[Discussion] Additional features we want for B&C Exchange

So I’d thought I begin a topic about features we’d like to see for B&C Exchange. Now I’m far from sure that all of the proposals I make are even technically possible so bear with me, this is meant more as a place to form our desires of what we would like to see. I encourage everyone to partake and offer your views on what you would or wouldn’t like to see added to B&C Exchange. Also if you have knowledge on the difficulty or technical impossibilities of some of the proposals please do add them in this topic. So for now here is a list of features I would like to see added to B&C Exchange, with a short explanation of my reasoning for them.

• Mobile browser support: It’s very important for anyone trading crypto to have access to the trading platform at all times, I would strongly urge a mobile site version to be up and running by the time B&C enables trading. I personally would not trade on an exchange I do not have access to 24/7 and I’m assuming this will be true for the majority of traders.

• Dedicated app support for android and IOS: We’re trying to sell a product, and for the majority of people easy to use, user friendly, fancy looking apps are a deal breaker. I know it’s not an absolute necessity but I think this will add significant volume to B&C. Priority is obviously lower then mobile browser support but I still would like to see this added as soon as possible after the high priority features are added.

• 2FA security: Now I don’t know if this is technically possible but 2FA adds so much additional account security that I would deem this among the highest priority of features we need. Only an account name and password is way too weak for account that hold significant amount of funds. Without 2FA or something similar I don’t see B&C becoming a success.

• Email validation: Again I don’t know if this is technically possible but I would like to see email tied to one’s account and also preferably with options like fund withdrawal needing email conformation.

• Account recovery: We need to have a good procedure in place in case people lose access to their accounts. I’m not sure how we would technically do this, maybe funds could get released by reputed signers in case someone loses access to their account. This would be similar to way reputed signers could steal funds by working together.

• Customer support: Even though B&C Exchange should eventually be as easy to use for the public as a centralized exchange we should expect similar support requests as a centralized exchange. This means we need a professional customer support. I think there are 2 options, either we go with a large team of volunteers (30/40+ people) that donate roughly 2 hours a week to customer support. Or we need to pay 2 people as full time customer support.

• A website where Blockshare holders can discuss B&C exchange and post motions etc. Personally I really like this site so if we could get a dedicated sub forum for everything related to B&C exchange and motions that would be great.

• Image packages to easily make clones of the B&C Exchange trading functionalities. It would be great if we could get an easy to use package which people could install and their own server and host an additional B&C website. Would be even better if it came with easily customizable fronts and stuff so people could create themed B&C exchanges.

• Reputed signer support: A part of the B&C exchange forum needs to be dedicated to reputed signer support, a place where we could discuss reputed signers and where they could make proposals to become one. Also this needs software support so the technical aspect doesn’t deter good people from becoming reputed signers.

• Wallet functionality: B&C Exchange could be more then exchange it could also be world’s safest online wallet. I would love to see the aspect fully developed by the time trading go’s live. This could be a huge selling point for people looking to store large amounts of crypto, safely online against small fees.

Thank you for starting this discussion!
I hope rather sooner than later @BCExchange chimes in and tells us a little bit about the development road map.
I hope that some features might already be included.

A website (operated by BCE) providing customers with access to the BCE account would be the basis for a good mobile browser / smartphone support.
So I’d like to add that to the list.

App support might be costly but eventually worth the money.
I don’t know how to tie 2FA to a BCE account (should be impossible), although I need to admit that I’d like it. Tying it to the website access should be fairly easy, though.
Email validation is the same as 2FA; not possible for the BCE account, easy for websites.
Account recovery: impossible to automate that for the BCE account; easy for the website access.
Customer support: good idea! I expect that to mainly happen on the forum. Something more sophisticated might be appropriate.
Image packages, virtual server images, RaspberryPi images are great candidates for providing easy setup of exchange websites. Only the most wanted solutions should be developed as maintainung them can be quite costly (in case of BCE updates that require package updates).
Reputed is of utmost importance - both the technical part and the guidance of the signers.
As soon as websites are available and multisignature transactions are in place, it already is the world’s most secure online wallet

As soon as we have found out what are the most wanted features (that are not already included in the development road map), cost estimations can help to decide which to develop first.
BCE might need to have BKS grants, before that can be done. It looks like 50,000 BKS will soon be removed from the sale and become burned.

Regarding all the security related features: I understand the desire for them, but don’t forget that BCE is “just another blockchain”. You don’t have account recovery for your peercoin wallet except for backups, right?

I would like to echo MoD that website development is very important. Theoretically, we could have a full website with all the features of a normal exchange, where the backend is B&C. Ideally, many servers would be hosting such an exchange.

To keep in line with the first motion, perhaps we should focus in on a single piece of software to fund. Development of a website with user login, including all the security measures therein, may be an absolutely necessary step forward to general acknowledgement from the broader community.

1. What developments for rpc or whatever else need to occur before the backend is ready? i.e. How much USD do we need, in addition to the initial 200k before the blockchain is ready for trading like a normal exchange?
2. How much USD do we need to build the website? Can we do this without login or security measures at first and require people to have local wallets, or is login a necessary part of the process from the start?

There is a huge difference though, besides having things like a paper backup and recovery keys the difference is a peercoin wallet is offline. Hence it is only accessible with the wallet file. The B&C exchange will be accessible online, a mere keylogger would be enough to steal your login and pass and thereby having access to all funds. We need more than just a pass and login else it will never be safe. I personally would not use B&C Exchange if all that was needed to access my account is a login and pass, just way to risky. Also hackers will be quick to realize this and start targeting users of B&C Exchange.

