Secondary and debt markets for exchanges

As discussed last week, Bitfinex has followed through with their bail-in and gave all of their users a 36% "haircut". While not ideal, with the right approach and conviction, this might be a way for the exchange to eventually right their customers. The idea is not new - I recall discussing something similar a few years ago when another big exchange was not measuring up...

MtGox's secondary market

MtGox, the poster child of why one shouldn't trust exchanges with one's BTC, has officially shut down in 2014. However, months before that you could already see some red flags popping up that something was going wrong. MtGox started having some fiat withdrawal problems, and as a result, its market was off by 10+% and ripe for arbitrage. Some people could make a tidy profit churning money around, provided they could get their fiat out of the exchange.

A few months later, the situation got worse - MtGox has officially halted both its bitcoin and fiat withdrawals altogether. However, probably due to some interesting code optimisation, someone figured out that if you withdraw bitcoins straight into a deposit address of another MtGox account, the funds would be transferred without creating a transaction on the blockchain. It looked like that functionality was governed by the "MOVE" API call, rather than "SEND". This tiny functionality was enough for someone to build an entire secondary market for MtGox before the whole exchange went under.

While I can't find any reference to what the site was (EDIT: the website was Bitcoin Builder, as pointed out by /u/samurai321), as the news of MtGox collapse has probably buried it in the sands of time, I remember it being a simple BTC-MtGoxBTC exchange. One could deposit actual bitcoins and trade them for bitcoins owed by MtGox that were moved to the secondary market's address. It allowed some people to get rid of their coins frozen at the exchange and cash out to the safety of the wallets their own, while letting others speculate on whether or not MtGox would be going under. I remember seeing the price reaching a level of 30+% discount on the market, which is fairly comparable to the current Bitfinex scenario...

Decentralised secondary markets

After MtGox collapsed, I haven't seen a similar secondary market pop up anywhere. The closest thing that comes to mind is being able to trade Bitstamp's IOUs on Ripple, which might be an ideal approach for trading exchanges' debt (at least provided the exchange doesn't run into new hacks). If Bitstamp was to go under, you could still trade about 1.5M USD and 2k BTC of its issue on the decentralised exchange nearly indefinitely. Figuring out its USD-USD and BTC-BTC exchange rate against an operating pool could be a clear gaige of confidence in the platform - if there were talks of the exchange recovering, the price might get closer to parity, or go away from it in the opposite case.

At the same time, such a secondary market might be used for something more morally muddy...

Buying one's own debt

Say Bitfinex's tokens were tradable during the hack. Before everyone knew how much was lost percentage-wise, the market would be wild with speculation - you probably could buy bitcoins at 50+% discount, perhaps even at 90% discount if the fear would set in. Now, if Bitfinex was aware of such a situation and knew how much deposits they could actually cover, they could try buying up their own debt for pennies on the dollar before the haircut was to take place. This could allow them to buy off some of their debt at a discount, reducing their obligations to their customers and therefore creating a theoretical profit.

Such a scenario would be highly unethical and I would guess highly illegal, but I wouldn't be surprised to see something like this happen sooner or later in the Bitcoin world. Instead, let's imagine some more ethical approach Bitfinex could act on their current situation...

Slow debt repayment

I'm not sure how Bitfinex structured their token program as I don't use the exchange. However, a good approach to eventually righting everyone would be for them to convert everyone's BTC balance into those tokens. At any time, the users would be able to cash the tokens in and get actual coins, minus the haircut. With each token converted, their obligations would decrease.

The tokens would also be tradable on the exchange itself for actual coins, creating a market for the debt. Anyone wishing to speculate would be able to trade the coins for a value between the haircut discount and 1BTC. The price would have upper and lower bounds, but could fluctuate in between.

If Bitfinex was diligent and set on repaying the debt by eventually buying up all of the tokens, they could publicly declare their strategy of doing so - perhaps a portion of their monthly income would go directly into purchasing the tokens from the market at the spot rate. With every purchase, the amount of tokens in circulation would decrease, thus the ratio of their bitcoins earmarked for buying back the tokens to the actual amount of tokens would increase, making the haircut smaller and smaller. Gradually, the gap between the value of the tokens and the real coins would shrink so much they could convert the tokens themselves straight into coins at a 1:1 ratio and remove them entirely.

In the end, the amount of coins you would get back would rely only on how quickly you need them - you could get them today for 36% off, perhaps get them for 30% off in a year, or get a full amount in a decade. The market would decide what the future value of the tokens would be, and with each month (and perhaps with each trade if some fees were to be maintained for this market), the debt would be slowly repaid.

