I've been working with a team of engineers for the last 6 months on a new exchange. We have acquired banking support for 10 different fiat currency.
Wanted to see what the community is looking for in a new exchange, currently we have the following:
- Mandatory 2FA
- Verifiable user funds
- User KYC documents encrypted and stored in Canada, backed-up offline
- On EC2 so that we can sustain DDOS attacks.
- Incorporated outside of the US, so that user privacy is protected.
EC2 is not intended to be reliable storage:
Third Largest Bitcoin Exchange Bitomat Lost Their Wallet, Over 17,000 Bitcoins MissingI don't like the idea of mandatory 2FA. I may be under delusions that my machine does not have a keylogger. You should keep in mind that SMS 2FA may not actually be 2FA if the attacker has access to both the user's phone and PC like
Facebook,
Mircosoft, or
Google. Edit: If 2FA is used, you should
KISS.
an ethical contract
I stayed away from CaVirtex for the longest time because they claimed Bitcoins have no value in their TOS. If they have no value, why am I trading them for dollars? I have seen similar language on other exchanges. The crux of the matter is that they do not want to fall under securities regulations. However, Bitcoin is being increasingly classified as a "virtual commodity". Not sure if that makes it a security (doubt it).