The Road towards a Fully Decentralized Exchange

How will the DutchX achieve full decentralization?

Going ahead, we at Gnosis are building fundamentally new market mechanisms founded upon market efficiency and fairness. Through our decentralized platforms, we therefore enable the distribution of resources — whether these are assets, incentives, information, or ideas.

Under the umbrella of Gnosis’ extensive research on decentralized exchanges and proof of concept explorations, the DutchX will be the first iteration and a crucial first stop on the road towards fully decentralized exchange models.

The DutchX is a protocol for interactive use by other smart contracts or decentralized applications. Coupled with a pure on-chain design, the DutchX doubles a price oracle and is built to enable users, bots, as well as other smart contracts to exchange tokens. Any decentralized application in need of exchanging tokens and/or integrating a price feed can make use of the DutchX, so the integration possibilities are numerous. Be one of the first to build on top of the protocol!

From centralized to semi-decentralized to fully decentralized

On centralized exchanges, users make deposits to the exchange in order to trade assets. These funds are fully controlled by the centralized exchange, which makes them highly susceptible to hacks. Custody is solely in the hands of the centralized service.

On a decentralized exchange, funds are controlled exclusively by the users in the platform within their own wallets, and they transact directly with their peers without the need for a central entity. Leveraging smart contracts and various blockchain protocol implementations, decentralized exchanges provide the trustless authentication and authorization of exchange transactions, which makes them less vulnerable to malicious hacks and attacks than their centralized counterparts: Other than vulnerabilities in the smart contracts themselves (which can never be excluded), there’s no single point of entry, and thus a hacker will need to collude more than half of the network to be able to confiscate the system.

While decentralized exchanges try to build peer-to-peer marketplaces to differing degrees, they all share their non-custodial nature: No central corporation has custody of customer deposits, and users remain in control of their funds while trading on these platforms.

However, their non-custodial nature doesn’t make them fully decentralized per se. Most decentralized exchanges actually aren’t fully decentralized — in most cases, centralized servers still host order books, but do not hold private keys. On non-custodial “decentralized” exchanges, the exchange itself may still front-run (and so can miners or other participants).

Besides an off-chain order book — which requires the user to trust the exchange — further central entities are still involved in providing the “decentralized” exchange. Depending on the smart contract design, there might be modifiable parameters that can be altered on the contract level — but who holds the right to do so? Apart from that, who hosts the interface and who holds the domain registry?

Fully decentralized exchanges are open-source, permissionless, entirely on-chain platforms for which decision making is handled decentrally and no other central intermediary oversees the exchange. The emergence of such fully decentralized exchanges is a crucial step in the process of making our industry more mature.

Full decentralization of exchanges will ensure both safety of users’ funds as well as asset trading without any need for trust of intermediaries or third parties.

Building Blocks of Decentralization — Removing Points of Failure

As mentioned above, there are several building blocks towards achieving full decentralization.

How does the DutchX achieve full decentralization?

1) As outlined above, a major security risk for users is the custodial nature of centralized exchanges. The DutchX is a non-custodial exchange, and thereby significantly reduces the risk of hacks and attacks.

2) A major trust risk is how many decentralized exchanges handle the matching of orders. From placing, processing, to claiming orders — everything happens on-chain on the DutchX. Consequently, the risk of misuse by the exchange itself is reduced.

3) The mechanism of the DutchX is governed solely by the principles laid out in the rules of the smart contract. Decisions regarding remaining functions that may need to be adjusted in the future, such as updating the logic of the contract, making decisions on the modifiable parameters and the ENS entry, will be made by a Decentralized Autonomous Organization built on the DAOStack governance protocol (DAO).

4) A major security risk is the use of DNS (Domain Name Systems). The DNS is a system that maps the application URLs (domains) into their location (server). One of its many failures is what is known as ‘registrar hijacking/domain hijacking’ or theft, where the centralized registrar company gets compromised or acts maliciously itself by pointing the application to a malicious server with a replica of the application. The DutchX will launch on ENS (Ethereum Name System), ensuring that the mapping to the registry takes place in a decentralized manner on the blockchain. Thus, the risk of vicious attacks is further reduced.

5) Another major security risk constitutes the use of a centralized server to keep stored data.

The DutchX will launch using IPFS (Interplanetary File System), which is a peer-to-peer file-sharing network: Instead of addressing a location (and thus a central server), the DutchX addresses the exact content of the web interface. The user is hence guaranteed to be served as long as one node is available. Downtime issues cannot arise.