Decentralized Exchange Working Mechanism –
Trade-offs between Safety and Efficiency
Content
1. Centralized Exchange Working Mechanisms
2. Early Development of Decentralized Exchanges
3. Decentralized Exchanges Based on Ethereum Network
(1) On-chain Order Book and On-chain Settlement
(2) Smart Contract-based Asset Reserves
(3) Off-chain Order Book and On-chain Settlement
(4) P2P
4. Comparing Administrator Rights, Cost Effectiveness and Trading Experience
5. The Trend of Decentralized Exchanges
Since suffering from the Mt. Gox hack in 2014, we have experienced several major exchange security incidents, including the stealing of Bitcoin from Bitfinex in 2016, the Yobit hack in 2017 and its bankruptcy, the stealing of NEM from Coincheck in January 2018, the Binance hack crisis in March of this year and so on. People are worried about their assets and trading security on exchanges. With these frequent security issues, decentralized exchanges began to receive increasing attention. Why did decentralized exchanges appear? What are their advantages compared with centralized exchanges? What are their working mechanisms?
To understand the necessity of decentralized exchanges, let us first examine the mechanism of centralized exchanges such as Binance, Huobi, Kraken and Coinbase.
1. Centralized Exchange Working Mechanisms
The mechanism of centralized exchanges is relatively simple: a user registers on the platform and obtains an account address given by the platform. The user can deposit digital assets in this account address and then trade on the platform. The platform provides order matching and assets clearing services. After the transaction is executed, the balance of assets in the user account changes.
There are several major problems with the operation of a centralized exchange:
1) Asset security risk: the entire process is managed by the platform.
The account (wallet address) created by the user on the exchange is similar to a bank account. The “bank” can transfer assets deposited by the user, whereas the user only has his own account password on the platform and cannot actually control his/her own assets. Once the platform’s wallet is attacked or the platform itself acts maliciously, users’ assets are compromised.
2) Asset management restrictions: users cannot freely manage their assets
To withdraw assets, a user must manually transfer his/her assets from the exchange to their personal wallet address. However, centralized exchanges often set rules to discourage users from withdrawing, including limiting the withdrawal amount, withdrawal time, setting a withdrawal fee, etc., so that users are not free to manage their assets.
3) Transaction and clearing are not transparent: the transaction and clearing process is managed internally by the platform and cannot be traced back to the blockchain.
The opening and closing of positions, order matching, transactions and clearing processes on the trading platform are all executed by the server of the platform. These processes have no interaction with blockchain, and the exchange can easily create false transactions or manipulate prices.
2. Early Development of Decentralized Exchanges
To solve the problems of centralized exchanges, people began to explore building decentralized exchanges on the blockchain to ensure that users’ assets are not controlled by the platform, and transaction and clearing processes are open and transparent. The earliest decentralized trading platforms such as Bitshares, Stellar, Ripple and Omni came into being. Let’s take Bitshares as an example to introduce their working mechanism.
1) Trading systems built directly on a public blockchain
2) Provide a gateway for issuing digital assets (issuing assets on BitShares requires BTS as collateral)
3) Users download a BitShares wallet and deposit assets
4) Users trade on the exchange
The early decentralized exchanges (represented by BitShares) were completely built on the blockchain, making the transaction process transparent and guaranteeing asset security, but there were two main problems:
1) The exchanges were built on-chain, and their working mechanisms were hard-coded, but the functions of digital asset trading are complex and need to be updated frequently, making the upgrading cost rather high. And there could only be one exchange on one public chain, which prevented the diversification of exchanges.
2) Lack of community support. The failure to design reasonable incentives, coupled with the competition of Ethereum, EOS and other public chains, has caused BitShares to lose support from their community. Consequently, without enough valuable assets on the blockchain, it is hard to operate any exchange effectively on these traditional public chains.
3. Decentralized Exchanges Based on Ethereum Network
With Ethereum’s leading position among the smart contract public chains, decentralized exchanges based on Ethereum have sprung up. These exchanges can be divided into the following 4 categories according to their order matching mechanisms: on-chain order book and on-chain settlement; smart contract-based asset reserves; off-chain order book and on-chain settlement; and lastly P2P.
(1) On-chain Order Book and On-chain Settlement
The earliest successful decentralized exchange based on Ethereum was Etherdelta, which once made up half of the decentralized trading market. Etherdelta leans toward a completely decentralized mechanism. Asset deposits/withdrawals and order placing, taking, matching and settlement are all executed on chain.