In the end, this is an optimistic scenario assuming the exchange could earn back millions of dollars worth of coins before the company would go under. Similarly, if you believe the value of bitcoins will go up, the debt may never be repaid - the value of the coins left to be repaid could be going up as the number of the coins would be going down thanks to the increasing price.

One way or the other, it would be a really interesting case study if Bitfinex was to implement something like this...

Related links:


Avoiding Bitfinex scenarios with Voting Pools

This week, a high-profile Bitcoin theft took place at the Bitfinex exchange. The attacker reportedly stole 119'756BTC, worth about 70.5M USD. Those funds were held at a 2-out-of-3 multisignature wallet - one key was held at Bitfinex's server, another was kept by BitGo, and a third was a backup key held offline by Bitfinex. From what the reports say, the hacker was able to get their hands on the first key, as well as the API credentials required to authorise BitGo to process the withdrawal. With no additional safeguards, they were able to drain the hot wallet and land themselves around the number 2 spot of the biggest Bitcoin theft to date, after MtGox.

The scenario is still unfolding, so there are a lot of theories still floating around as to why the situation was allowed to take place. Some have speculated Bitfinex was forced to keep all of their coins in a hot wallet due to CFTC's ruling (as Bitfinex was not a registered futures trading platform), although it seems that the change was made before the ruling. Bitfinex also unveiled a plan for a "bail in", wherein everyone's assets would be devalued by about 36% so the exchange could continue operating.

Since Bitcoin's past seems to be littered with theft, I would like to have a look at one possible solution to minimise such high-profile hacks:

Voting Pools

Voting Pools is an idea proposed by Open Transactions, a Crypto 2.0 platform focused on notaries issuing IOU tokens and other financial instruments. The main issue such systems have to cope with is securing the cryptos, currencies and commodities underlying the assets circulating on the platform - an USD IOU is only useful if you can redeem it for real USD at the end of the day.

The way Voting Pools help secure users' funds is through shared responsibility from competing actors. Multiple exchanges of similar size would group together in a pool and secure one another's funds through multisig and a legal agreement to share responsibility in an event of a loss (be it from theft or one of the exchanges trying to run off with everyone's money). The multisig would be distributed in such a way that any one actor would not be able to control even their own money, and the system being robust enough to handle a loss of some keys (2-of-3, 3-of-5, 4-of-5, etc.).

This setup would make sure that a critical failure of one actor would not compromise the system. Even if one of the exchanges would burn down, get hacked, or the owner would decide to run away with all of the private keys, they couldn't do anything. The other exchanges would take over the responsibility and secure all of the funds to be able to pay all of the failed exchange's customers without suffering a loss of their own funds.

More importantly, however, this solution also forces every participating company to not only police themselves and ensure they have the most adequate security practices in place, but also to look at one another. When your own money is on the line, you will make sure everyone is keeping up with the rest of the pack in terms of keeping the money safe. Since the exchanges would still be competing with one another, they would have every incentive to expose other actors in the voting pool that are compromising the security.

Beyond that the full implementation of Voting Pools also necessitate that the exchanges would open up their transaction logs to one another to make sure everyone knows how much every customer is owed in case of a database wipe or the exchange vanishing from the face of the earth. This is pretty much automatic when it comes to gateways on a public ledger like Ripple or some shared permissioned blockchain, and it shouldn't be too hard to accomplish if an exchange already creates a strict and timely Proof of Solvency. That being said, it is pretty much unheard of for a normal Bitcoin exchange to do that currently, which might make it more problematic.

Having access to a full, real-time set of transaction logs the participants in a voting pool have everything they need to not only be able to settle with every customer in case the exchange goes under, but they can also police the exchange in real-time and raise flags in case of discrepancy. If exchange's liabilities exceed their assets, all withdrawals can be automatically haled until the matter is resolved. Large withdrawals, sudden market crashes and balance changes could similarly raise a lot of flags (to avoid another MtGox scenario, wherein a hacker crashed the market to be able to bypass the $1000/day withdraw limit).


All in all, voting pools would force a strong degree of transparency on every actor and couple that with multiple security teams making sure the system is secured against a growing number of hacks. While the participating exchanges would sacrifice their business data secrecy to their direct competitors, security through obscurity is never a good approach.


Contentious Bitcoin fork WILL create a split

The Bitcoin community has debated a potential hardfork to Bitcoin for over a year now. There have been various solutions proposed to change the hard cap on block size and increase the amount of transactions that can go into any single block.

