Bisq 是 开源 P2P应用程序,它允许任何人购买和出售比特币兑换法定货币或数字货币。
不像现有的交易所,Bisq 是 完全分散式 和 抵制审查制度 使用替代保护机制: - 采用2-of-3多重签名的托管交易 - 保证金机制激励遵循交易协议 - 分散式仲裁系统帮助解决纠纷 Bisq 使用自定义*建立在Tor上的P2P网络*保护用户的*隐私*,每个用户都是参与的节点.一体化 桌面应用程序(适用于Linux,OS X和Windows) 提供直观的用户界面,并执行交易协议。
比特币是一种*抵制审查制度*支付系统,因为它避免了对受信任的第三方的依赖.目前,由于缺乏完全分散式的解决方案,收购比特币的过程不符合相同的原则,Bisq旨在弥补这一差距.
有一些比特币交易所,但它们都以传统的方式运营,用户需要信任一个中心化系统管理资金并暴露其数据和财务隐私。这种模式的脆弱性已经证明了很多次 -尤其是 Mt. Gox,但盗窃和服务器攻击并不是唯一的问题:中心化交易所容易造成大规模追踪硬币,这严重违反了用户的隐私。
*分散式*的关键点是 没有单点故障 控制或审查制度.Bisq在项目的各个方面都体现着这些价值。
-
基础构架 (P2P 网络 - 没有服务器)
-
决不持有用户的资金 (既不持有比特币也不持有法定货币)
-
决不保存用户信息 (没有账号注册)
-
软件开源,没有公司控制
-
没有个人对开发人员融资,因为项目是自筹资金,部分通过捐款。
此外,我们认为*隐私*是一个基本的 human right,需要尽可能的保护。
-
P2P网络运行在Tor(使用Tor匿名服务)
-
所有私人数据都是端到端加密
-
没有特权访问任何数据(公共数据是公众对所有人,私人数据只能交易双方访问)
Bisq像一个去中心化版本的 LocalBitcoins :
-
没有收集用户信息的中心区域
-
没有可招引的敌人的服务器
-
不需要信任服务器供应商(Bisq)
-
用户对其资金有唯一所有权
-
用户不依赖可操纵的评价系统
Bisq类似于其他分散的项目, 例如 OpenBazaar 或 Bitmarkets, 采用类似的保护机制. 然而, 这些项目像是淘宝、Ebay风格的市场,而不是(加密)货币交易所。
该图形概述显示了交易过程的基本高级流程。 有关详细信息,请参阅 images/trade-process-detail.png[详细版本]。 image::images/trade-process-overview.png[交易流程概述]
这些 视频演示了当前的软件,并对交易过程进行了更详细的说明。
交易流程的详细图示可以帮助您了解支付流程。 文件还讨论了可能的 风险,攻击和保护机制。 仲裁制度将作为主要的保护机制,并在另一份文件中加以描述。
-
没有服务器的P2P基础设施:没有单点故障,也不会因为交易监管而导致隐私违规。
-
国家(或数字)货币直接从一个用户的付款帐户转移到其他支付账户,而不需要任何中间方。
-
支持数字货币与比特币交换。
-
无注册或识别过程
-
分散仲裁员制度作为主要保护机制
-
保证金作为遵守贸易协议的额外动机
-
原子存款交易将两个交易者的资金锁定为2 of 3个多重地址中
-
交易费作为防止垃圾信息和市场操纵
-
限制交易金额(1 BTC)以降低总体风险
-
开源许可 (AGPL)
-
合同持有所有贸易细节,由两个交易商签署,将被用作纠纷的证据
-
欺诈报告作为银行退款和犯罪的保护(被盗付款帐户)
为了防止多种欺诈和攻击情形,我们使用不同的解决方案:
-
交易者的保证金 - 成功交易后退还或用作仲裁员的纠纷支付。
-
仲裁员 - 匿名随机分配。 解决贸易商之间的纠纷。
-
仲裁员的安全存款 - 注册后被冻结,下台后释放。
-
合同 - 不可驳回的贸易明细证明
-
欺诈报告 - 仲裁员的报告,证明有明确的欺诈案件
-
贸易量限制 - 限制最大贸易量,以减少欺诈的潜在收益
Bisq不是一家公司,而是一个开源项目,其目的是填补隐匿生态系统的空白:提供一个遵循与Bitcoin本身相同原则的交换平台。 设立了一个独特的激励机制来支持项目:
-
交易费部分给开发人员,部分给仲裁员
-
在发生纠纷的情况下,仲裁员将收取败诉方的保证金(或在某些情况下收取每方保证金的一半)
Bisq应用程序的GUI使用JavaFX构建在Java 8中。 为了与比特币网络进行交互,使用 bitcoinj库。 对于去中心化的消息传递和数据存储,使用了Tor上的自定义洪流(gossiping)网络。
P2P网络有几个主要用例:
-
广播数据(通常是公开数据)
-
交易对象之间的通信(私有和端到端加密)
-
数据存储如果交易对象离线(类似邮箱的系统)
P2P网络技术的主要特点:
-
高度可访问(NAT穿越,防火墙,…)
-
保护隐私(Tor隐藏服务)
-
冗余数据存储(充斥所有对象)
-
数据访问保护(使用签名)
-
抵制垃圾邮件/洪流
-
可扩展
您可以找到有关P2P网络的更多详细信息 here.
