exchanges often hold client funds in a hot wallet (online) and in a cold wallet (offline).
The other form of centralization refers to how an exchange stores its data and the infrastructure it uses to support its business. Larger exchanges need to outsource server space, often to cloud services, to accommodate website traffic, and this usually means that hosting of servers and potentially access to them are allocated to a single source.
Let’s break this down. If a hacker wants to target a centralized exchange, there are a number of ways this could happen. The hacker could go through a main entrance, usually a third-party hosting provider, they could do some social engineering to influence the owners of the important keys or the hacker could find a vulnerability somewhere in the codebase and exploit it. Once entered, the hacker could have access to all the wallets and their private keys- this has happened many times in the past.
That's why we need decentralized exchanges. They remove those elements of risk and trust and replace them with an open source blockchain which can perform all the functions of an exchange. Decentralized Exchanges (DEX) offer a number of security advantages.
1 No centralised control over infrastructure
Unlike their centralized counterparts, DEXs are not controlled by a single entity. There is no centralised server maintaining a list of customer accounts, logins, balances and so on, only a decentralised number of nodes all participating in the network which all host the blockchain and relay trades and information through the blockchain as ‘transactions’. As it stands, most decentralized exchanges are built on the Ethereum blockchain however the longest running, most liquid and well featured DEX is the Bitshares DEX. For most blockchains, this means that an attacker would have to compromise a majority of the nodes that support an exchange to control it, a feat virtually impossible these days.
2 Funds controlled by the user
Since there is not a single entity that has a DEX, there is no central hub that controls users' funds. Decentralized exchanges are trustless, which means that users always have control of their assets and remain in control of the private keys to those assets at all times, there is no need to delegate control of those keys to a third party in order to trade.
To do this, DEXs often trade currencies created on top of that blockchain between peers in the network, so for example someone trading on the Bitshares DEX would ultimately be trading various Bitshares assets on the Bitshares blockchain, the same is true of the Ethereum blockchain. As part of a centralized system, you give control of your funds to a wallet with private keys that are not within your control. If a hacker gets hold of these keys, your funds may be stolen. With a decentralized system, you always have control of your own private keys and, as long as you do not disclose them to a malicious third party, your assets are safe.
3 Compatibility with hardware wallets
This is perhaps the biggest advantage a DEX can offer. Some decentralized exchanges, such as Ether Delta, can synchronize your assets with hardware portfolios such as Ledger Nano S or Trezor. In addition to cold storage, hardware wallets are the safest options for storing and managing personal funds, as they are impervious to malware that can compromise online wallet. Using a DEX-compatible wallet, you can plug in your Ledger or Trezor and send funds directly into the platform's smart contracts. This is preferable to manually managing multiple wallets and sending funds to the Ethereum smart contract by online wallets, as online wallets are more susceptible to phishing and keylogging attacks.
4. Global, Fast, 24/7, Efficient
A decentralized exchange is global service without borders that is available to any member of the free internet. Nodes running at every corner of the globe at all times of the day ensure transactions and settlement within seconds. With no need for a brick and mortar institutions, the cost of transactions can be 10x, 100x or even 1000x less than what they are with other centralised exchanges.
5 Anonymous Accounts
In the traditional system we give out our identity, credit card information and even our passwords and keys to everyone we do business with. However now this is beginning to no longer be necessary for cryptocurrency trading, as everyone can keep their information, identity and keys secure while proving that they have the right credentials.
6. Exchange In-A-Box
DEX’s like the Bitshares DEX have had a downloadable client in operation of over 3 years. This means you need not visit a website within your browser but you can just download a software application and run it on your computer as long as you are connected to the internet. This is particularly useful for jurisdictions with high amounts of censorship, or for users who wish to keep their access as local and secure as possible. The downloadable Bitshares client has all the same features as a visiting a DEX on a website and is available for Windows, Mac OSX and various flavours of Linux.
7. Solving the Fiat problem
While most DEX’s are crypto only, to acquire crypto one often still needs to seek out a centralised source you can send a bank transfer to in order to exchange crypto. This means inevitable centralisation, KYC and potential for your bank account to be shut down. However DEX’s like Bisq have solved this by essentially creating a private marketplace with escrow for people to exchange fiat and crypto. A buyer with fiat is connected with a seller with crypto at a market exchange rate. The seller holds the crypto within Bisq which is locked until the seller approves they have received the fiat from the buyers bank account. Both parties must approve a transaction for it to be a success. If there is a dispute where the buyer did not make the transaction or the seller says it was not received then the transaction goes to another chosen arbitrator who was trusted by both parties to the transaction to begin with and can resolve disputes in the favour of one side or the other. Once a resolution is reached, the funds are released to the other party on Bisq.