A keylogger on a machine where the passphrase for the Peercoin wallet gets entered creates the same problems.
You can very well leave your BCE wallet offline and move it to cold storage. That’s not different from any other blockchain.
Maybe I still understand it wrong, but to my knowlegde BCE is (what I already said above) “just another blockchain” - with all benefits and drawbacks that apply to a blockchain based solution.
Admittedly I don’t know how a website can provide users with access to their “BCE account” without posing some risks.
But my understanding is that you need to have a kind of “brain wallet” to access your account via website - the same for accessing your account via your BCE client app on your computer.

Could we have the website prepare the multisig and everything by running a full B&C node, then you take the unsigned Txn off the website and send it to your wallet, where you sign it with your private key, then send it back to the website?

Why don’t you make all with your wallet then and save the fee for using the exchange website?

You don’t need to be running a B&C node, just have a btc and an ltc cold wallet and you can trade btc for ltc on the website.

[quote=“masterOfDisaster, post:5, topic:2505, full:true”]A keylogger on a machine where the passphrase for the Peercoin wallet gets entered creates the same problems.
You can very well leave your BCE wallet offline and move it to cold storage. That’s not different from any other blockchain.
Maybe I still understand it wrong, but to my knowlegde BCE is (what I already said above) “just another blockchain” - with all benefits and drawbacks that apply to a blockchain based solution.
Admittedly I don’t know how a website can provide users with access to their “BCE account” without posing some risks.
But my understanding is that you need to have a kind of “brain wallet” to access your account via website - the same for accessing your account via your BCE client app on your computer.
[/quote]

I thought the B&C Exchange account was very different from an offline crypto wallet? So you can only access your B&C Exchange account from your offline wallet?

Now I get it. Sounds impressive!
…but how do you pay the BKC for the transactions then?

Honestly, I don’t know. I’ve read the design several times, but I fear I still don’t understand the inner workings.
Better let someone from the dev team explain that. I might be completely wrong

Pay both the btc blockchain fee and the B&C BKC fee out of the btc you used to buy the ltc (all done with multisig). Or something. I have no idea how any of this works, I’m just saying what would be cool I think.

I might be completely wrong as well but this is my understanding. The accounts on B&C are mere information stored on the blockchain and can only be accessed through a terminal (B&C website) that understands the information on the blockchain and interprets that information into a format comparable to centralized exchanges. All funds on the exchange from all accounts, orders, etcetc are stored in the wallets of the reputed signers. Someone accessing their account is merely giving a message to the reputed signers to move the funds around, that’s all. So I don’t understand why one would need an offline wallet to use the account.

Then this also means if I am correct that with just the login and password you could access your funds anytime anywhere you have an internet connection. Which would make it so vulnerable to keyloggers.

The funds are not really in the wallets of the reputed signers. Only the private keys for the multi signature transaction on foreign blockchains are there.
If you want to deposit, say Bitcoin, the BCE blockchain would receive a deposit transaction. That creates a multi signature address in the BTC blockchain and the reputed signers that sign this address can move the funds if authorized (by a withdraw tx or an order fill tx).
All funds of all accounts are stored in their native blockchain in multi signature addresses.
The reputed signers store the private keys for them.
So more or less the funds are in the wallets of the reputed signers, but they can only move them if there’s a reason and consensus to do that.
So you need to take care that nobody can fake a reason
The transactions on the BCE blockchain require the private key of the BCE account - accessed either by wallet or a website. This private key needs to be protected.
If this understanding is correct I can’t imagine how to recover an account in case the private key gets lost. You’d need a backup of the private key for that…

Ok, so I was wrong but only a little, because you could still use a cold B&C wallet to keep your B&C private keys, then download an unsigned Tx, sign it cold, and upload it again to the website (which broadcasts to the network, which tells the signers to move the funds). Yah, it would be convenient if there were centralized services that stored your private keys for you on a secure server, but we don’t necessarily need to make that right away do we?

This would be the single point then that needs to be attacked by competitors, blackhats, governments, etc.
The parser in my brain didn’t get irony tags - is my parser broken?
Storing private keys anywhere would require 2FA that secures the key (to satisfy may paranoic needs). I have no idea how a composite private key with a changing part (the 2FA) could technically be possible (I doubt it can) and I don’t know how running a decentralized 2FA could work (which would be necessary to avoid another single point of attack).
What other ways to secure private keys can you think of?
The only solution that comes to my mind is to use multi signature transactions for the BCE wallet.
But I seriously wonder how that could work in real with the goal in mind providing convenient and secure access via website.

Nice Web site is key.

A thing to consider: B&C Exchange is first and foremost a blockchain. So I expect non anonymous businesses to build stuff on top of it as Coinbase built a wallet system on top of bitcoin with a customer support for example.

The two additional features I would like to see the most if additional funding permits are an implementation of CHECKLOCKTIMEVERIFY and an Android app.

CHECKLOCKTIMEVERIFY means that a user could choose to have deposited funds transferred to a certain address at a certain time in the future. This way, if reputed signers fail to sign or the user loses their exchange account private key, they will still get their funds back at the appointed time.

I would also like to see an Android app that has wallet support for all the coins the exchange supports, so it doubles as a wallet and exchange.

@JordanLee you probably outlined that somewhere already, but how much funding would roughly be required for those two features you mentioned?

I agree that this is super important!
But the implementation depends on whether this is already supported by the foreign blockchain in which the multi signature transaction will be placed, right?

Coinomi could provide this implementation with a good start - what is @erasmospunk’s take on this?