- Part 1: Architecture comparison of decentralized exchanges
- Part 2: IDEX, Kyber, and Bancor architecture review
- Part 3: Saturn Protocol and Saturn DAO
- Part 4: Binance "DEX" Review
In the upcoming months we'll publish sneak peeks from our new whitepaper. Today we'd like to share a chapter that compares and contrasts software architecture of a number of prominent exchanges: GDAX, EtherDelta, 0xProject and Saturn Network. Keep reading if you want to know more about how these exchanges work under the hood.
As the saying goes, all software projects have an architecture whether you plan for it or not, so you better think about it in advance. Software architecture determines how the project is going to evolve in the future, how it's going to scale, what new features are going to be possible and, most importantly, what features are going to be impossible. All four projects that are featured in this blog post are remarkable in their own right, and their architectures pick different sweet spots on the gradient between centralization and performance vs decentralization and uncensorability.
GDAX is an example of a centralized exchange. While how such exchanges function under-the-hood greatly differs from exchange to exchange, conceptually they all operate under the same business model and thus from a bird’s eye view they all look the same when it comes to handling cryptocurrencies.
Clients interact with the exchange via a web application. They transfer the funds to the exchange by sending them to a one-time-generated address on the corresponding blockchain. This address is owned by the exchange. In return for the crypto the exchange updates a record in their database. This database stores everybody’s balances, trades, withdrawals and the order book. The database is not guaranteed to be in sync with the blockchain. In theory, a hacker could modify the database, draw themselves a thousand BTC and safely withdraw them. The exchange wouldn’t even notice until it’s time to pay someone else and they no longer have the funds. This is the same architecture that the infamous Mt. Gox had, although undeniably Coinbase/GDAX have done a much better job fending off hacker attacks, as far as we know. At least for now.
EtherDelta is a rather popular centralized/decentralized exchange hybrid.
The majority of the operations are being handled directly on the blockchain. Most importantly, a trader never has to let go of the ownership of their tokens, enabling the whole system to deal with money transfers and execute trades in a trustless manner. The main component of this architecture that can be criticized is the centralized order book server.
This server is fairly well protected by design. In case a hacker takes control of the order book server the orders there are always encrypted. This way the hacker will not be able to simply take the money from the people’s orders, they’ll either be able to trade against those orders (which is what market makers want anyway) or simply delete them all. The latter would remove all liquidity from the exchange and will render it unusable, which is a much scarier attack but way less catastrophic than lost funds.
The centralized component does come with a caveat. EtherDelta has the ability to censor the orders in the order book if they are suddenly forced to. They can also frontrun traders on lucrative deals taking unfair advantage of information asymmetry, which is a much more sneaky and scarier attack because, until regulations arrive, it can be performed without being detected.
Overall, EtherDelta requires no less trust than a centralized exchange when it comes to fair trading. On the other hand, you do not have to trust them with not losing your money (you are always in control of your wallet), thus they are much harder to steal money from compared to centralized counterparts.
In November 2018 the founder of Etherdelta was charged with Operating an Unregistered Securities Exchange by the SEC. While the charge itself is yet another demonstration of the power hungry nature of the US government, it highlights that the SEC will attempt to hold onto its power and will attempt to attack the owners of every single centralized component in the DEX architecture.
0x project can be summarized as EtherDelta's ideas taken one step further, from a single exchange to a multi-national chain.
0x business model is creating franchises for hybrid centralized-decentralized exchanges, which they falsely advertise as decentralized. They provide code libraries for making an exchange, or a relayer per their vocabulary, that can work in 0x network.
A core benefit that this project has over already established EtherDelta is the so-called shared liquidity pool. Since all relayers in the network speak the same 0x protocol they are able to share liquidity between each other. This should, theoretically, help bootstrap the network, as many exchanges are going to work together on building one large order book. Also theoretically, this should foster innovation among exchanges within the network to differentiate between each other based on better user experience and lower fees.
Just like McDonald's lets you have a franchise and sell hamburgers if you agree to lease the land for your restaurant from the parent company, 0x provides you with all the help you need in order to launch an exchange but they insist that you trade all tokens against ZRX token that they created if you want to take advantage of the shared liquidity pool.
In practice, both these ideas, in the humble opinion of this whitepaper's authors, seem to contradict the basic business model of an exchange. It takes quite a bit of work to build the technology for an exchange, even if the token-handling part is already provided. But it takes many times more work and luck to market your exchange and to attract customers. The customers build the order book for the exchange and this order book acts as the so-called competitive moat fueled by network effects.
The exchanges, once established, have no incentive to share their order books with others and thus create competition for themselves. This problem is supposed to be solved in a future 0x protocol version. As of writing this whitepaper, the exact details of how this problem will be solved and estimated time when this change is going to appear in the mainnet remain a mystery.
