A crypto asset exchange is an electronic venue for buying and selling crypto assets. Currently, the majority of crypto asset trading occurs on centralized platforms like Coinbase, Poloniex, Binance, Bittrex, etc that collect fees for facilitating trades. Many believe that assets powered by decentralized technology should be traded on decentralized platforms. This revelation, along with several events that have degraded trust in some centralized exchanges, have led to a rise in decentralized exchanges, or DEXs.
Centralized crypto exchanges aggregate liquidity, custody customer assets, and execute trades. Every trade is reflected as a change in the exchange’s database. Users deposit their funds into the exchange wallet address, which pools all customer assets. Trades are conducted on an IOU basis. Users do not get actual delivery of their funds until they explicitly withdraw their funds from the exchange. Centralized exchanges are fast because they are centralized and don’t swap assets on-chain.
Benefits of legitimate centralized exchanges include that they offer significant liquidity (~99% of crypto trading occurs on centralized exchanges), offer fiat on-ramps, offer greater trading functionality and the ability to use sophisticated trading strategies, offer institutional support, and comply with regulations of the jurisdictions in which they reside. However, they also have some points of weakness and not all crypto exchanges have a robust infrastructure in place.
Some or all of the funds in a centralized exchange could be stored in a “hot” wallet on the exchange’s servers to facilitate quick withdrawals. Hot wallets are at greater risk of being hacked by virtue of being connected to the internet. Centralized exchanges with weak security measures and infrastructure are especially attractive targets for hackers because they collectively store large sums of customer funds, and security breaches have led to significant losses.
In the past couple years, centralized exchanges have also become more careful in listing assets due to regulatory uncertainty around security laws. Given the large amount of ICOs in the last couple years, people worried that tokens they purchased in an ICO would be illiquid. For these reasons, there has been heightened interest in developing decentralized platforms to address some of the drawbacks of centralized platforms.
Decentralized exchanges (DEXs) are applications built on top of dApp platforms (such as Ethereum) that use smart contracts to facilitate trading. There are currently over 250 DEXsM and over 30 DEX protocols. A DEX protocol is not exactly a DEX itself, but rather provides teams with the tools they need to build a DEX, so they don’t need to worry about building the smart contracts needed to power their DEX. The most popular DEX protocol is 0x. The standard feature that makes DEXs “decentralized” is that they do not custody customer assets. Rather, users are responsible for holding assets in their respective wallets, which should reduce the risk of being hacked.
The key differences lie in where the orderbook is hosted, how orders are created, modified, matched, and cancelled, and how transactions are executed. This determines the architecture and where DEXs lie on the decentralization spectrum. For example, a DEX could be fully decentralized and submit every order creation, modification, cancellation, and settlement to the blockchain.
However, this is problematic due to the scalability limitations of existing blockchains because users would have to submit multiple entries to the blockchain, even for theoretically non-critical actions. As a result, very few DEXs are fully decentralized. Most DEXs have chosen to use a hybrid centralized/decentralized approach by keeping non-critical actions off-chain and critical actions on-chain.
Off-chain orderbook & On-chain settlement
The two DEXs we discuss in this report, 0x and IDEX, both use a hybrid off-chain orderbook model with on-chain settlement. This allows users to post and modify orders in real-time - much faster than if everything had to be mined on-chain. They attempt to minimize trust in the central entity hosting the website by not giving them the power to automatically match and execute1 trades. Rather, traders manually choose and fill orders by signing them and submitting them to the blockchain (or submitting them to a trade arbiter who submits it to the blockchain).
0x and IDEX are different in that 0x is a base layer protocol for building DEXs and IDEX is a proprietary DEX. Because 0x is a base layer protocol, the DEXs building on top of 0x - called relayers - have some flexibility in what strategy they employ, and strategies can differ from relayer to relayer.
General DEX Advantages
All DEXs are non-custodial, meaning that DEXs do not pool user funds in a single wallet or central server. Rather, users are in possession of their funds and grant permission to the DEX smart contracts to access their funds to facilitate trading. This eliminates the security risk of holding customer assets in a single wallet. Funds are settled in a peer-to-peer manner.
