While summer is a quiet time for most companies and financial markets, the Covesting team didn’t have any time to relax due to the hard work required each and every day to meet the tight deadlines of our roadmap.
Sense of purpose. Reliability. Leadership. These are Covesting’s three main values, and we are working hard to ensure that they become synonymous with the Covesting platform. We are getting close to achieving the goals we set a year ago, and the platform is close to becoming a reality.
Covesting takes the safety of our client’s funds and the platform security very seriously. Our security team implements the best industry practices to mitigate security risks and develop a reliable world-class trading platform.
In July, we performed several major security tests to our platform with the involvement of independent and in-house security experts. Following the results of these tests, we further improved the architecture of the platform. We are pleased to tell you that no critical security breaches were identified.
We also added some advanced security settings to the settings screen of the platform which includes withdrawal address whitelisting, API management and additional email confirmations for specific actions.
Withdrawal address whitelisting adds additional layers of security for all our users. Users can only withdraw funds to addresses which were previously added to the list and confirmed by both email and Google 2FA (if it is enabled). This means that even if someone gains unauthorized access to the account — the only address where funds can be sent is to users with whitelisted address. No third-party fiat withdrawals are allowed.
As previously discussed, only a small amount of funds will be held in the online (hot) wallet to facilitate small withdrawals instantly, while the most of our client’s assets will be securely held in the offline (cold) storage and with Tier 1 banks and 3rd party liquidity providers.
In order to secure the hot wallet transactions, the Covesting security team has set up the cloud HSM module which encrypts the private keys by using the secp256k1 ecliptic curve.
The security testing will be an ongoing process. We are also in negotiations with top IT security companies that will conduct security audits of Covesting Exchange before we open our doors to the public. Periodic security audits and penetration tests are required by both regulators and by our own development policies.
For more detailed information please refer to the security section on our website.
The launch date of the platform is quickly approaching, and we are happy to share some development insights with you.
During the course of July, our team had to work twice as hard as normal. This is because the tech development turned into 3x of what we have originally planned due to the strict requirements of the GFSC and our compliance team. We had to build such modules as Tx monitoring from scratch in order to recognize patterns of suspicious money laundering transactions, as well as full scale on-chain Tx analysis to monitor and report addresses which potentially used funds received from the darknet, hacked addresses and more to fund the accounts at Covesting.
Here is how ongoing onchain Tx monitoring and client profiling looks in action:
We have implemented integration with Thompson Reuters Worldcheck solution in order to spot registrations by PEP/ Sanctions list individuals and report them accordingly.
The largest part of 24/7 exchange monitoring center has been developed and will soon allow us to monitor and identify fraudulent trades, PnD schemes, and market manipulations. We have also completed the largest part of integrations with treasury services providers, banks and payment processors, which is necessary in order to provide a fiat gateway to all of our clients.
As always, the Covesting team is taking things seriously and is on the cusp of setting a new benchmark for cryptocurrency trading industry: Compliant. Secure. Reliable.
The average working day of each Covesting developer lasts for roughly 14 hours (demanding but truly rewarding).
Some time has passed since the previous release and we are happy to announce that a big update of the platform is coming very soon. We will not initially include all of the features in the framework of this release (such as dark mode and other things) because of ongoing tests, but it will be definitely done before the official release. Here is the list of some of the upcoming updates:
- Interface with improved UX for desktop and mobile. We have combined Portfolio, Orders, History and Social part (Chat + News feed) in one block in order to save some space for the chart.
- Slider in the Order form. It will allow for users to set up a percentage of funds that user is willing to allocate for a particular trade (or percentage of existing asset that one is willing to sell)
- Quick orders. These types of orders are common in the cryptocurrency trading industry and are extremely useful when you want to urgently buy or sell assets by placing a limit order at the first Bid/Ask price level.
- Improved Orderbook. We added the option to view only bid or ask orders, which proves useful if you want to see the depth of the order book for a single Buy or Sell category.
- Improved Dashboard. UI was upgraded for better user experience, especially on the mobile devices.
- Integrations with additional exchanges. We continued to add API integrations with 3rd party liquidity providers to ensure flawless order execution and deep order book for all our users. Some additional tests will be done before the official launch.
- Overall UX. We have added numerous overlays, tooltips, and more, in an effort to make the user experience intuitive and pleasant.
You can always follow the latest development release notes here: https://support.covesting.io/hc/en-us/sections/360001233893-Updates
Compliance & KYC:
Our KYC workflow is 100% complete in terms of development and is ready to go live. We have requested a confirmation from GFSC about possibility of doing pre-verifications before the official release.
In July we have hired some additional Compliance / KYC team members at our Gibraltar headquarters to ensure quick and smooth verification process. The start of KYC will be communicated separately.
If you are not sure why we need KYC and want to better understand why it is so important, read a short article here: https://medium.com/covesting/kyc-why-it-is-vital-for-security-and-user-protection-54316ac09b03
Mobile App (iOS) development
The first version of the mobile app for iOS has been developed and released in the “Testflight” mode in July, as we originally planned. At the moment, we are still awaiting Apple’s approval in order to release the first version on the App Store. Internal tests and UX audits provided us some additional ideas for improvements, therefore our developers continue working on the app in order to provide best possible user experience once we are good to go live.
Crypto Intelligence Portal:
We are constantly improving the CI portal. This month we updated it to beta 1.2. The main new feature is a news terminal that allows our users to get instant access to cryptocurrency related news from multiple sources https://ci.covesting.io/terminal.
The other great feature of the news terminal is that it collects the important milestones from cryptocurrency projects (releases, meet-ups, airdrops, listing etc.) so you never miss an important update from your favorite project. Additional tutorials and advanced Technical Analysis videos will be uploaded shortly in order to share experience and knowledge with our community. Some major backend and database improvements have been completed which will allow us to introduce the CI forum in the coming months.
Distributed Ledger Technology License (DLT)
GFSC representatives made an on-site visit to the Covesting office in the World Trade Center to ensure that Covesting has implemented all the required procedures in order to provide high quality and secure services to our clients. Covesting CEO, Dmitrij Pruglo, as well as several other team members presented the current development stage and upcoming implementations. We discussed in detail all important aspects of our progress, including:
- AML/CFT and customer onboarding process;
- Technology and operation/monitoring of exchange activity;
- Platform security;
- Internal controls;
- Financial projections;
- Corporate governance;
- Risk management framework and its implementation.
We are currently awaiting feedback from GFSC representatives with suggested improvements in order to finalize the licensing process.
In July we held a community contest with a prize fund of 3500 COV. We received a lot of great submissions as well as very positive feedback. We want to thank all the participants and congratulate the winners once again. Please check out the details of the contest here: https://medium.com/covesting/community-contest-results-a05e687ab781
Trading competition + bug hunting. Soft launch
We are happy to say that apart from additional unplanned development tasks, we are still in line with the original roadmap and we plan to release the fully operational trading facilities in Q3.
It is important to understand that every business decision goes through the GFSC analyst team, and before we can release the copy-trading module there might be additional comments from the regulators that we will have to address. Therefore, the copy trading module may have a slight delay (only a few weeks). Nevertheless, such a minor delay is not too negative, since traders will need to build their profiles with performance statistics and get used to the platform. Fully operational trading mechanics and platform security is Covesting’s top priority at our current stage.
In order to manage everyone’s expectations, we will soon release a blog post about the soft launch, where we will explain what features will be available during the launch and what are the future steps in our exciting journey!
Please follow our official accounts for the latest developments and exciting news!
Thank you for choosing Covesting, and please feel free to contact us any time with any questions you may have.