Is Bisq safe and Open Source?
There are already other decentralized exchanges. How is Bisq different?
Which payment methods are supported?
Which altcoins are supported?
How can I get support for my favorite altcoin?
What are the trade limits?
Why does Bisq require a security deposit?
How does Bisq protect my privacy?
How long does a trade take?
How much does it cost to trade on Bisq?
Why do I need to keep my application online when I have an open offer?
How can I edit my offer?
Will my bank know I’m buying bitcoins?
What is an arbitrator?
How does the arbitration process work?
How is collusion between arbitrators and traders prevented?
What happens if the person buying bitcoin does a chargeback on their national currency after the bitcoin has been released from the multisig escrow?
Wouldn’t a pure reputation system among traders make arbitrators unnecessary?
Can I be an arbitrator?
Can I contact my trading peer?
If I don’t have any bitcoins, how can I obtain enough to pay the security deposit on my first trade?
Does Bisq support ‘XYZ’ payments?
What happens in case of software bugs?
What is a Bitcoin ‘multisignature address’?
I have a question that isn’t covered here…?
Bisq employs three mechanisms of achieving security:
1. All bitcoins traded with Bisq are secured in a 2-of-3 multisignature address.
2. Both traders are required to pay security deposits. These are refunded to them after a trade completes.
3. Bisq features an arbitrator system, to be used in case a trade dispute arises.
If you trade fiat currency there is some chargeback risk open because all banks have the option for reversing a transaction. Bisq supports only payment methods which are known that they it is very difficult to chargeback with them. Paypal and credit cards are not supported for that reason. Read here more about chargeback risks.
Currently no other project fits our definition of a decentralized bitcoin-to-fiat exchange. Open Bazaar stands alone in mirroring Bisq’s principles, but they’re a full market place, not a specialized currency exchange. Most exchanges claiming to be decentralized are either not supporting fiat exchange or operate with a server architecture and do not fit our definition. And of course there are a lot of ICO projects with whitepapers but they have not proven yet that they can deliver any working software.
To be properly decentralized, one must avoid single points of failure:
- Bisq does not hold any bitcoins. All are held in multisignature addresses rather than a Bisq-controlled wallet.
- Bisq does not hold any national currency. National currency is transferred directly from one trader to the other.
- Bisq uses a Peer-to-Peer network over Tor. This means there are no servers to be hacked or DDoS’d.
- Bisq does not know the traders. No data is stored on who trades with whom.
- Bisq does not require registration. This means privacy is maintained, there are no “approval” wait times, and identity theft becomes impossible.
- Bisq is not a company. It is an open source project organized as a Decentralized Autonomous Organization (DAO).
- National bank transfer
- Cash Deposit
- SEPA Instant
- MoneyBeam (N26)
- Zelle (formerly known as clearXchange)
- Chase QuickPay
- Faster Payments
- US Postal Money Order
- Interac e-Transfer
- Western Union
- Perfect Money
- Transfer with same bank
- Transfer with specific banks
- “ZOC”, “01coin”
- “GRANS”, “10grans”
- “ACH”, “AchieveCoin”
- “ALC”, “Angelcoin”
- “AQUA”, “Aquachain”
- “RTO”, “Arto”
- “BETR”, “Better Betting”
- “BTDX”, “BitCloud”
- “BCH”, “Bitcoin Cash”
- “BCHC”, “Bitcoin Clashic”
- “BTCC”, “Bitcoin Core”
- “BTG”, “Bitcoin Gold”
- “BTI”, “Bitcoin Instant”
- “BTX”, “Bitcore”
- “DARX”, “BitDaric”
- “ZNY”, “BitZeny”
- “BURST”, “Burstcoin”
- “GBYTE”, “Byte”
- “CAGE”, “Cagecoin”
- “CDT”, “Cassubian Detk”
- “XCP”, “Counterparty”
- “CREA”, “Creativecoin”
- “CRDS”, “Credits”
- “XCN”, “Cryptonite”
- “CNMC”, “Cryptonodes”
- “TARI”, “CryptoTari”
- “DAC”, “DACash”
- “DAI”, “Dai Stablecoin”
- “DNET”, “DarkNet”
- “DASH”, “Dash”
- “DCT”, “Decent”
- “DCR”, “Decred”
- “ONION”, “DeepOnion”
- “DVC”, “Devcoin”
- “DMD”, “Diamond”
- “DGM”, “DigiMoney”
- “DIN”, “Dinero”
- “DOGE”, “Dogecoin”
- “DRIP”, “DRIP”
- “DST”, “DSTRA”
- “DMC”, “DynamicCoin”
- “ELLA”, “Ellaism”
- “ESP”, “Espers”
- “ETH”, “Ether”
- “ETC”, “Ether Classic”
- “EXC”, “Exceed”
- “FTO”, “FuturoCoin”
- “GEO”, “GeoCoin”
- “GRFT”, “Graft”
- “GRC”, “Gridcoin”
- “XIN”, “Infinity Economics”
- “ICH”, “Instacash”
- “IOP”, “Internet of People”
- “INXT”, “Internext”
- “KOTO”, “Koto”
- “KUMA”, “Kumacoin”
- “LBC”, “LBRY Credits”
- “LIKE”, “LikeCoin”