DEXs could enable seamless integration with other dApps built on Ethereum that require exchange functionality. For example, the 0x team has said relayers could implement KYC by integrating a provider like Polymath or Harbor to whitelist Ethereum addresses that have been through an off-chain KYC process and are permitted to trade on the platform.
Another unique feature is token abstraction, which obfuscates the conversion between different tokens for users. An example of this is Weasel, which allows ETH holders to send DAI in Status without the user having to convert from ETH to DAI. Weasel trades ETH for DAI on behalf of users through KyberNetwork.
General DEX Challenges
The user experience of DEXs (and most dApps in general) is still a work in progress as users have to wrap their heads around trading through a wallet rather than an exchange account, the latency associated with on-chain settlement, and more. Centralized exchanges have a familiar and relatively more easy to understand process whereas many decentralized exchanges have confusing exchange interfaces and processes that requires getting used to.
SMART CONTRACT BUGS
Ethereum-based dApps and smart contracts are built using Solidity. However, it is widely recognized that Solidity has major design flaws and a lack of verification tools. As a result, it is possible for developers to make mistakes when deploying smart contracts, and bad actors can exploit these bugs to compromise user funds.
Ethereum-based DEXs currently only offer the exchange of ERC-20 and/or ERC-721 tokens and do not currently offer cross chain exchange. Cross-blockchain atomic swaps could address this issue. However, decentralized exchanges that enable cross-chain trading are likely to exhibit these challenges and more. Additionally, DEXs do not offer a fiat on-ramp. Thus, users have to convert their fiat to ETH and potentially convert the ETH to the native token of the DEX (i.e. ZRX in 0x).
DDOS AND DNS ATTACKS
In theory, one of the major advantages of dApps running on blockchain technology is zero-downtime. However, the existence of centralized components prevents dApps from realizing this objective. The more centralized a DEX, the higher its risk of being the target of a DDoS (distributed denial of service) or DNS (domain name service) attack on its central servers. This is also a risk with centralized exchanges. A DDoS attack happens when servers are overloaded with traffic from multiple sources that makes online services unavailable. A DNS attack happens when an attacker gains control of a website’s DNS server and redirects visitors to a malicious website that can compromise user information and/or funds.
EtherDelta was the subject of a DNS attack in December 2017. The attacker did not gain control of the exchange’s smart contracts, but was able to take over its DNS server for a few hours. Visitors who used the site during the attack might have sent funds to the attacker. It was reported that about $250,000 worth of ETH and an unknown amount of other ERC-20 tokens were sent to the attacker.
When the first DEXs went live, people assumed their benefits would include censorship resistance and no KYC, unlike their centralized counterparts. However, in recent months, we have come to discover that if any component of a DEX is centralized, it can be subject to regulation. Recent comments from regulators also show that DEXs that are fully decentralized could still be subject to regulation if lawmakers believe that they facilitate the trading of security tokens, or regulated options or derivatives.
In November 2018, The SEC charged former CEO of Etherdelta (Zachary Coburn) for violating federal securities regulations (Exchange Act Section 5) by operating an unregistered securities exchange. According to the SEC, Etherdelta qualified as an exchange because it operated as a marketplace for bringing together the orders of multiple buyers and sellers in tokens that included securities. However, due to lack of concrete guidance at this point, it is very challenging to know what the SEC does and doesn’t consider to be a security, so DEXs could be unknowingly violating securities regulations.
Some DEXs are trying to avoid listing any assets regulators would consider to be securities to avoid having to register as a national securities exchange. Alternatively, if a DEX does offer tokens that might be classified as securities, the only way to qualify for an exemption would be to register as an ATS. If a DEX is fully decentralized (on-chain orderbook, non-custodial, no trade execution) and offers securities tokens, it would be more difficult for regulators to enforce exchange laws, because there is no central point of contact.
Others are taking a proactive approach and implementing KYC/AML processes to comply with money laundering and sanctions regulations (IDEX). 0x has also said that relayers could restrict trading in certain tokens (“permissioned tokens”) to users to those who have completed an off-chain KYC/AML process through entities like Harbor and Polymath.
ON-CHAIN SETTLEMENT AND CANCELLATION
The latency and cost associated with the Ethereum blockchain creates challenges for DEXs using on-chain settlement and on-chain cancellation.
- Trading strategies - Many DEXs do not yet support sophisticated exchange functions such as margin trading2, stop-loss orders, high frequency trading, or other trading strategies because they are limited by slow on-chain settlement and/or on-chain cancellation. IDEX claims it improves upon this by keeping cancellations and execution separate from trade settlements and cancellations via a trade arbiter.
- Arbitrage - DEXs with on-chain order cancellation are more exposed to in-market arbitrage opportunities because users cannot quickly cancel stale orders in response to market fluctuations.
- Race conditions - On-chain settlement and/or on-chain cancellation also exposes users to risks such as frontrunning, trade collisions or maker griefing.
DEXs currently have inadequate liquidity in a classic case of the chicken-or-the-egg. Traders are attracted to platforms that offer liquidity but platforms need traders to aggregate liquidity. In the last 24 hours as of this writing, the top five DEXs had about $3.2 million in volume (30,700 ETH) versus $7.5 billion in combined volume on the top 5 centralized exchanges. However, DEXs are still in their infancy, and liquidity could increase if/when DEXs address the challenges outlined here.
Today’s DEXs seek to address perhaps the most important problem in crypto trading - custody of user funds. However, they have not yet perfected the solution and have simultaneously introduced a plethora of new dangers that need to be addressed before they can begin to compete and coexist with their centralized counterparts. It could be the case that users initially use DEXs to trade in the long tail of tokens that do not meet the listing standards of centralized exchanges, while users use centralized exchanges to trade in primary crypto assets. But this is also in question given most DEXs are not fully decentralized, making them as vulnerable to regulators enforcing securities laws as centralized exchanges.
In the 0x and IDEX sections below, we discuss the structure of these two DEXs in greater detail and explain how they are attempting to address some of the challenges outlined above. 0x is the most popular DEX protocol and IDEX is one of the most popular DEXs, by volume.
Source: dex.watch/ Dec 19, 2018
0x is an open protocol for exchanging ERC-20 tokens on the Ethereum blockchain using an off-chain order relay and on-chain settlement strategy. It’s native token, ZRX, is used for trading fees and ultimately, governance. 0x is a public system of smart contracts with a formalized message schema that outlines how an order should be structured. 0x is not a decentralized exchange itself3, but rather democratizes the process of building a decentralized exchange. The founders believe the true value lies in equipping teams with the tools, libraries and smart contracts needed to build for-profit relayers (0x’s version of DEXs) and creating a global pool of shared liquidity. Thus, 0x is to relayers what Ethereum is to dApps - a platform to build upon.
After spending time with dApp teams building on Ethereum, Will Warren and Amir Bandeali, co-founders of 0x, identified a key problem - multiple dApps would require exchange functionality and were building one-off exchanges with one-off tokens that were not interoperable. In December 2016, 0x pivoted to developing open DEX infrastructure that anyone could build on or plug into. 0x was built with the intention to address the fragmented ecosystem of dApps and DEXs, combine liquidity to create a global liquidity pool, and automate trades on behalf of users by allowing smart contracts to execute trades automatically with a single line of solidity code.
There are currently sixteen relayers built or building on 0x. The top three relayers by 24-hour volume are DDEX, Paradex, and Radar Relay. Additionally, there are nineteen projects using the 0x protocol, many of which are in the DeFi ecosystem, including District0x, Maker, Dharma, and Melonport. 0x launched version 1 of the protocol on the Ethereum mainnet in August 2017, a few days before launching the ZRX token sale. It launched version 2 in May 2018.
Will Warren (CEO), Amir Bandeali (CTO), Fabio Berger, Leonid Logvinov, Alex Xu (14 total team members)
Fred Ehrsam (CEO of Coinbase), Olaf Carlson-Wee, Joey Krug, Linda Xie (Co-founder of Scalar Capital)
Pantera, Polychain Capital, Blockchain Capital, JenAdvisors, Fintech Blockchain Group
0x raised $24 million in its token sale on August 15, 2017. Tokens were sold to those who registered to participate in the token sale through a smart contract that executed The Genesis Trade - a huge sell order for 50% of the total supply of ZRX tokens (500 million tokens) distributed to ~12,000 people that registered.
