First, denial of service attacks.
Denial of service attack is the main way to attack digital currency trading platform at present. Through denial of service attack, attackers can't access the trading platform normally, and users can't accurately distinguish the degree of attack, which often leads to panic asset transfer, thus bringing certain loss impact.
Second, the fishing incident
Even the best technical measures at present cannot prevent the digital currency trading platform from being attacked by phishing. Some hackers and criminals can confuse digital currency investors by using fake domain names or fake pages, while ordinary investors can't tell the truth, so it is easy to cause losses in assets.
Third, protect the hot wallet.
Many digital currency trading platforms use a single private key to protect popular wallets. If hackers have access to a single private key, they can crack the hot wallet related to the private key. For example, in the Yapizon attack on 20 17 Seoul Stock Exchange, the attacker stole the hot wallet on the trading platform twice in one year, resulting in nearly 50% asset loss of the trading platform, which eventually led to the bankruptcy of the trading platform.
Fourth, internal attacks.
Due to the lack of perfect risk isolation measures, or inadequate supervision of employees' rights, some employees stole from the digital currency trading platform, and some employees with platform operation rights used internal trust to seek ill-gotten gains for themselves. For example, employees in ShapeShift, a trading platform of 20 16, stole bitcoin and resold sensitive information to others privately, resulting in a loss of $230,000 to trading platform * * *.
Verb (abbreviation for verb) software vulnerability
Software vulnerabilities of digital currency trading platform include single sign-on vulnerability and oAuth protocol vulnerability. At present, all countries have laws requiring banks or other financial institutions to implement information security measures to protect customers' deposits. However, because the blockchain field is still in its infancy, there is currently no such specification for encrypting digital assets. Therefore, it is not accidental that many trading platforms have a large number of loopholes in the absence of security specifications.
VI. Extensibility of transactions
Technical supporters of blockchain often think that blockchain transactions are highly secure because they are recorded on records that are said to be unchangeable, but each transaction needs a corresponding signature, and the records can be temporarily forged before the transaction is finally confirmed.
Extended data:
Contract trading rules
1, trading time
The contract transaction is a 7*24-hour transaction, and the transaction will only be interrupted during the settlement or delivery period on Friday 16:00(UTC+8). At the last 10 minute before delivery, the contract can only be closed, not closed.
2. Transaction type
There are two types of transactions, opening positions and closing positions. Opening and closing positions are divided into two directions: buying and selling:
Buy more (bullish) refers to buying a certain number of new contracts when users are bullish or bullish on the index. Carry out the "buy more" operation, and increase long positions after the match is successful.
Selling Pingduo (multi-position closing) refers to the selling contract that users make up their positions because they are no longer bullish on the future index market, and hedge the current buying contract to withdraw from the market. Carry out the operation of "selling flat more", and after the successful matching, the long positions will be reduced.
Short selling (bearish) refers to selling a certain number of new contracts when users are bearish or bearish on the index. Carry out "short selling" operation, and the short position will increase after the match is successful.
Close position buying (close position and short position) refers to the buying contract that users make up their positions without bearish on the future index market, and hedge against the current selling contract to withdraw from the market. Carry out the "buy flat" operation, and the empty positions will be reduced after the matching is successful.
3. Ordering method
Limit order: users need to specify the price and quantity of the order themselves. Limit orders can be used to open and close positions.
Order at Preferential Price: If you choose to order at Preferential Price, you can only enter the order quantity, but not the order price. The system will read the latest rival price (if the user buys, the rival price is the selling price1; When selling, the counterparty price is 1), and a limit order for the counterparty price is issued.
Step 4: Location
The user owns the position after opening the position, and the positions of the same contract and the same direction will be merged. A contract account can only have six positions at most, that is, multiple positions in the current week, multiple positions in the current week, multiple positions in the next week, multiple positions in the next week, multiple positions in quarterly contracts and short positions in quarterly contracts.
5. Order restrictions
The platform will limit the number of positions held by a single user in a fixed-term contract and the number of orders placed by a single opening/closing position to prevent users from manipulating the market.
When the number of positions held or entrusted by users is too large, and the platform thinks that it may cause serious risks to the system and other users, the platform has the right to require users to take risk control measures including but not limited to withdrawing orders and closing positions. The platform has the right to take measures to control risks, including but not limited to limiting the total amount of positions, limiting the total amount of entrustment, limiting the opening of positions, withdrawing orders and forcibly closing positions.