A number of 0x exchanges are already running in the mainnet, each one with its own unique strengths and weaknesses. Since liquidity sharing is not enabled yet the architecture for these exchanges is identical to that of EtherDelta and is not worth a separate discussion.
The shared liquidity pool, if it ever takes off, will make the architecture look slightly more interesting. 0x founders currently recommend that exchanges, or relayers, implement a standard API. There isn't much more information provided on the future plans for shared liquidity pool's implementation, but supposedly each exchange is supposed to individually subscribe to all other exchanges' API services.
The design of 0x protocol mandates that orders are to be kept off-chain, which means on individual exchange's centralized servers just like EtherDelta currently does it. Thus the problem of sharing orders among exchanges is reduced to a standard information sharing and service discovery problems in computer science.
There are a number of ways to distribute information. The evolution of internet during the Web2.0 era has shown us that as soon as big businesses start using decentralized protocols for information sharing there are certain market pressures that force them to centralize data ownership.
It is more efficient for the global economy if everybody uses the same office suite, the same search engine, the same social network. Similar to that, if 0x liquidity ever hits the scale of big centralized exchanges, this same market pressure will create a player in the market that will become the de-facto standard 0x liquidity provider / order book aggregator, and the architecture of the resulting system will look like the one depicted on the diagram above. While the shared liquidity pool is called 0x servers on the illustration, a pedantic reader would point out that 0x does not host any centralized servers. In the future even if they as an organization do not, someone else will fill this market niche. Since nobody has done so yet (but there are already contenders in this space) we will just keep calling them 0x servers in this chapter.
When it comes to dealing with the centralized parts of the architecture the same problems as with EtherDelta remain but the tradeoffs look slightly different. Because ultimately each exchange maintains their own database of orders, bringing one down will not make a big impact on the overall liquidity of the network. However, if 0x's servers are ever down this will be the end for the shared liquidity pool as all the orders from it will be destroyed.
Censorship becomes more interesting than a simple denial of service attack. There are two types of censorship attacks that can be performed on the 0x network.
The first is individual exchange censorship. A large enough exchange can benefit from the shared liquidity pool that other exchanges create, while keeping all the limit orders created on the exchange to itself and not sharing them with the liquidity pool. Thereby this exchange can market itself as one that has more liquidity than the whole 0x network and thus pull the users from other participants.
The second is censorship that the big liquidity aggregators can perform. Since they ultimately control the shared liquidity pool on their centralized servers, the aggregators get to decide if an order created by some particular address, or a particular exchange, should be distributed to the global network. It wouldn't be surprising to see these aggregators demand a fee for adding a new exchange to their feed. At the end of the day, all these costs, alongside the costs for maintaining the off-chain servers, will be transferred to traders - the consumers of the exchange product.
Ultimately, 0x looks like an interesting continuation of EtherDelta's ideas, and they build on top of it by introducing more centralized components and an ERC20 token which they force the exchanges in the network to adopt. The big overarching goal of 0x project is to promote decentralized exchanges and grow their market share, and they have already done a remarkable job doing that. 0x founders chose to attack this problem using a franchising business model, where they own the brand and enable others to create decentralized exchanges that, due to the network effects that the founders impose, will have to trade ZRX token.
Once 0x will be large enough it will surely attract financial regulators and it will be interesting to see how they protect their "decentralized" platform given that censoring and regulating it is technically possible. For example, if China decides to ban the websites of 0x relayers, their "decentralized" network will be censored and neutralized. Similarly, since relayers need to maintain physical infrastructure and thus need to be registered as a business, the regulators can force these exchanges to implement KYC lists, which would tie individuals to Ethereum addresses, which would be the ultimate end game for our Wall St. rulers.
0x relayers essentially implement, host and own mini etherdelta clones. As such, they are all vulnerable to the very same Operating an Unregistered Exchange charge. The only way to bypass this regulation would be to implement strong KYC as well as strict listing guidelines. In fact, these two items are already on the roadmap. Can you really call such exchanges decentralized?
The future shared liquidity aspect of 0x protocol implies that all relayers within the network have to play by these rules, as even a single relayer that doesn't respect the KYC & listing rules will end up propagating its orders throughout the network, and owners of other relayers may end up answering to the SEC which they will definitely try to avoid. Thus, the network will end up implementing some sort of whitelist for relayers - an aspect that was never highlighted in their whitepaper or in their token sale materials.
At that point, 0x starts to looks less like a decentralized exchange protocol and more like a centralized exchange cartel.
Unlike all other exchanges in this comparison, Saturn Network is the only exchange that has on-chain order book. In fact, all of the data is stored on-chain, without a single centralized component necessary.
