User Tools

Site Tools


fintech

This is an old revision of the document!


Financial Technologies

Themes

Among the research topics of the Security Group the main stream of this research topic is to develop new mechanisms for secure, distributed financial technologies.

FuturesMEX: Secure, distributed futures market exchange

In the IEEE Symposium on Security and Privacy (2018), one of the top tier security conferences, we presented our work in futures exchange decentralization.

Futures exchange is the operator of a futures market which consists of traders who bid and ask for futures contracts — standardized promises to buy or sell an underlying asset that are made today and to be fulfilled in a future date. To make sure the traders can meet the promises the exchange requires them to deposit some initial money into their cash reserve.

An exchange has three main functions: (1) Price discovery that allows traders to post/cancel limit orders to form the anonymous order book where only price and volume are publicly visible but not the identity of the traders that post the orders; (2) Transaction management in which the exchange processes the market orders for actual transactions; and (3) Risk management where the exchange constantly monitors the short positions' trading account to make sure they can meet their promises regarding the new market price.

As of today, all the exchanges are centralized, e.g. the Chicago Mercantile Exchange which is among the largest exchanges in the world. To replicate the functionality of an exchange in a distributed system is not a trivial task. It is easy to see that first one needs to maintain the market integrity along side with solving the consensus problem as other previous secure distributed systems, e.g. Bitcoin. It is however less obvious to notice the challenges that are specific to futures market. including account confidentiality, trader anonymity. The non-monotonic behavior of the futures market in which honest actions can invalidate past security evidences is also a novel challenge. Finally, for a decentralized exchange to be viable one must maintain the proportional burden property to alleviate the effort required by the retail and institutional traders in the presence of the high frequency traders.

We design a hybrid solution and opt to use as much standard crypto building blocks as possible including public ledger, anonymous communication network, commitment scheme, zero-knowledge proof system, Merkle tree and generic MPC.

To overcome the denial-of-service attack where the adversary aborts the protocol, we make the abort costly. In particular we employ the penalty strategy of Hawk (S&P 16) in which the initial cash reserve is locked and only released after the final Mark To Market phase. The aborting party is prevented to join the final phase hence he will lose the deposit — the ultimate possible financial penalty.

Using the Lean Hog futures data in the first quarter of 2017 obtained from the CME, we demonstrate that our hybrid solution is able to maintain proportional burden in which the crypto overhead for the retail traders are close to zero while the full MPC solution yields magnitude of orders higher burden for them. Our optimized implementation is also practical enough to fit most of the Lean Hog trading days into only 1 or 2 days of computation. Further optimizations are possible, such as zk-proofs generation parallelization.

Publications

  • F. Massacci, C.N. Ngo, J. Nie, D. Venturi, J. Williams. The seconomics (security-economics) vulnerabilities of Decentralized Autonomous Organizations. To appear in Security Protocols Workshop (SPW) 2017. Author's Draft PDF
fintech.1543187906.txt.gz · Last modified: 2021/01/29 10:58 (external edit)