The exact mechanism is as follows:
1) Makers and Takers deposit assets into smart contracts. User assets are managed by smart contracts, and the administrators of the contract cannot manipulate users’ assets.
2) Makers place orders on the blockchain.
3) Takers select the order with the assets they want and send a transaction.
4) The smart contract will match the orders and settle them on chain.
The entire operation of Etherdelta is executed on chain. Users retain custody of their private keys and the platform does not touch users’ assets, making assets and transactions secure and transparent. But Etherdelta has shortcomings:
1) Trading operations are executed on chain, so all order placing, canceling, and taking consume gas, resulting in high latency and low cost-effectiveness.
2) There is a possibility that miners practice front-running.
In order to solve the problems of high cost and low efficiency of completely on-chain decentralized exchanges, people have explored other choices: smart contract-based asset reserves; off-chain order books and on-chain settlement, and P2P.
(2) Smart Contract-based Asset Reserves
The most representative asset reserves are Bancor and Kyber. These so-called asset reserves can be regarded as platforms that establish pools for storing various assets through smart contracts. The providers of assets for the reserve can be retail users or professional market makers.
Bancor and Kyber’s implementation differ slightly.
Bancor’s mechanism
Each trading pair has a smart contract called ‘relay’. The contract calculates a conversion ratio (price) based on the amount of assets held in the contract, and automatically adjusts the ratio according to changes in the amount of assets. A Taker chooses a trading pair and transfers the relevant asset to its contract in return for the other asset he/she wants.
The advantage of Bancor’s mechanism is that the entire process does not require complicated operations such as order placing, matching, and settlement, and the only cost is derived from the consumption of gas for token transfer. However, its biggest security risk lies in the administrator’s authority: each smart contract is controlled by an administrator address, and the administrator has the authority to withdraw the assets held by the smart contract. Therefore, users’ assets are not safe in the smart contract. This is also an important reason behind the previous attack on Bancor.
Kyber’s mechanism
The difference between Kyber and Bancor is that Kyber does not create smart contracts for each trading pair, and the price is not automatically calculated. Kyber’s assets providers (market makers) deposit assets into the reserve, and reserve managers provide quotations so that traders can get the ideal price and trade more conveniently.
Bancor and Kyber’s asset reserve model is a good option, especially for newcomers: they can facilitate direct exchange of one digital asset with another without order placements. But if we need a more complete and robust trading platform, comparable to major centralized exchanges, the order book model is still the mainstream.
(3) Off-chain Order Book and On-chain Settlement
0x and Loopring
The 0x protocol introduces the concept of ‘relayer’. The trader does not need to deposit assets, but he/she has to convert ETH to WETH which is ERC20 compliant. 0x’s “off-chain relay, on-chain settlement” mechanism works as pictured:
1) The maker creates an order and sends it to the relayer.
2) The taker queries the orders in the relayer and selects the order he/she wants.
3) The taker sends a transaction to the chain and the transaction is confirmed.
Loopring optimized 0x. Previously mentioned matching mechanisms matched two assets, whereas Loopring can achieve matching among multiple assets. For example, if users A, B and C wish to trade pairs A -> B, B -> C and C -> A, they do not need to ask for matching of each pair- the matching for these 3 pairs can automatically be executed. This mechanism saves gas cost and improves matching efficiency.
The main issue with the 0x protocol is that if a group of exchanges pools orders, each transaction of each exchange needs to be broadcasted for awareness and confirmation by the group. Therefore, these exchanges cannot achieve instant trading by simply applying the 0x protocol. Moreover, traders need to convert ETH to WETH which increases transaction costs.
Loopring’s logic is more complicated and not easy to implement. Currently, there are less exchanges applying the Loopring protocol than the 0x protocol.
IDEX and DEx.top
Another orderbook model which is widely accepted is the model used by IDEX, which currently captures 60% of the Ethereum decentralized exchange market share, and the model used by DEx.top, which closely follows IDEX. These two are very similar in their mechanisms which combine the security of traditional decentralized exchanges and the efficiency of the off-chain matching of centralization exchanges.
1) The Taker and Maker sign with their private key and deposit assets into the smart contract; the platform does not touch the users’ private keys and assets so that security is guaranteed.
