While cryptocurrency exchanges have always allowed users to exchange cryptocurrencies against other digital tokens or fiat currencies quickly, history has repeatedly shown that they can be vulnerable to security breaches and hacks.
Furthermore, these companies often introduce the concept of trusting a third party, a philosophy that Bitcoin and most other cryptocurrency communities have actively frowned down upon. To challenge the increasing influence of cryptocurrency exchanges in the industry, a group of independent software developers has developed Bisq, a decentralized exchange (DEX) platform.
DEXs on the Rise
Of late, a few centralized crypto exchanges, including Binance, have also announced the upcoming launch of their decentralized trading platforms. We reached out to the Bisq development team for comment. They replied, “Many projects use the word decentralization in a very ’broad” meaning. If you ask [them] the question “how many doors you have to knock to shut down the service,” you will see quickly that 99 percent of those DEX are not decentralized at all, as there is a company and that’s the single point of failure.”
Unlike popular cryptocurrency exchanges such as Binance and Bitfinex, Bisq is not owned or controlled by any company or entity. This presents a few important advantages to end users, including the aspects of decentralization, privacy, and security. Bisq is also operated in a peer-to-peer manner, which means that trading data is never sent to a third-party for manual verification or storage. Censoring or eradicating Bisq also becomes a much harder task for governments or other disruptive parties as there is no single point of failure.
How it Works
Before a user can begin trading on the Bisq network, they will need to download the accompanying software from the official website. Since trading takes place directly between two users, the exchange cannot be accessed directly through a web browser. Nevertheless, Bisq applications exist for all major desktop platforms, including Windows, MacOS and various flavors of Linux.
Once installed, users will be presented with the ‘Offer Book,’ which shows users looking to buy and sell Bitcoin in exchange for the selected currency. To initiate a trade, users will first have to configure their payment details within the Bisq client. Next, first-time traders will also be asked to deposit a small amount of bitcoin in their wallet to cover trading and mining fees, as well as to cover a security deposit. The minimum amount is currently set at 0.01 BTC.
Once these pre-requisites have been satisfied, Bisq will allow the user to create or fulfill trades immediately. It is important to note that the Bisq application itself has an integrated Bitcoin wallet that will be used to settle trades. This is so that Bisq can hold funds in escrow during an ongoing trade in a 2-of-3 multisignature wallet. Each transaction involves a buyer, a seller, and an arbitrator. The latter is brought in to settle disputes and ensures that neither party is deceived.
Bisq also prides itself in not holding user funds at any time. Most cryptocurrencies currently in existence require their users to deposit an amount of cryptocurrency with them. Furthermore, users can only trade the amount of crypto stored in their account.
While this approach makes exchanges easier and faster, it also means that users have to trust their coins’ security with the company holding them. Given that these exchanges typically consolidate user funds in a small number of wallets, it should be no surprise that theft and hacks are a common occurrence.
Mt. Gox, for instance, was a Japanese exchange that filed for bankruptcy in 2014 after suffering from the single most massive hack in Bitcoin history. The exchange released a statement claiming that it had lost one-third of a billion dollars worth of Bitcoin, of which approximately 750,000 BTC belonged to its users.
Earlier this year, Tokyo-based cryptocurrency exchange Coincheck was also a victim of a massive security breach. The loss was estimated to total at 58 billion Yen, or $533 million, marginally more significant than the amount stolen from Mt. Gox.
Since users do not give Bisq control over their digital tokens at any time, the platform effectively allows an individual to be their exchange. According to the official Bisq documentation, this motto is based on Bitcoin’s “be your own bank” philosophy.
Bisq also does not automate the process of dispute handling, guaranteeing human support in the form of ‘arbitrators’. Put simply; an arbitrator is a person on the Bisq network that ensures fair evaluations and punishes malicious or colluding parties. Each trade is automatically assigned an arbitrator from a pool approved by both traders.
The process of arbitration is reasonably straightforward. As per the Bisq documentation, “If trader A fails to confirm the receipt of a national currency transfer within the allotted time (e.g., six days for SEPA, four days for Zelle, one day for altcoins, etc.), a button to contact the arbitrator will appear to both traders.
Trader B will then be able to submit evidence to the arbitrator that he did send the national currency. Alternatively, if trader B never sent the national currency, trader A will be able to submit evidence to the arbitrator that the funds were never received.”
Bisq believes that most disputes are not caused due to ‘malicious intent,’ but instead, by technical problems such as communication issues, bank downtime or bugs.
Privacy and Censorship-Resistance
Since Bisq does not hold or handle user funds, it is not legally obligated to collect user information. This is in stark contrast to almost every other cryptocurrency exchange, which requires users to submit personally identifying documents. Since cryptocurrency is a form of wealth, most governments around the world regulate exchanges like any other financial institution. This involves compliance with anti-money laundering laws and mandatory know-your-customer verification procedures.
Ultimately, users may even have their trading activities and cryptocurrency holdings reported to their country’s respective tax agencies. Furthermore, if exchanges are not careful with this information, users can have their personal information stolen, which may eventually even lead to identity theft.
In 2017, South Korean cryptocurrency exchange Bithumb was hit with a fine amounting to $55,000 for leaking sensitive customer data. The regulator learned that the stolen data was not alleged and the company had no measures to detect malware. Bisq, on the other hand, does not require users to register or verify their identities to begin trading. Trading data is stored locally, which means that no centralized database records user activity. This means that a government cannot compel a third-party to disclose information about a particular Bisq user.
Communication on the Bisq network takes place over a Tor hidden service. The Tor project describes its Onion Service Protocol as a collection of ‘rendezvous points,’ which users can connect to “without knowing the other’s network identity.” The use of Tor guarantees that no party on the network is aware of other users’ IP addresses.
Since Bitcoin’s introduction almost a decade ago, censorship-resistance has been a major catalyst for the growth of the cryptocurrency industry. The idea is that basic payments and communication is a universal right and every individual should have the freedom to transact. Like Bitcoin and other digital tokens, Bisq adopts a peer-to-peer communication mechanism which makes it difficult for a third-party to shut down completely.
Even though Bisq is fully functional in its current state, development on the platform is still ongoing. The team detailed:
“With our upcoming release in 1-2 weeks, we have a big redesign launch, as well as the launch of the Bisq DAO on testnet. After that, we hope to launch the DAO on the mainnet [by the] end of the year.”
They are also working on a new trade protocol that promises improves security and decentralization across the board. New APIs will also “make it possible to run Bisq from a cloud instance and mobile devices.”