How are Crypto Gateways Secured and what would happen if they are hacked

How are the crypto gateways for Bitcoin, Ethereum, Litecoin, ZCash, Bitcoin cash, Dash, Monero secured?

Who controls/owns them?

Are there multiple gateways for each crypto?

How do you become, what is the process to become a gateway?

And what would happen if a gateway is hacked and funds stolen?

Gateways are centralized mostly run by coinomot. if they get hacked there will not be coin to swap 1:1 with tokens. e.g wbtc to btc. :slight_smile:
There are not multiple gateways for cryptos. But everyone can run a gateway. If you believe ppl will trust your service you can do that.

Gateways are centralized mostly run by coinomot.

For sure? Their site only says BTC/wBTC

There are not multiple gateways for cryptos. But everyone can run a gateway. If you believe ppl will trust your service you can do that.

That’s pretty frightening. But without an arrangement or smart contract between yourself and coinmat you can’t issue wBTC, you would have to issue myBTC. It would be great to see the gateways operating as part of a DAO, or smart contracts with each other. I’m not positive how this would work in practice, as it just occurred to me this morning. So if everyone opened a gateway, or coinmat is the only gateway, it’s in effect, a single or bunch of centralized exchanges tracked on a blockchain and interacted through an opensource wallet not a DEX. :expressionless:

As it is now, it’s as risky and centralized as any other exchange. Perhaps maybe even more risky, because the organization structure is not clear, and it’s advertised as a true DEX. More risk is added as Coinmat is at an arm’s length from Wave Platform as an institution, but has a monopoly on the verified tokens, and names of USD, BTC, ETH, XMR, etc.

It doesn’t seem like in the current framework it’s possible to have two verified BTC tokens from multiple gateways. This is a substantial issue that the development team and community need to take an indepth look at and address. How can gateways become decentralized and trustless, while maintaining sufficient liquidity for withdrawals and deposits to the waves blockchain?

By convention of theory in public and trustless blockchains it’s only fair to assume that Coinmat could act maliciously, and therefore shouldn’t be trusted. At the very least scrutinized and evaluated like and against any other centralized exchange.

Actually Hawky wrote a pretty nice article on this a week ago;

The tokens are traded peer to peer and a trade is settled on the blockchain so this is decentralised. There are two things centralised really; the matcher and the gateways. Everyone can run a matcher (you will have a differen orderbook ofcourse) and everyone can run a gateway with a proxy token. This is a matter of trust but could partially be solved with smart contracts as stated in the article.

This is an important distinction, because the current proxy token (worthless if the single point of failure Coinmat is hacked) are settled, not the actual crypto currency. This is the same as a centralized exchange moving values in database, only values are recorded on the waves blockchain. Only Waves and the tokens created in waves are fully decentralized.

As I stated previously if everyone runs a matcher/order book with a gateway, It’s just multiple independent centralized exchanges recorded on a blockchain. There’s no guarantee they’ll interact with each other and accept each others proxy tokens. This is a lot like problems of exchange faced by fiat currencies today, which block chain has been trying to solve, seems like Waves has just recreated the flawed fiat ecosystem on the Waves blockchain.

What I’m suggesting is reducing the single point of failure at a gateways by introducing an ecosystem that allows multiple gateways to deposit and withdrawal the same proxy token. Or better the witnessing and transacting of proxy tokens could become a function of full nodes. This could be done using smart contracts. If user A sends Eth to a public address controlled by a multiparty (all full nodes) smart contract, once witnessed by X (2/3) nodes the proxy token is issued by the smart contract. Vise versa for withdrawals. Slashing conditions could apply for bad actors.

I’m not sure how you would transition from coinmat issuing the verified tokens to a smart contract ecosystem? I suppose you could just launch it, and waves could unverify the coinmat issued tokens, and we hope coinmat has been a good actor and everyone can transfer the tokens out.

A couple issues arise including, the hardness of smart contracts, and a centralized matching service. The is also based on smart contracts being bullet proof. If smart contracts are cracked, theoretically you would burn the proxy token on a 1:1 ratio on the issuing wallet, and proxy token’s value against the official token would drop. Issues and the single point of failure of a centralized matching service would still need to be addressed, but perhaps “matching a service” is a suitable compromise of centralization for speed, until blockchain latency and nodes synchronization can be scaled sufficiently.

