From the network security and availability point of view, it is preferred that digital exchange uses their own IP addresses. Our researches shows that 90% of the digital exchanges are hosted in Cloudflare, AWS or Incapsula. Also none of the digital exchanges uses their own IP addresses.
Couple of issues are identified.
Too much centralized, traditional banks online transactions are more decentralized
Your addresses are summarized with other services when the cloud service provider advertise the IP segments to internet, which means a bad actor can advertise a detailed prefix so that you are not reachable from the internet until the upstream ISPs identify and stop the bad actor ( IP highjacking).
Less redundancy as not multihomed.
We are concerned as network engineers, whether these issues are thought or not.
Would like to know what the network designers of BISQ think regarding our above concern.
We checked all the known digital coin exchanges to see what IP addresses they used to host their site(Gateway for users) to buy and sell. I am not talking about master nodes or other relay nodes working in the background.
Above is the the address of the BISQ exchange.
Now assume somebody say 22.214.171.124/24 is available in Russia or Brazil or India, then internet believes it, until Amazon complains to those ISPs who believed that information.
You may search internet on ‘IP Prefix hijacking’ for details.
Internet works on a protocol called BGP. Most specific information ( routing prefix) get prioritized.
Even Amazon is keep on advertising to the internet saying 126.96.36.199/18 is Amazon, if a small network operator with an AS may advertise 188.8.131.52/24 as them self.
So all the traffic from the internet to bisq.network goes to them and not to Amazon. It is called IP Prefix highjacking.
Of course after a couple of hours we can stop that but some times it takes longer.
This is why it is important to have your own addresses and AS number when critical services are running.
I hope to provide you more information.
Please keep in touch.
These are some famous highjacking.
A small prefix hijack like a /24 or /20 is almost not discussed as it happens daily basis.
There are mechanisms such as RPKI but in reality it is not fully implemented.
You may ask Amazon to advertise /24s then this issue is addressed.
Of course there are other advantages of having your own network like the banks do.
robust DDoS prevention mechanism
You need a network engineer but considering a major digital exchange this is of course not a cost
Thank you for the clarification, now I better understand your concerns. Again, Bisq is decentralized read the white paper to understand what you are dealing with. I’m not sure how practical this approach will be apart then distributing fake executable but then those executable must hijack the p2p network to make an attack workable. Anyway if you want more info Manfred will help you. Unless the white paper answers your questions.
I understand that a bad actor can’t steel the coins. It is almost not possible to disturb the P2P communications. What I am saying is that it possible to block users accessing bisq exchange site over the internet. It is an availability issue not a security threat.
I did a test in my office network blocking bisq.network, bisq.io for myself. There were no issues for using the BISQ P2P applications.
Also kept on blocking the tor servers the P2P application selecting.
Still the P2P client selects another tor node.
Some how it keeps on working. Very nice.
There is only the java application GUI that is found on the github and download sections. Mac/Windows/Linux. There is no headless/CLI version. There seems to be a language barrier here. Also…who is “WE”, who do you represent?
We are an ISP in Japan in Okinawa also having a private global WAN to drag IX traffic around the world for our users. We do have plenty of bandwidth on our global WAN so looking forward to utilize them to make revenue.
I think you mix up the exchange part and the website part.
bisq.network 184.108.40.206 AS16509 is only the Website.
And the whole exchange will run without it. As it is using Tor for it’s communication you only need one woking Tor entry node.
Generally on BGB security:
You are right the BGP is the internet backbone protocol, if you mess with it you can do bad things. But the bad things don’t go undetected, every BGP peer can see your manipulation and you will face consequences.
Maybe loose your AS.