Major Weak Points Of Crypto Exchanges That Create Unprecedented Risks For Traders

Good news: they can be overcome. Here is how.

The crypto market offers two alternative types of digital asset exchanges: centralized (CEXs) and decentralized ones (DEXs). The fundamental difference between these types of exchanges is whether there is an intermediary to facilitate users’ transactions, as well as to store their funds and define their trading destiny.

DEXs are meant to be a new generation of trading platforms that eliminate such intermediaries. Powered by blockchain technology, DEXs are poised to provide users with a safe peer-2-peer trading environment free of all the risks that users have in centralized market places and remove the last at the end.

Current situation: both types of exchanges are now dealing with a boom in users. Harsh truth: each type has its own drawbacks and weaknesses and imposes unprecedented risks on its users.

So let’s consider those risks under the microscope and try to figure out what might be the most balanced solution that really works in users’ best interests.

Risks of trading on CEXs

A centralized crypto exchange (CEX) is an online platform for trading digital assets operated by a third-party intermediary.

Unlike traditional stock bourses, CEXs do much more than just provide a neutral online platform for matching buyer/seller requests. Most of them also handle clients’ deposits, store private keys, render broker services, do transaction clearing and provide credit lines. So, a CEX is an exchange, custodian, broker, risk manager, and clearing house company all in one package.

Such an “all-eggs-in-one basket” framework of CEXs actually makes the customer a powerless player in the game, and it creates unlimited opportunities for their unfair treatment.

Let’s take a closer look at the major customer risks arising out of dealing with CEXs:

1. Counterparty risk. To start trading, customers are required to deposit digital assets into a CEX account. Once they do that, they are no longer in control of their funds, and the CEX now keeps their private keys. Such vetting of assets at a CEX’s discretion imposes an unprecedented risk of loss on the customer. The exchange might shut down at any given moment, fabricate being hacked, or if something goes wrong, it might not have enough funds on hand to cover every depositor.
2. Security risk. Due to the centralized infrastructure, CEXs are more vulnerable to hacker attacks as they have one point of failure. The customer is not able to evaluate whether the CEX is really taking all necessary measures to provide the proper protection for their deposits. Security services like Cloudflare are pretty expensive. How generously a particular CEX invests in them is always a terra incognito question.
3. Legal risk. Most CEXs are unregulated, as they are set up in free-trade offshore zones, like Seychelles or Saint Vincent and the Grenadines. These exchanges don’t require licensing and are not supervised by any security watchdogs. It’s fair to say that a licensed exchange does not necessarily provide full protection for the end-users interests. Every jurisdiction has its own set of licensing requirements. In most cases, a license is nothing more than a formal paper evidencing that an exchange has fulfilled some basic requirements and now is subject to regular reporting to a local security regulatory body.

If such a license doesn’t require the CEX to have insurance or sufficient capital reserves to refund its customers in the case of a negative scenario, it would not make much sense for the end-user.

So, in an ideal world, a CEX must have a combination of a strong license and broad coverage insurance to be able to recover its customers’ losses.

But how many CEXs do you know with that combination? Actually, I can count on one hand the ones in my personal list.

The picture depicting the legal risks for the customer would not be complete if we did not mention the “quality” of the terms and conditions one has to accept when depositing their money into a centralized exchange. All too often, these terms and conditions can be boiled down to a few statements:

“The exchange takes no responsibility for anything. The user is a kamikaze and acknowledges this is all their own risk. So please avoid making any complaints later”.

4. Liquidity risk. There’s no secret that “wash trades” are a widely popular practice on CEXs. Quite often, exchanges will use bots trading with themselves to fake deep liquidity and by doing so increase their attractiveness in the eyes of users.

Faked trading volumes mean de facto low liquidity, which can result in two unpleasant things for traders: slippage and increased risk of market manipulation.

A few words on each.

Slippage occurs when a trader places a market order for crypto at one price, but the order executes at another. This price difference is called slippage, and all too often it is not in the trader’s favor.

Market manipulation. If a particular asset suffers from low liquidity, then it makes it easier for a large trader to manipulate the market for that asset by placing a significant buy or sell order. If there aren’t many orders taking place, a large buy order could cause outsized gains in a digital currency, for example. Likewise, a substantial sell order could provoke large declines in the price of a cryptocurrency.

5. Miscellaneous. In the case of an all-in-one setup of CEXs, the sky is the limit for the risks that there might be.

The provision of special advantages to “friendly” traders at the expense of the others, the suspension of fund withdrawals by reason of maintenance (always a good reason), or even trading against their customers. Yes, there have been such examples. And why not? The centralized monolithic infrastructure concentrating all the power without any checks or balances implemented and which cannot be held liable at the end provides all the opportunities for that.

All that being said, it doesn’t necessarily mean that every centralized exchange is malicious. It only means that being a good or bad actor totally remains up to their sole discretion. If one day something goes bad, the end-user would just not have any leverage to protect their interest. Sometimes even if they are trading on regulated exchanges.

Are DEXs a panacea?

Unlike CEXs, decentralized exchanges (DEXs) offer peer-to-peer (P2P) tamper-proof digital asset trading with no intermediary involved. In the absence of a central authority, DEXs employ smart contracts that self-execute under set conditions and record each transaction to the blockchain.

The core goal of the DEX framework is to negate the above-mentioned risks associated with centralized platforms by using technology.

Along with trustworthy P2P trading, DEXs also offer the following perks for users:

• self-custody, meaning that users trade from their wallets when transacting on a DEX platform, and remain in total control of their private keys. This allows for the elimination of the counterparty risk that users have when depositing their funds with centralized exchanges, as discussed above;
• resistant to infrastructure hacks, as it’s secured by blockchain technology; and
• anonymity, as users are not required to pass any KYC/AML verification to start trading.