仲裁费采自保证金,只有在纠纷解决的情况下才会支付给仲裁员,如果没有任何纠纷被打开,这笔保证金将全部退回给交易者。
保证金还可以作为遵守协议的动力(例如确保某人不懒惰或不小心,忘记发放支付交易)以及确保不诚实的交易者被迫支付仲裁费用的机制。
这些费用是防止滥发垃圾委托,市场操纵和身份收集的必要条件。它们也需要作为仲裁员为他们服务的费用。即使交易没有纠纷的情况下,仲裁员也可事先获得交易流程,以便事先仲裁。 最初费用将保持在最低限度。 随后随着贸易社会的增长,费用将根据需要进行调整,使仲裁制度可持续发展,并适应观察到的欺诈行为的程度。
为了快速支付流程,我们不等待费用交易确定,双重支付费用是有潜在可能,但非常不可能发生的,由于执行难度和低利率.在交易过程结束时将进行第二次验证,将检测到双重支出,这可以用于本地黑名单。
Bisq经营收取以下费用:
-
创建委托:0.001 BTC(支付给仲裁员,包括采矿费)
-
下单委托:与创建委托费相同(也支付给仲裁员)
-
比特币采矿费:0.0003 BTC(采矿费包含在交易中三次:从外部钱包存入,交易退回到外部钱包,所以总和为0.0009 BTC)
-
保证金(可能用作仲裁费用):0.1 BTC,交易后全部退还给交易员,以防发现他不诚实行事。 来自不诚实交易者的保证金将用于支付仲裁员的努力。 在极少数情况下,可能会收取双方交易者的一半担保金。 仲裁费与交易规模无关,不影响调解争议所需的时间,因为仲裁员必须履行的工作量即使交换少量也大致保持一致。
-
(仅适用于仲裁员)仲裁员的保证金:2 BTC。 另外,从不诚实的交易者收取的仲裁费用的一部分被锁定在保证金中。 这个(累计)金额在从仲裁中退出后全部返还给仲裁员。
桌面应用程序实现交易过程。广播委托,发布委托方同意接受任何符合要约中定义的条款的要约的下单方。交易过程要求双方交易者的Bisq应用程序正在运行(可以在后台运行)。他们不需要在电脑边上,但是软件需要在线才能对委托要求做出反应。
在开始转移法定货币(或数字货币)之前,比特币买家应该等待至少1块的确认作为应对双重支出的保护,比特币卖家在确认收到货币后将会发送存款。 images/payment-protocol.png[这里] 是贸易流程的详细图形概述。
Bisq依靠一个分散的仲裁制度来确保交易者履行其义务。 有关此系统如何工作的更多详细信息,请参阅 仲裁系统 文档。
A fraud report is used to warn about fraud from bank chargebacks, stolen payment accounts or arbitration fee fraud. The arbitration system can not help in these cases because the Bitcoin payment has already been released by the time the fraud is discovered. The fraud report only serves to prevent repeated scam with the same payment account and Tor onion address. More details can be found in the risk analysis document.
-
只支持不可逆的支付汇款方式,以便减少 回撤风险
-
一次最多只能交易 1 比特币
-
必须拥有少量比特币才能发起交易(用于保证金,交易费,挖矿费)
-
Bisq 应用程序必须运行(可以在后台运行),以便允许用户的下单.
-
比特币永远是交易货币的一部分,其他数字货币不能交易与法定货币直接交易.
-
仲裁者需要冻结2比特币,当卸任时返还.
Bisq does not carry out identity verification of users. However, in the event of a dispute, the assigned arbitrator may need to check the identity of the traders. This information is only visible
to that arbitrator and to at most one senior arbitrator. Users may request that identity verification is carried out over encrypted channels, e.g. using Tox instead of Skype. See the risk analysis document for more information.