0x has a fixed supply of 1 billion ZRX tokens. The distribution of ZRX tokens is: 70% to crowd sale investors, 18% to the Foundation, 10% to the founding team, and 2% to advisors. The lockup period for founders, advisors, and staff was over a period of three years with a schedule to release 25% following the sale and 25% after each subsequent year in monthly installments. New staff has a 4 year vesting schedule with a one year cliff.
The ZRX token has two connected functions. At its core, ZRX is meant to be a governance token. While it is not currently being used in a formal governance process, the team is working towards implementing a fully decentralized governance process via liquid democracy. In order to achieve distribution of the ZRX tokens to key stakeholders, specifically relayers and traders, relayers using an open orderbook strategy must collect trading fees in ZRX tokens. Relayers using an order-matching strategy can collect fees in ZRX tokens, but it is not mandatory.
Off-chain order relay/On-chain settlement
The 0x protocol uses the off chain orderbook/on-chain settlement model. In this model, users compile the parameters of a trade into a message or a packet of data that they cryptographically sign with their private key but do not broadcast to the blockchain. Rather, they either send the message to a specified counterparty directly (point to point order)4 or send it to a relayer to include in their orderbook (broadcast order). While relayers have access to cryptographically signed messages, they cannot touch user funds - they are non-custodial.
The key components of the 0x protocol include:
- Makers: or market maker, the party that creates, cryptographically signs, and broadcasts an order, providing liquidity.
- Takers: or trader, the party that fills orders created by makers.
- Relayers: entity that aggregates and displays orders from makers on an off-chain orderbook (a proprietary website).
- Exchange contract: the Ethereum contract, which settles an order by moving funds between two parties at the specified exchange rate. The contract is not controlled by anyone.
A taker executes a trade by broadcasting a cryptographically signed message using the Exchange contract. If all parameters are satisfied (i.e. the cryptographic signature is correct and both sides of the trade have sufficient funds), the transaction is added to the Ethereum mempool. The transaction is considered complete once it is included by miners in a block on the Ethereum blockchain. Funds are kept in users’ Ethereum wallets until a taker fills the order, at which point, funds are exchanged in a peer-to-peer manner, bypassing third party rails.
Executing a transaction requires the payment of gas fees (aka transaction fees) to miners who include transactions in a block. Unlike users of DEXs that use on-chain orderbooks, users of 0x do not pay gas fees to create or modify a transaction5. The current downsides of on-chain orderbooks include high latency and bloat on the blockchain because users must wait for every modification to be verified on-chain. Additionally, users must pay gas fees for every modification because it is mined on-chain. The trade-off of centrally hosted off-chain orderbooks is that they are less decentralized than on-chain models.
Relayers facilitate trade in ERC-20 tokens. Trading on relayers built on 0x requires users to “wrap” their ETH (or trade ETH for WETH), because ETH is not compliant with its own ERC-20 token standard. WETH is equivalent to ETH but is in a standard that is compatible with the ERC-20 tokens traded on the platform. Relayers do not charge for this, but users need to pay gas fees to “wrap” and “unwrap” ETH. In 0x v2, 0x introduced a forwarding contract, that allows dApps to abstract away the process of converting from ETH to WETH. “With the forwarding contract, users can simply send ETH and the orders they want to fill, and the forwarding contract will wrap the ETH and fill the orders in one single transaction, eliminating the need for WETH for takers.”
Will Warren describes the first component of the 0x protocol as the message or order schema. Users must specify certain parameters in the message such as the expiration time, trade price, fee recipient (relayer), fee amount, counterparty (optional), etc. Users then cryptographically sign the message and create a point-to-point or broadcast order.
- Point-to-point order: In a point-to-point order a maker creates an order with a specific taker in mind and the order can only be filled by the specified taker.
- Broadcast order: Broadcast orders do not specify a taker address, allowing a broadcast order to be filled by anyone that happens to intercept it.
The second component is the system of 0x smart contracts, which is broken into two modules:
- Exchange module: The Exchange contract accepts the packets of cryptographically signed data, processes them, and settles trades on the blockchain. This contract authenticates cryptographic signatures to confirm that counterparties have the funds needed to execute a trade and ensure that an order hasn’t already been filled or expired.
- Governance module: The second module allows the Exchange module to be upgraded over time without bringing the system to a halt and is intended to prevent hard forks of the protocol (which would create fragmented liquidity - the problem 0x wants to solve). We provide additional details in the governance section below.