2) Order placement is executed by the off-chain server, so that the matching process is similar to that of centralized exchanges, improving the trading experience for users. Unsuccessful transactions and un-matched orders will not be sent to the blockchain which saves gas cost.
3) Double-ledger: The off-chain ledger will synchronize successful transactions with the on-chain ledger, and finally settle the transactions on-chain.
(4) P2P Model
P2P model refers to peer-to-peer asset swaps, and Airswap is a representative case.
The mechanism is as follows:
1) The Maker broadcasts a trading pair to the platform, requesting a transaction
2) The Taker queries the platform for the trading pairs, and once the appropriate trading pair is found, the counterparty’s information can be obtained.
3) The Maker and Taker negotiate an exchange rate (price) off chain.
4) The Taker submits a request to execute a transaction to the smart contract on Ethereum.
For P2P model, the matching process is off-chain and transactions are settled on-chain. It is similar to asset transfers between wallets. The platform does not control the users’ assets, and the transaction process is safe and transparent.
The main problem with this model is the poor flexibility: peer-to-peer swaps only allow parties to trade at an agreed price and quantity; if one party needs to trade more, it cannot be executed in one transaction. Instead, the trader has to find other suitable counterparties and execute more transactions.
4. Comparison of Administrator Rights, Cost Effectiveness and Trading Experience
As can be seen from the previous introduction, several typical exchanges, including Bancor, Kyber, 0x, IDEX, and DEx.top, have administrators involved in the transaction process to a certain degree. Their duties include listing/delisting trading pairs, fund management, sending transactions to the blockchain, etc. If the administrator’s scope of authority is too large, it will be a threat to user assets and transaction security; if there is no administrator participation, it will affect efficiency and the trading experience. In addition, apart from the restriction of administrators’ rights and improvement of the trading experience, cost control should also be taken into consideration. The following table presents the comparison of administrator rights, cost-effectiveness, and trading experience of the current major decentralized exchanges.
Administrators of the earliest fully decentralized exchange Etherdelta participated the least in traders’ transactions, but the fully on-chain mechanism resulted in high costs and poor trading experiences. Thus, the following models are all trade-offs between efficiency and security.
For the asset reserve mechanism represented by Bancor and Kyber, administrators have a relatively higher participation in the entire trading process. If the asset reserve contract’s administrators have privileges such as withdrawing assets, like Bancor, it will be a threat to the users’ assets security. These exchanges have relatively simpler mechanisms, are more cost-effective, and have higher transaction efficiency, but less features compared to exchanges with orderbooks.
For relay mechanisms represented by 0x and Loopring: the platform is non-custodial; the degree of decentralization is relatively high; but this also leads to relatively low cost-effectiveness; the transaction experience is good overall, but if exchanges share orders, they will be unable to offer instant transactions. For IDEX and DEx.top which centralize the matching process, the implementation saves gas cost and improves the trading experience; but they need to pay attention to restricting administrator privileges when designing their smart contract to ensure greater decentralization (refer to DEx.top’s design philosophy: “Decentralized Exchanges Must First Ensure Design Safety” https://www.jinse.com/lives/39286.htm). Airswap offers a peer-to-peer transaction model with less administrator privileges and greater cost-effectiveness. However, the product is relatively simple with few features.
5. The Trend of Decentralized Exchanges
From the existing development of decentralized exchanges, it can be seen that due to the limitations of existing public chain infrastructure, in order to improve trading efficiency, off-chain matching and on-chain settlement is widely accepted and has become a trend. However, this involves a certain degree of centralization in the operation of exchanges, posing a threat to security. Therefore, strict restrictions on the authority of administrators have become a focus for decentralized exchanges.
In addition, as on-chain transactions require gas, designing gas-efficient smart contracts and working mechanisms is the key to the sustainable operation of decentralized exchanges.
In the long run, with the continuous improvement of the performance of underlying public chains or breakthroughs in sidechain solutions, the efficiency of decentralized exchanges will approach that of centralized exchanges. We look forward to a more efficient, safe and robust decentralized world in the future.
Reference:
https://www.bitshares.foundation/announcements/2018-06-20-bitsharesblockchainwhitepaper
https://github.com/etherdelta/
https://github.com/kyberNetwork/
https://0xproject.com/pdfs/0x_white_paper.pdf
https://storage.googleapis.com/website-bancor/2018/04/01ba8253-bancor_protocol_whitepaper_en.pdf