-
Trader selects the arbitrators he want to accept in case of disputes or stick with the default selection of all matching arbitrators.
-
Trader sets up a payment method account.
-
Buyer deposits bitcoins from external wallet (for security deposit, create-offer fee and mining fee)
-
Buyer publishes the offer. Create-offer-fee gets paid to one of his selected arbitrators. The security deposit will be locked in his local Bisq trading wallet in case someone takes the offer.
-
Seller deposits bitcoins from external wallet (for security deposit, take-offer fee, mining fee and the trade amount)
-
Seller takes offer. The software sends his security deposit and Bitcoin trade amount to a 2-of-3 multisig address.
-
Buyer transfers the national currency (or alternative cryptocurrency) amount directly to Seller outside Bisq (e.g. via online banking web page or altcoin wallet)
-
Seller confirms upon payment receipt and releases Bitcoin from the escrow address
-
Buyer withdraws trade amount and his refunded security deposit to an external wallet
-
Seller withdraws his refunded security deposit to an external wallet
-
The traders started a trade but for whatever reason it got stalled.
-
After the max. allowed trade period (depends on the payment method: e.g. OKPay: 1 day, SEPA: 8 days) the software displays an "Open dispute" button, which is otherwise not visible. Any trader can requests arbitration by pressing that button.
-
Bisq provides a chat like communication system for disputes (and support tickets in case of software bugs) only between the trader and the arbitrator. The initiating trader will see his first (system) message he has sent to the arbitrator requesting a dispute.
-
The arbitrator receives the dispute request and the software send a dispute message to the other trader, informing him that his peer has started a dispute. The two traders cannot communicate directly with each other and cannot see the communication of the other trader with the arbitrator.
-
Traders and arbitrator communicate in real time, end-to-end encrypted.
-
Arbitrator follows a protocol to request additional information from both parties and renders his decision based on acquired evidence.
-
Arbitrator unlocks the multi-signature address using his key and the key of the winning party, transferring the Bitcoin amount to the "rightful owner" based on the available evidence. Typically the arbitrator collects the security deposit of the losing party and refunds the deposit of the other party (there are also alternative payout possibilities as well).
-
When criminal fraud is detected: Arbitrator publishes and signs a digital report containing all data about the criminal trader to the public fraud list. These reports will only be created in clear cases of fraud like bank chargeback or use of a stolen bank account.
-
If either trader is not satisfied with the decision of the arbitrator, he may request a second and final arbitration round, performed by a senior arbitrator. The latter reviews the available evidence and renders his decision. If the original arbitrator is found to have behaved dishonestly, further steps are taken to penalize his behavior, based on the severity of his fault.
Alice wants to buy Bitcoin for national currency. When Alice creates a new offer she needs to define the amount of Bitcoin to buy or sell, the price and a minimum amount she is willing to trade. The other data included in an offer, like the acceptable arbitrators or the acceptable payment account countries and method, will be derived from the account settings.
To avoid potential collusion between the arbitrator and one of the trading parties the arbitrator will be selected in an unbiased and verifiable way. This will minimize the chance that a trader forces the selection to a preferred arbitrator. The selection mechanism is described in the arbitration system document.
Alice broadcasts a cryptographically signed offer to buy a set amount of BTC with a specific currency at a set rate. She also has to specify which national currency transfer methods and which registered arbitrators she agrees to use. The offer only reveals her P2P network ID (onion address), not any personal information. The offer will be broadcasted to the P2P network. The offer storage is access protected so that she is the only one who can remove her offer. There will be a maximum time to live (10 min.) for the offer storage in the P2P network. If she stays online her software will automatically re-publish the offer to ensure the offer does not get removed. If she goes offline her offer gets immediately removed. In cases the software crashes or if she loses internet connectivity the time to live ensures that the offer will not stay long time as "dead offer" in the public offer book.
At startup every trader loads all offers for his selected national currency from the P2P network peers he connects to. The offer book displays all offers matching the selected currency. Offers which are not matching the user’s payment account or selected arbitrators are displayed as inactive (grey out).
Informative feedback is provided upon user interaction why that offer is inaccessible (e.g. "the offerer uses a payment method you do not support").
The trader can filter offers by currency and payment method to customize his offer book as well as sort all relevant table columns.
When Bob takes an offer, the software verifies that the offer fee was paid by Alice. He used the onion address in the offer to connect to Alice’s Tor hidden service to start the trade protocol.
After that there is a check that the offer is still available, i.e. no other trader has taken the offer in the meantime. The offer will remain in the distributed offer book until an escrow deposit is created and funded by both peers. Bob’s software then pays the take-offer fee. Until this point neither peer has revealed any private information to the other peer.
