The long list of cryptocurrency exchange hacks tells the story of one of the Bitcoin industry’s biggest problems to date: Custodial exchanges are a big target for attackers and a centralized point of failure for those that rely on them. Just this year, about $200 million worth of cryptocurrency became inaccessible when QuadrigaCX’s CEO passed away, while Binance last month revealed it lost 7,000 bitcoin when its servers were hacked, a loss valued at over $40 million at the time. Over the past decade, a staggering estimate of $1.4 billion worth of crypto has been stolen or about 8 percent of all bitcoin in circulation today.
If it’s up to Boston-based startup Arwen, these types of events will soon be a thing of the past.
Arwen, formerly known as Commonwealth Crypto, was founded by Boston University professor Sharon Goldberg and her PhD student Ethan Heilman, now its CTO, to help cryptocurrency exchanges turn their companies into a trustless service. While only available for crypto-to-crypto trading today, with just three coins supported so far, Arwen’s technology lets users maintain control over their funds right up until the moment of trade, and even the trade itself is trustless, too. No deposit is ever required; everything is enforced by the blockchains of the coins involved.
“Cryptocurrency’s fundamental value proposition is self-custody, thus the future of trading must support self-custody,” Heilman told Bitcoin Magazine. “Arwen is building that future.”
How It Works
Arwen is essentially a layer-two technology that operates “on top” of Bitcoin and other blockchains. (Both the company and its technology are called “Arwen”; the company provides the technology to exchanges in return for a cut of the trading fees.)
The Arwen technology loosely resembles another layer-two technology: coin mixing protocol TumbleBit, minus some of TumbleBit’s privacy features. This resemblance is no coincidence: Arwen co-founders Goldberg and Heilman were two of the co-authors of the TumbleBit white paper. (TumbleBit was implemented in the Breeze wallet in 2018 — though without a payment hub mode, and it probably hasn’t gained much traction yet.)
In essence, Arwen combines two relatively well-known tricks to facilitate trustless trade: atomic swaps and payment channels.
An atomic swap is an old trick (by Bitcoin standards), first proposed by Tier Nolan in 2013. It “links” payments on two different blockchains together. By requiring the same secret code to move funds on both blockchains, and accordingly setting up two basic smart contracts on each, the first trader can only claim funds from his counterparty by revealing the code on one blockchain. The counterparty can then use this same code to claim funds from the first trader on the other blockchain. Basically, if one payment is claimed, the other can be claimed too: a trustless trade.
Unfortunately, atomic swaps never caught on in a big way. While the technology is sound, and even implemented in some decentralized exchanges, it’s proven challenging in practice to benefit from such swaps at scale. For one, an atomic swap requires four on-chain transactions per trade, meaning it’s expensive and doesn’t scale well, and is slow to boot. Further, trading partners still need to find one another, which requires coordination. And even if that works out, there are some risks; your counterparty could, for example, opt not to come through on the trade, at which point your coins remain locked up in the smart contract for a while before you get to claim them back. (This is often referred to as the “free option problem,” as one of the trading parties has the option to execute or abort the trade, depending on price movement.)
All this leads to the biggest problem of all: it’s difficult to generate liquidity for these types of trades.
That’s where Arwen comes in.
“We designed Arwen around overcoming each of these problems,” said Heilman, “and built incentives and protocols around atomic swaps to make them more usable.”
The first part of the solution is to implement atomic swaps in a payment channel design. (This is what looks similar to TumbleBit, while the Lightning Network is designed similarly as well.) By using payment channels instead of on-chain transactions, Arwen allows for more trades per on-chain transaction, instant trades once the channel is opened, and more trading flexibility; for example, the option to execute trades at specific price points. If the exchange tries to cheat (for example because it was hacked), traders can still use a “justice transaction” to claim their most recent balance on the relevant blockchain.
The second part of the solution is to rely on centralized exchanges. This solves the coordination problem and offers liquidity. A centralized exchange is also much less likely to back out of a trade, Heilman believes, as it has a reputation to protect: “The exchange makes money by trading and has a reputation. It is unlikely that the exchange will just grief you, since the exchange wants repeat business and the exchange wants to make money on trading fees.”
Of course, since you remain in custody of your funds at all times, this downside of using centralized exchanges is resolved.
Limitations
Today’s version of Arwen does still have some limitations, compared to most (custodial) cryptocurrency exchanges.
Perhaps most notably, Arwen is currently only compatible with three cryptocurrencies — bitcoin, bitcoin cash and litecoin — and can’t be used with fiat currency. Additionally, Arwen currently only supports RFQ orders, in which the exchange matches orders from the order book, but itself acts as the counter-party in the atomic swap. (This means that not all users on a particular exchange can use Arwen simultaneously right now.) Further, Arwen doesn’t support more advanced types of trades yet, like margin trading.
“Currently it is like an off-chain, trustless, ShapeShift with much faster trades,” Heilman explained, “however, long term, we want to enable exchanges to offer all their order types to non-custodial users. We are also working to add more cryptocurrencies and stablecoins. On the longer term side, we are investigating ways of directly atomically swapping with fiat.”
Arwen was founded in the summer of 2017 and raised $1.5 million through a seed round led by Underscore VC in December 2017. By January 2019, Arwen launched a test version of its app, which was released as an open beta test for mainnet in April. The Arwen code is currently not open source yet, but this is on the road map.
Since last April, Arwen has been running a pilot program on cryptocurrency KuCoin, but for security purposes, the size of escrows and trades are still limited, which has probably also limited its use.
“We have some traders using our beta, but I expect we will see increasing adoption as we move out of beta, enabling high trading capacity and adding features such as more order types and stablecoin support,” Heilman said. “I think we are still in the early days of layer two and cross-chain swaps.”
The post Not Your Keys, Not Your Coins: How Arwen Wants to End Exchange Custodianship appeared first on Bitcoin Magazine.