So, as we can see, the concept of DEX is more consistent with the crypto mission than CEX — to remove third parties for more simple transactions and to ensure their safety.

But do the current DEXs really solve all the issues of centralized platforms? Would it be fair to say that switching to a DEX would automatically mean chill and worry-free trading for the user? (if at all possible)

The current DEXs have their own downsides as well and create risks for users. Let’s take a look at those risks now.

1. Security risk (again!)

Despite DEXs being more tolerant of hacker attacks than centralized platforms, they still do not provide a 100% guarantee of being cybercrime-free.

As the technology evolves, so does the creativity of sophisticated hackers.

Recent statistics even show that while overall fraudulent activity in crypto is decreasing, exit scams in decentralized finance have been on the rise in the last few years.

For DEXs, they are known as “rug pulls,” meaning the following fraudulent scheme in a nutshell:

The scammers create and list a worthless token on a DEX, pair it with a trustworthy cryptocurrency like ETH, and start trading in a liquidity pool. With the help of some promotional activities, the bad guys convince investors to provide liquidity by staking a valuable token, such as Ether (ETH), which pushes the new token’s price up. At a certain point, the scammers “pull the rug,” taking all the Ether from the pool and leaving the investors holding a worthless token.

So, despite all the protection that blockchain and smart contracts bring to DEXs, there is still ample room for misbehavior.

Why?

Since current DEXs do not require smart contract auditing, scammers are free to leave “backdoors” in the contracts to facilitate their worthless tokens and use it to steal assets from the liquidity pool, once it’s filled with enough cash to satisfy their appetites. Moreover, since DEXs offer anonymous trading with no KYC/AML verification for users, there is almost no way to track the bad actors.

We can see here that the security risk on decentralized exchanges is caused by their imperfect operating framework and has nothing to do with the underlying technology, i.e. blockchain. However, it still exists and as such, we cannot consider DEXs to be a safe haven for trading.

2. Poor liquidity and low-speed functionality

Most traders still prefer centralized services with a greater liquidity pool, choice of instruments, currency pairs, and order types. The current DEXs have way lower liquidity than centralized platforms and are inefficient for bigger transactions.

Most of them also have significant speed limitations for transactions as the last take time to be checked and validated on blockchain networks.

3. Risk of self-custody

Risk of loss of private keys, which means your funds. This is the flip side of anonymity. As for DEXs, the user is the custodian of their own assets, so in the event that they lose the key, they lose their money. The current DEXs are only intended for sophisticated users who have the skill of proper key management and, unlike ordinary mortals, they know the tricks on how to do it and are super conscious of that.

4. No ability to recover funds

DEXs fundamentally do not have any recovery ability for lost, stolen, or misplaced funds. Due to the absence of a KYC process or the ability to cancel a transaction in the event of a compromised account or loss of private key, users are unable to recover data or be returned their assets. There is no support team or help hotline to notify about missing funds or a lost private key. Because all transactions are processed and stored in smart contracts on the blockchain without any identified owners or overseers, refunds are incompatible with the network’s model and users are generally unable to regain access to their assets.

So, DEXs have their flaws, too.

The solution

Ok, now that we know all the major shortcomings of both CEX and DEX platforms, what could be the solution here? Apparently, that one to solve them in the most proper way. Here are the core elements that must be present in that solution:

1. Decentralized framework. As mentioned earlier, DEXs are more native to the digital asset market. They go in line with its core goal: enabling P2P user interaction with no intermediary involved. So why would we stick with a conventional centralized framework at a time when we already have such amazing technology as blockchain?
2. Aggregated liquidity in a network of peer exchanges. To prevent the liquidity risk that is imminent in stand-alone CEXs and DEXs, current technologies allow us to aggregate the liquidity in one trading venue without making that venue yet another center of control.

For easier understanding, let’s look at how it works using the example of Yellow Network — a Layer-3 cross-chain overlay mesh network of peer decentralized exchanges built on top of OpenDAX v4 technologies. The network will connect multiple exchange platforms (Uniswap, Pancake Swap, Acala, etc.) through its protocol, enable their cross-chain interoperability, aggregate their liquidity and provide real-time price feeds.

The network will reach blockchains through Layer-2 state channels that grant high trading speed with a still low cost of transactions. For a deeper understanding of how it works, check out Yellow Network’s Litepaper.

In short, here are the main benefits that the end-user gets through such a network infrastructure, whether they are a retail trader or an institutional one:

• secure trading and the absence of the counterparty risk
• high liquidity
• high-speed transactions, enabling even HFT trading
• the best prices, and
• low fees.

3. KYC/AML verification of users. This doesn’t mean at all that decentralized trading platforms must stick to the same legal standards as traditional stock exchanges do. Actually, they don’t have to as the underlying blockchain technology permits them to overcome many issues that conventional exchanges have. However, some of the practices still must be implemented.

As we’ve already heard about the “rug pulls” with scammers vanishing without a trace because no information was requested from them to start acting on a DEX, KYC/AML procedures will be of much help in identifying bad actors.

4. User-friendly interface. That’s simple: crypto trading platforms must be convenient and easy to use for the vast majority of traders, rather than only for a bunch of tech-savvy crypto nerds.

Key Takeaway:

The crypto market is a very live and rapidly changing environment. Though there is still no such thing as a gold standard for crypto exchanges, industry players continue to work on solutions that could bring the digital asset market to the next level: free of risks, bad actors and accessible for everyone. So grab some popcorn and keep observing the progress.