Well not a perfect solution, multiple smart contracts are more secure than a single gateway. Smart contracts as a means of introducing proxy tokens is fundamentally more in line with DEX and the ideology decentralization as related to cryptocurrency.

you can run with the same token name, there is not unique name for tokens. but of course with different id :slight_smile:
Only way to have trustless gateways is atomic swap. But it won’t be efficient from trading side. So dex is decentralized everyone can find something to do on it. There could be 100 or thousands of btc gateway service with different tokens id. Ppl can chose one of them to use. Efficient or not this is how dex works. Regulation can help from malicious.

That’s how it currently works, but that’s not how a true DEX should work. You can call the current situation a proxy dex, the trades are decentralized but the reserve isn’t, it’s the same as handing cash to someone on the street, but the reserve doesn’t have the power of taxation or an army if shit hits the fan. The decentralized trades of proxy tokens, is a step towards full decentralization, and what I’m suggesting is the next step towards a DEX.

Right from the satoshi whitepaper, “The problem with this solution is that the fate of the entire money system depends on the company running the mint, with every transaction having to go through them, just like a bank.” a little out of context but is still applicable as to how the current gateway situation in waves isn’t decentralized.

If it operates as you suggested above with multiple gateways issuing tokens, that’s a parallel of the infrastructure required to support fiat to fiat transfers in the real world, and introduces the same flaws and inefficiencies. Relationships would need to be established between gateways including smart contracts and atomic swaps. This increases cost and complexity for gateways. Higher complexity would result in higher deposit and withdrawal fees for users. The increased complexity also raises the barrier to entry for new gateways as they need to have sufficient capital and hope that gateways will be willing to interact with them, or pre established smart contracts with other gateways to provide liquidity. The bigger concern is there is little or no incentive for gateways to act in good faith, and you presume they won’t because it’s arguably more profitable to build trust and pillage. Crypto gateways need to move to a trustless system.

There doesn’t have to be multiple gateways, if the gateway functionality is controlled by nodes reaching consensus on a smart contract held address. Automic swaps wouldn’t be necessary just smart contracts on each involved blockchain. The deposit and withdrawal transactions would only require trust in the relevant blockchains and hardness of the smart contracts or automic swaps. Efficiency isn’t a concern, as contracts should be able to be confirmed in a similar amount of time as the transaction to a gateway. The smart contracts are still issuing proxy tokens as a representation of the real crypto held in the smart contracts.


1 - Ann request the nodes open a smart contract/atomic swap. Round robin, a Node opens the atomic swap with 2/3 of the nodes to sign on the Eth address in the swap, once ann signs the atomic swap funds are transferred to Eth smart contract where 2/3 of nodes can sign. Ann sends funds to the address. Nodes are watching the contract, when they see it it’s verified they sign the waves contract to issue the wETC, when 2/3 sign the wETC is issued. Bob does the same thing with 2 Eth, but is provided with a different Eth address and smart contract.

Note: some innifiencies may exists that can be addressed with better understanding of atomic swaps and smart contracts. Ie it might be more efficients to update the atomic swap to a smart contract without ann once she has signed.

2 - Jon buys 1 Eth from Ann and 2 from jon.

3 - John wants to withdraw eth. He sends his wETH to the waves smart contract with a public wETC address. The nodes are watching. As they verify the waves smart contract they sign the Eth smart contracts until enough eth can be transferred to the ETh address verified by Jon. When consensus is reached on the eth smart contracts, 2/3 of nodes, the ETH is sent to Jon. Because the Nodes are the only signatures on the smart contracts, they can move funds and update contracts as long as 2/3 agree. Contracts will need to be updated as nodes go on and offline.

Issue - if more than 1/3 of nodes are disrupted before contracts can be updated, the contracts would become inexecutable and funds would be lost until nodes come back online.

Issue - security, although expensive and difficult, if a substantial amount of crypto was held in smart contracts it could become economically viable to attack 2/3 of the nodes, update and execute the contracts, and transfer the funds to the attacker. Although this attack would be a magnitude more difficult than attacking a single centralized exchange. The primary determinant for attacking PoS, crashing the value you of the crypto you attack doesn’t exists, because the attack is off chain.