Leaving aside the discussion as to which approach would be the best for Bitcoin in the long run, we can agree that there is a disagreement on the issue and any hard fork that may happen will not be as unanimous as the previous forks were. Looking at some recent examples, we can expect that any contentious Bitcoin fork will create a split in the network.

Big players can trump forks - Elacoin

Last year Steve Sokolowski shared his thoughts on a Bitcoin hard fork proposal in a forum post. Other than discussing the actual solution, Steve also shared a story of Elacoin's attempted hard fork. Apparently, it was some unremarkable Proof of Work altcoin which activity has died off after awhile. A new developer came in and decided to breathe new life into the coin by creating a Proof-of-Stake fork. A lot of people got excited for the update and the trading volume and price rose back up.

When the fork was scheduled to take place, despite the backing of the community, the developers and stakers, the fork failed since Cryptsy continued to trade the coin without upgrading their daemon. Eventually the hard fork was deemed a failure while the old coins were still being traded.

This brings to mind the famous experiments with five monkeys, a ladder and a banana. People would trade a coin in anticipation of the fork, then ignore the fork and continue trading the coin due to its increased price and volume, completely forgetting why they were trading it in the first place. Classical altcoin speculators.

This only goes to show that big players, even if they are in a minority, can trump developer forks. While a story like this is rather unlikely to happen in Bitcoin, since the coin itself has many different markets and a vast community, we could experience a different problem when a hard fork happens...

New Coke vs Coke Classic - Ethereum

Not so long ago, Ethereum has experienced The DAO debacle, wherein a large quantity of ethers were drained from a high-profile smart contract. This prompted the Ethereum developers to create a hard fork that invalidated the attack. For a few days everything seemed to go smoothly - the majority of the network supported the fork, everyone transitioned just fine and it looked like the network could put the kerfuffle behind them. Then came Ethereum Classic...

Ethereum Classic is, I suppose, an "un-fork" of Ethereum - a codebase designed to ignore the DAO hard fork and continue the network as if it never happened. Whether the developers believe that they are supporting the community that disagrees with the fork, or they just want to make a quick buck, the fact is that the classic ethers (ETC) started being traded on Poloniex, probably one of the biggest altcoin exchanges currently, and now are being actively traded on a number of other exchanges with a current market cap of $200M and 24h trade volume of $65k - forth market cap after Bitcoin, Ethereum and Ripple, and having double the trading volume of Ethereum, second only to Bitcoin...

From a perspective of any Bitcoin core developer wanting to fork Bitcoin, this is probably the worst thing that could have happened in the given situation. Exchanges supporting both sides of a fork can set a precedent of what will happen when Bitcoin is forked in any fashion short of full unanimity. Even if the unforked version of Bitcoin has 1% of its market cap, that's $94M market waiting for an exchange to take their money - it would be the 7th largest coin market, around the halfway point between Litecoin and Dash.

As an Ethereum Developer pointed out in an Ethereum Foundation Skype Chat leak - ignoring Ethereum Classic means there is no money to be made, while embracing it allows you to tap into some "vestigial value remaining from the shared chain history".

Even if any potential fork has all of the support from all of the developers and miners, there isn't much one can do to stop the un-fork, perhaps short of a Coiledcoin-esque 51% attack. Even if networks like Ethereum implemented "the bomb" (a special smart contract that prints tokens out of thin air, intended to kill an un-forked network), a developer could just create another hard fork to disable that code pretty much like the DAO was disabled...

Kill it with fire

So when all is said and done, it looks like the only way to ensure only one version of Bitcoin is around, one would need to reach an overwhelming consensus with the developers, the miners and the exchanges to support only one part of the fork. Anything short of that will create a split network with duplicate tokens being created on both tines of the fork.

To ensure the rest of the network follows suit, someone should put aside some funds and mining power to be able to execute 51% attacks on any un-fork that would start being traded at an exchange. While a 51% attack in normal cases might be in the legal murky territory, perhaps using it to enforce a hard fork might not be seen as an attack on the currency, but as a part of the upgrade process. The law might not catch up to this conundrum for years still.


Anything short of an unanimous hard fork to Bitcoin will most likely result in a network split where both sides of the fork. The split will most likely be motivated by short-term profit to extract some remaining value from the alt-chain. A good way to ensure no such split happens would be to divert some resources to performing 51% attacks on the minority chain and thus causing whatever exchange that tries to trade them to lose money.

Related discussions: