Author: ApeX Pro

 

Gamers in the trading track, centralized security risks

 

In the cryptocurrency market, trading is undoubtedly the most basic business need of users, and exchanges are the most basic application infrastructure and the most basic aggregation tool for cryptocurrency trading. There are many different trading products and protocols in this field, and centralized exchanges seem to be the main choice for most users. However, the security issues constantly exposed by centralized exchanges have gradually become the biggest hidden danger for users to choose them.

In 2022, the total trading volume of the top 10 centralized exchanges was 40.87 trillion US dollars, a decrease of more than 50% compared to 2021. FTX, one of the top three exchanges, went bankrupt within ten days due to the market run due to the misappropriation of user funds and its potential financial bad debts, which led to a crisis of trust in centralized trading platforms. In addition, in 2022, a series of centralized institutions also experienced thunderstorms, such as the collapse of Terra and the bankruptcy and liquidation of Three Arrows Capital (3AC).

The asset security issues that have emerged in the crypto market have undoubtedly become the biggest warning to users. As the main players in the trading track, the security risks of centralized platforms have become the biggest bottleneck that hinders user choices. For users, the way centralized exchanges hold their assets and control transaction data can no longer be trusted.

 

Can CEX’s public Merkle tree proof prove its asset reserves?

 

With the FTX incident, major exchanges have also begun to publicly disclose Merkle Tree Proofs to allow users to verify the reserve status of their assets, thereby proving that their assets have not been misappropriated. However, can this become a way for CEX to verify the security of its assets? Let's interpret the proof principle of the Merkle Tree.

The Merkle tree is a hash binary tree invented in 1979. It consists of three parts: the root node, the intermediate node, and the leaf node. All nodes of the tree store hash values. In the Merkle tree, data is stored in the leaf nodes, and the intermediate nodes are generated by the hash of the two corresponding leaf nodes. The entire Merkle tree is formed by the hash operation of data grouped level by level.

Any data change in any of the nodes will affect the changes in other intermediate nodes and the root node, thus ensuring the integrity and consistency of the data and that it cannot be tampered with. Therefore, the complete transaction list can be proved simply by verifying the root node hash of the Merkle tree.

The principle of verifying fund reserves is usually to take an anonymous snapshot of the account balance of its transaction through a third-party auditing agency, and then obtain, calculate and reserve the hash value step by step to reach the root node for verification, so as to obtain a complete transaction list. The third-party auditing agency then determines whether it has sufficient reserves by comparing the user data and account asset balance disclosed by the exchange.

However, can the Merkle tree fully prove its asset reserves? The answer is no, for the following reasons:

1. The proof of fund reserves only applies to the snapshot of user assets during the audit. The platform can ensure asset reserves during the audit, but any subsequent misappropriation is still beyond supervision.

2. The possibility of front-end fraud still exists. The exchange can forge the front-end page so that users cannot verify.

3. The credit issues of the third-party auditing agency itself will also affect the complete security of asset verification.

4. The Merkle tree-based proof of funds reserve cannot reflect other debt relationships, internal financial status, etc. of the platform. A single proof cannot measure the financial risk of the platform itself.

Based on the above, the security issues of centralized exchanges cannot be properly resolved through Merkle tree proofs. Centralized development is full of security risks and is not an option for users to trade safely.

 

Interpreting ApeX Pro, can DEX achieve secure asset transactions?

 

If centralized exchanges cannot guarantee the safety of funds, can DEX be a future trading option? We can interpret ApeX Pro, a decentralized trading protocol that ensures the consistency of on-chain transaction settlement data through an off-chain matching engine combined with a ZK rollup solution.

Non-custodial user assets, smart contract management

As a decentralized multi-chain derivatives trading platform, ApeX Pro integrates StarkWare's Layer 2 scalability engine and creates an order book trading model that supports 0 gas fees through the zero-knowledge proof L2 rollup solution.

ApeX Pro is different from centralized exchanges that escrow user funds. Instead, it transparently stores and manages funds through on-chain smart contracts. Every operation of funds requires the signature of the user, and the operator has no right to embezzle funds privately. The process is that the user signs the account operation on L2 and regularly synchronizes the status to the custody contract on L1. No one can embezzle user assets by constructing false transactions, which completely eliminates the possibility of the platform embezzling user assets and ensures that users can trade safely.

Forced withdrawal is possible, funds come and go freely

When trading on ApeX Pro, users can withdraw their funds even if there are any market black swan events. Even if the exchange function is closed, users can still initiate forced withdrawals to ensure the safety of their funds. When a user chooses forced withdrawal, ApeX Pro does not process the user's forced withdrawal transaction request within a specific time frame for any reason, the user can freeze ApeX Pro's StarkEx contract and use forced withdrawal and forced transactions to retrieve their funds.

From the above, ApeX Pro and StarkEx scalability engine work together to ensure data consistency on and off the chain through zero-knowledge proof, that is, if there is no zk proof that the L2 transaction status is indeed valid, then no status update will occur on L1. This means that funds can only change hands within StarkEx according to the logic implemented in Cairo, which enforces the following operations:

- Funds cannot be transferred from a user without a valid signature on the relevant transfer request

- The submitted StarkEx state on L1 reflects all asset transfer records that occurred in the L2 environment, ensuring state synchronization

- StarkEx cannot execute the same asset transfer request twice, ensuring data consistency

As a result, operating nodes (such as exchanges) cannot steal users’ assets. Forced transactions, emergency hatches, and dedicated upgrade mechanisms ensure that ApeX Pro, built on StarkEx, is a completely user-custodial model, ensuring that user transactions are sufficiently secure, and even in extreme cases, users can forcefully withdraw their assets.

 

ApeX Pro, the best choice for safe and efficient transactions

 

Through analysis, it is difficult to solve the security risks of centralized exchanges, and DEX, as a trading platform for non-custodial user assets, is the first choice for users to trade safely. ApeX Pro can not only ensure asset security and privacy, but also has the following advantages:

1. No KYC required: just link your wallet to trade.

2. Lightning transactions, efficient experience: Its order book model can provide high liquidity and transaction depth; each transaction can be executed instantly, achieving lightning transactions comparable to centralized exchanges;

3. 0 gas fee, low-cost transactions: Due to the enhanced scalability of L2 and the verification method of zero-knowledge proof, users do not need to bear GAS fees for each transaction, which greatly reduces transaction costs;

4. Support multi-chain deposits and withdrawals: ApeX Pro supports multi-chain deposits and withdrawals. In addition to Ethereum, it also supports BSC, Polygon, Arbitrum, etc., meeting users' multi-chain transaction needs.

From this, we can see that ApeX Pro not only ensures the security of user assets, but also achieves an efficient experience comparable to centralized exchanges through an efficient matching engine, making it the best choice for user transactions. In addition, ApeX is conducting a 52-week trading mining activity. Users can obtain mining coins through transactions and exchange them for USDC at any time, so that users can trade at the lowest cost. In addition, ApeX Pro recently launched a staking mechanism, and users can obtain platform USDC dividends by staking its APEX/esAPEX tokens at any time. As a new platform that has been online for three months, ApeX continues to give benefits to users, and is a project worth entering early and planning in advance.