30 October 2017
How’s Bitcoin rate doing? Probably going up and there are many reasons to why. Some invest into Bitcoin, while others use blockchain as a foundation to create unique business models. Many people are simply loving it due to the sheer idea of decentralized economy, meant to overthrow banking financial reign. As for those looking to make a fair and tremendous profit, there are 2 bold ways to do so. One is to create your own cryptocurrency with unique financial capabilities. The other is to create own cryptocurrency trading platform to buy/sell blockchain powered currencies which, of course, includes bitcoin exchange but goes far beyond it. This article is taking the option number 2, embarking on the road to establish a full-fledged cryptocurrency exchange platform and solve the design challenges therein.
The product you are going to build is a seamless marketplace that connects people who buy cryptocurrency to those who sell it, with involvement of fiat currencies. How your platform is going trade may differ. Some cryptocurrency exchanges simply trade with their users at the world market price. Others partially give some open data on the state of trading within the exchange via their order book. They provide users with some advanced functionality like designating set price of their orders. As a person setting out to develop a cryptocurrency exchange platform, you should decide how much transparency are you willing to provide.
One of the first things you need determine is the amount of scalability you will need for the future growth. In terms of growth capacity, the architecture of exchanges is split into 3 types:
Synchronous - not very complex compared to the other two. These small exchanges process each order in a streamlined fashion. The change goes from the interface to the order book and customer’s account. This cryptocurrency exchange can hardly scale and large trading volumes will discompose the order book.
Asynchronous - this is a medium-grade exchange. It is characterized by passing the requests between separate layers. From the UI, each request is added into one of the queues that run as separate services, usually on dedicated machines. Upon execution, request status updates are sent to the UI. Every big feature on the exchange has a separate service that ensures its work. Also, there are maintenance services that run on their own without user involvement. Asynchronous architecture is much more powerful in terms of scalability.
Distributed - based on groups of services much like Asynchronous, this kind of exchange goes further by also splitting the customer requests. These partitions are called shards. They can act and be processed separately from each other. Based on cloud, this kind of exchange has infinite growth capacity.
Most of the notable exchanges are asynchronous. Here is how you create the major functionality that is integral to build a cryptocurrency exchange platform of this kind.
The infamous services that run separate request queues can all operate on a single or multiple machines. They are specifically designed for the latter. Here are the separate components that will run on their own:
Integral elements to sustain the exchange
1. Huge active user base. There must be a large base of people buying and selling. Enough to ensure the demand and supply balance, plus sustain the rates in cases of large orders. In other words – liquidity.
Problem is, you need users to get it, and new users won’t be attracted to an empty exchange. The owner may inject initial assets to get the trading going. But due to the low amount of users, trading volume will eventually be skewed, deviating the rates far away from other exchanges and rapidly depleting all the funds. To ensure that a single purchase does not drastically tip the scales, you need huge amounts of people buying and selling to drown the affect individual has on the general trading.
The issue is resolved with the Market Maker service. It creates virtual purchases instead of real people to balance the trading. Market Maker measures its own rate deviation window by checking the live order book from the APIs of other exchange markets. Your exchange makes purchases within itself and then does them on other exchanges to even out the trading volume. This way exchanges hedge the risks and simulate the essential activity when there is none coming from users.
2. Rapid server response to users. The orders have to be instantaneous. However, when users are trading with the set price feature, it is impossible to send the order information to the server and receive rapid confirmation. Which is sad because the rates are always changing. For this reason, some exchanges confirm the user side of the order long before it is registered on the server, paying the possible expense deviation.
The speed is achieved via memory caching. However, it cannot come at cost of calculations’ quality, which are performance intensive. For this reason, the calculations are carefully verified under the hood.
3. Special user features. The majority of your users will not get into this complex functionality, however, it is essential in bringing seasoned traders aboard. These features are the hardest to pull off:
Multiple cryptocurrencies – implementing support of an entire range of various cryptocurrencies aside from Bitcoin.
Choosing among multiple offers – viewing the prices that traders offer and automatically “taking the best deal”. This is contrary to the practice of releasing only the general market price to the user, without the order book.
Compound orders – creating an automated trading algorithm to buy/sell within a certain rate window.
4. Platform security. Fund safety is the cornerstone concern for a startup company that deals with blockchain. Your exchange market has to be a bank vault in terms of penetrability and fund safety. Here are the main security concerns for your future exchange.