Upon taking an offer, a deposit transaction is created using a 2-of-3 multi-signature pay-to-script-hash (P2SH) output script to fund the escrow address. The deposit transaction is passed for completion and signing between the traders over the messaging channel. Finally it is published to the Bitcoin blockchain by the offerer.
The deposit transaction to the escrow address contains:
-
Input from Alice: Security deposit + mining fee
-
Input from Bob: Security deposit + mining fee + trade amount
-
Output to escrow address: 2*Security deposit + mining fee + trade amount
-
Output to record contract hash: OP_RETURN + hash of contract (20 bytes).
After acceptance of an offer and the payment of the corresponding take-offer fee, the taker creates and signs a digital contract. The contract contains all relevant data about the trade (payment details) and both traders. The contract will be verified and locally stored by both peers and will only be used and needed in case of a dispute but is available to be displayed in the application. The hash of the contract will be included in the deposit transaction as proof that both parties have accepted the trade details.
During the trade protocol the software of each trader verifies the fee payments and that the other peer is not listed in the fraud list.
After the escrow deposit transaction is published, Alice waits for at least 1 confirmation, then she starts the transfer of national currency to the Bitcoin seller’s payment account (eg. by bank transfer).
Alice creates the payout transaction.
The payout transaction contains:
-
Input: Funds from multisig escrow address, signed by Alice with her private key (1 of 2 necessary signatures)
-
Output to Alice: Security deposit refund + release of payment to Alice
-
Output to Bob: Security deposit refund
Alice signs her part and sends the partially signed payout transaction to Bob and tells him that she has started the national currency transfer.
Bob receives the payout transaction and the message from Alice that she has started the national currency transfer. He will periodically check his payment account until the transaction is complete or a predetermined amount of time has elapsed.
After receiving the money into his payment account, he signs the payout transaction and publishes it to the Bitcoin network. He gets back his security deposit and can withdraw it to his external wallet. For Bob all has been successfully completed.
As soon as Bob has published the payout transaction Alice gets a message and as soon the transaction is visible in the bitcoin network she can withdraw the Bitcoin payment and the refunded security deposit to her external wallet. For Alice all has now been successfully completed.
The creator of an offer can remove the offer at any time, as long as the offer is not taken by another trader. When removing the offer a message will be broadcasted to the P2P network so all users get updated the offer book with the removed offer. The reserved security deposit in the trade wallet will be available for withdrawal to an external wallet. The create-offer fee, which is paid when creating the offer, cannot be redeemed.
At the middle of the timeout period for completing a trade a warning notification is displayed to both traders, reminding them to check the status of their transaction. As soon the timeout is reached (depending on the payment method) either trader can open a dispute and contact the assigned arbitrator. When opening a dispute, the software sends a request to the arbitrator with the contract attached. The chat-like communication system allows encrypted real time messaging between the traders and the arbitrator. The traders cannot communicate directly to each other.
The arbitrator will investigate the case and request additional information and proofs to each trader. After the arbitrator has rendered his decision, he unlocks the multi-signature address using his key and the key of the winning party, transferring the Bitcoin amount to the "rightful owner" based on the available evidence. The arbitrator collects the security deposit of the losing party and refunds the deposit of the other party. Thus, the winning party will have no costs, while the losing party will lose his security deposit. In cases where the problem was caused by external circumstances (e.g. bank has blocked the transfer, etc.), the arbitrator can decide, based on the available evidence, to take half of each security deposits as his payment and refund the rest back to the traders. More details about the arbitration system can be found in the arbitration system document.
In countries where Bitcoin use is illegal it is not recommended to use this platform as it comes with severe risks. Undercover agents can act as peer traders.
Banks might also block a payment account if they discover involvement in Bitcoin trades. If that risk exists in your national banking environment it is recommended that you open a payment account dedicated to Bitcoin trading to prevent the hassles of a primary payment account being blocked.
There will never be 100% safety when using any exchange; the same is true for centralized exchanges or any kind of money transfer for that matter.
To limit potential losses the maximum trading volume is restricted. This will help reduce the risk of a stolen bank account being used because only a small amount of the money could be exchanged for Bitcoin before the theft is discovered, so the platform is less attractive for criminals. A limit of 1 BTC is initially applied. If real life experience allows us we will raise that limit over time.
While Bisq is developed to offer the right to privacy, it is not intended to facilitate criminal behavior and the team does not endorse such activities. In the event of disputes, arbitrators may need to verify the identity of the traders.