This decision was not taken lightly as it has certain downsides compared to more centralized alternatives. However, a fully on-chain exchange has a number of very important qualities that overpower any potential drawbacks. These qualities are:
- Saturn Network cannot be censored without blocking the whole blockchain. So far nobody, not even a powerful government, were able to censor Ethereum blockchain. On the other hand you don’t need to go far for an example of a country blocking entire businesses, even those owned by well-connected and wealthy international corporations. To put it bluntly, if the Chinese government decides to block EtherDelta’s or 0x's order book servers then the exchange will not be able to function on Chinese territory.
- Saturn Network’s trading engine has no maintenance costs. All financial transactions happen on the blockchain that is secured by Ethereum miners. Zero maintenance costs enables Saturn Network to compete on fees with any other exchange in the world.
- Saturn Network’s architecture eliminates any potential downtime. Bitcoin has a track record for producing blocks at a regular pace for almost 9 years. Ethereum consistently produces new blocks every 15-20 seconds. While individual servers can crash at any time the blockchain keeps on living. The protocol itself ensures that Saturn Network will not have any downtime or lost orders as long as the blockchain lives. In contrast, when a piece of centralized infrastructure, such as the order book server, fails in another exchange, that exchange will go down and trading will stop, causing massive inconvenience for its former customers and negatively impacting the global markets.
- Saturn Network preserves your anonymity and does not store any data it doesn’t need. Even if you yourself don’t collect any compromising metadata about your users, such as their IP address and time spent on the website, rest assured that your hosting provider already does this for you. That’s why any product that has a centralized component is a potential privacy liability. Saturn Network has one centralized component - the website with the user interface - that is completely optional to use. You can execute trades directly on the blockchain by calling functions on the smart contract, using a blockchain node that you own and control. Furthermore, with the release of our open source API we envision our community developing multiple alternative UIs (similar to how a blockchain can have multiple different explorers), which will only further improve the ecosystem and the percieved uptime of the exchange.
- All traders are equal. While the Wall St. banks and exchanges have tight regulation and supervision that tell them what they can and cannot do, cryptocurrency marketplaces currently have very minimal oversight. This means that centralized exchanges can engage in otherwise unlawful practices, such as frontrunning, wash trading and other tricks. You don’t need to go far for a recent example - the way Coinbase has handled adding BCH has raised questions not only from the community, but also from Coinbase’s board of directors. They know that the next stop is questions from the SEC and a securities fraud lawsuit. The enabler of all these tricks, and the reason why they were made illegal, is the information asymmetry. When the exchange owners have better and faster access to information than other traders it creates a power imbalance. Storing the full order book and trade data on the blockchain is the only way to ensure that everybody plays by the same rules.
One more thing to mention is that since the financial aspect of Saturn Network is a smart contract, it is essentially public property just like the blockchain itself. So if someone else wants to set up a mirror of Saturn Network with a different user interface, or maybe embed Saturn Network's order book into their own website like a widget, they are free to do so, and all of the exchanges that operate on top of Saturn Protocol will share balances, orders and liquidity with each other. It is like a shared liquidity pool on the blockchain without double-layer centralized servers.
GDAX is an example of a trusted centralized exchange with high performance and high throughput.
EtherDelta was the pioneer of decentralized token exchanges and they invented the centralized order book server model that lowers the cost of participation for market makers and shifts the fees (including the Ethereum transaction fees) entirely on the shoulders of takers.
0x took EtherDelta's ideas and turned it into a full fledged franchise empire with built-in reward economics that are supposed to bootstrap the network and make it the largest decentralized exchange network.
Saturn Network focuses on 100% decentralization and censorship resistance by moving all of the necessary infrastructure onto the blockchain. The reason why blockchains took the world by storm is that they removed intermediaries, made money transfer cheaper and gave control of the money back to the people. Saturn Network, in a similar way, tokenizes crypto trading by removing intermediaries and giving control of the exchange itself back to the people via DAO governance model. The very same governance model ensures that Saturn Network is a modifiable, upgradable system with a positive feedback loop that incorporates all cutting-edge technology in order to serve its customers better for years to come.
2019 will be a formative year for cryptocurrencies and exchanges will be at the forefront of this revolution as they form the backbone of cryptoeconomics. With the imminent upcoming regulations decentralized exchanges are posed to take a much larger market share within the next twelve months. All of the exchanges mentioned above have different architectures and thus different pros and cons, and will compete for different shares of the global trading market. We hope that the choice of the exchanges will be driven by trader's preference and not by CEO profit hoarding desires and that competition will ultimately make trading safer and cheaper for everyone.
Application programming interface - essentially, they recommend that all relayers speak the same language. ↩︎