Exchanges are a popular target of choice for hackers. They are both semi-legal and semi-regulated in most countries. This is why the prosecution of culprits who undermine cryptocurrency platforms is a difficult matter. Both with big and small heists, the hackers convert stolen crypto-assets into fiat without much trouble. Intentional malicious activity can be external in its origin and also come from within the group of people you hire as team members of your company. The criminal will attempt to either gain access to a user account or the administrator’s.
There are 5 technical causes for security breach:
Rogue process privilege increase;
Unauthorized admin account access;
Server access violation;
External partnering platform security failure;
Ill intent on part of the staff.
Compromised user accounts. Whether it is confidential data leak on your end, malware on person’s PC or social engineering, there are 5 measures that exchanges do to prevent such incidents:
Integrate top libraries for user account administration;
Use 2-factor authentication for account entry and transactions;
Require real personal documents as well as manual approval from webmasters to greenlight huge transactions.
Compromised administrator accounts. is a number of checks and balances in place to prevent and limit unauthorized activity in case one of the admin accounts gets hijacked:
Every significant administrative feature is divided from the others by being placed on a different page and accessed by a different person;
Limited personnel account access. Each employee can only access the functionality within one’s range of responsibilities;
Collective access. High-value operations cannot be accessed by a single person and require multiple individuals for execution;
Platform development runs independently from the production. The head of developers triggers the automated launch. High-ranking officers monitor the operation.
Malicious processes. Can be brought in due to malware exposure or by a perpetrator. Sinister processes can quickly penetrate an unsecure server and cause significant damage. Here are the features meant to stand between your cryptocurrency trading platform and malware:
Every service is situated on a different machine, physically facilitating any unwanted activity;
Admin notifications for when trading gets unbalanced and transactions become unreasonable for the exchange platform;
Live log displayed in code, showing all financial activity;
DDOS defense via an active firewall. A request has to go via three separate servers and only certain IPs and ports are granted access;
When using cloud servers, each has to be encrypted;
Cold storage devices to keep unused cryptocurrency deposits with a separate device for profits. The devices are hidden in safe boxes and can only be accessed by chief executive personnel with signed paper notices.
This should cover all the measures used to secure the exchange from intentional harm. On this page called Blockchain Graveyard, you may find the world statistics on major cryptocurrency exchange hacks with case briefs.
However, cybercrime is not the only nor the biggest threat to your exchange.
4.2 Unprofitable service provision. Various factors can mess up the trading dependencies and cause unreasonable transactions that will quickly deplete all the funds away from the exchange. Unlike partial monetary loss with hacking, this type of issue can lead to full bankruptcy. Here are the actions used to maintain stable work of the exchange.
Excessive trading volume volatility mitigation
Virtual orders regulate the low trading volume via the Market Maker;
The rates updated by the Market Maker are refreshed almost simultaneously with the source exchange;
Deposit/withdrawal fees help to negate loss of trading volume;
Market Maker service is closely monitored via a live volume dashboard to prevent malfunctions with notifications sent to admins.
A popular feature for currency exchanges is offering loan credit, generally referred to as leverage. Exercise caution as users owing you money are a liability with high likelihood of abandoning you in case of their disadvantage.
User loan return failure prevention
Users are allowed to borrow only 40% more than their overall fiat balance with this feature;
Enabled only for customers with good transaction history and manually approved;
Not allowed if there are no funds in the user’s wallet;
When the user approved for leverage is facing a negative balance, custom service is monitoring the state. It sends a series of repeated notifications about the owed funds both to the user and admins.
4.3 Technical malfunction. Things get broken. Damaged software or hardware can trigger a series of negative changes that will break the trading algorithm. When dealing with huge amounts of money, such bugs can be detrimental to your capital. Here are the best practices meant to minimize the losses in case of such events:
All changes are calculated and reversed if they prove to be wrong;
Double-checks by multiple services. The system is checking the balance in the interface layer and transfer service;
Sum validations. The account balance is periodically checked to match the resulting amount from all operations done by the user;
Regular backup of the order book, accounts and all operations;
Admins are notified in case an abnormal state arises;
User activity log available to admins in order to backtrack all the changes.
This is the general layout of the internal structure you need to put together in course of your cryptocurrency exchange platform development. There are a lot of specifics involved with each element of such project, and we will try to cover them in further pieces dealing with this topic.
See you in our next post
We are just one click away from helping you develop an amazing application! Let’s get in touch. Drop us a line in the form below, and we’ll reach out to you as soon as humanly possible.