- “LSK”, “Lisk”
- “LTC”, “Litecoin”
- “LCE”, “LitecoinExtreme”
- “LOBS”, “Lobstex”
- “MBYT”, “Madbyte”
- “MDC”, “Madcoin”
- “MAID”, “MaidSafeCoin”
- “MAX”, “MaxCoin”
- “MAZA”, “Mazacoin”
- “MEC”, “MegaCoin”
- “MFC”, “MFCoin”
- “MCC”, “MicroCoin”
- “XMR”, “Monero”
- “XMN”, “Motion”
- “MT”, “Mycelium Token”
- “XMY”, “Myriadcoin”
- “NMC”, “Namecoin”
- “NANO”, “Nano”
- “NAV”, “Nav Coin”
- “NEET”, “NEETCOIN”
- “NPW”, “NewPowerCoin”
- “NILU”, “Nilu”
- “NIM”, “Nimiq”
- “NBT”, “NuBits”
- “NXT”, “Nxt”
- “ODN”, “Obsidian”
- “888”, “Octocoin”
- “PART”, “Particl”
- “PASC”, “Pascal Coin”
- “PEPECASH”, “Pepe Cash”
- “PHR”, “Phore”
- “PPI”, “Pied Piper Coin”
- “PIVX”, “PIVX”
- “PIX”, “Pix”
- “PXL”, “PixelPropertyToken”
- “POST”, “PostCoin”
- “PNC”, “Pranacoin”
- “PRIV”, “PRiVCY”
- “QWARK”, “Qwark”
- “RDD”, “ReddCoin”
- “REF”, “RefToken”
- “RIN”, “Ringo”
- “ROI”, “ROIcoin”
- “SFSC”, “Safe FileSystem Coin”
- “SEM”, “Semux”
- “SC”, “Siacoin”
- “SF”, “Siafund”
- “SIB”, “Sibcoin”
- “SOS”, “SOS Coin”
- “XSPEC”, “Spectrecoin”
- “SCS”, “SpeedCash”
- “STEEM”, “STEEM”
- “STL”, “Stellite”
- “NAH”, “Strayacoin”
- “TMC”, “Tamadcoin”
- “TRC”, “Terracoin”
- “MVT”, “The Movement”
- “TRIT”, “Triton”
- “UBQ”, “Ubiq”
- “UNO”, “Unobtanium”
- “VDN”, “vDinar”
- “CRED”, “Verify”
- “WAC”, “WACoins”
- “WAVI”, “Wavi”
- “WILD”, “WILD Token”
- “WMCC”, “WorldMobileCoin”
- “WOW”, “Wownero”
- “XUEZ”, “Xuez”
- “YTN”, “Yenten”
- “ZEC”, “Zcash”
- “XZC”, “Zcoin”
- “ZEN”, “ZenCash”
Please read about the requirements and process at this document.
For security reasons Bisq has a limitation of the trade amount per trade. Those limits are derived from the payment method’s chargeback risk and the age of the account. For the number of trades there is no limitation. For most bank-based payment methods like SEPA or Zelle the trade limit is 0.25 BTC per trade. For Swish, OKPay, PerfectMoney and AliPay it is 0.5 BTC and for altcoins it is 1 BTC. For the recently added payment methods Revolut, Popmoney and MoneyBeam (N26) the trade limit is 0.16 BTC. The trade limits in the first month is 25% of the full trade limit.
Security deposits create incentives for both buyer and seller to follow the rules of Bisq's trading protocol. They are locked into multisig escrow along with the bitcoin being traded, and are returned to each user when the trade completes successfully. If a trade goes to arbitration and one party is found to have violated Bisq's trading protocol, some or all of that party's security deposit may be awarded to their counterparty. Examples of protocol violations include a buyer failing to pay a seller, or a seller failing to acknowledge receipt of a buyer's payment. Most Bisq trades complete without any problem thanks in part to the incentives that security deposits create.
Only your trading partner (and your selected arbitrator in case of a dispute) can ever see your payment information details. The data exchanged between users is encrypted and signed. Bisq uses a P2P network built on top of Tor hidden services and provide the high level of anonymity Tor offers. The user doesn’t need to setup anything – all is integrated in the application. The arbitrator only sees the trade details in case of a dispute.
Your trade duration will be determined by the transfer times of the currencies you and your trade partner use. National currency transfers can be instant (Faster Payment) or can take days (SEPA). Bitcoin transactions take in average 10 minutes to get confirmed (at least one confirmation is required before the buyer can transfer the fiat or altcoin amount).
Following maximum trade periods are allowed before a trade goes automatically into arbitration:EURO
- SEPA: 6 days
- SEPA Instant: 1 day
- Faster Payments: 1 day
- Swish: 1 day
- Zelle (formerly known as clearXchange): 4 days
- Chase QuickPay: 1 day
- US Postal Money Order: 8 days
- Interac e-Transfer: 1 day
- Cash Deposit: 4 days
- Western Union: 4 days
- National bank transfer: 4 days
- Transfer with same bank: 2 days
- Transfer with specific banks: 4 days
- OKPAY: 1 day
- Perfect Money: 1 day
- Alipay: 1 day
- Blockchains: 1 day
To trade on Bisq, users pay (1) trading fees to Bisq and (2) mining fees to miners.
Trading fees for offer makers and offer takers are calculated differently.Offer maker fees
The trading fee for an offer maker is based on the trade amount and distance from the current market price:
0.002 * <amount of BTC being traded> * <square root of percentage distance from current market price>
(Minimum fee is 0.00005 BTC)
Example 1: making an offer to sell 0.1 BTC at current market price results in a 0.00005 BTC fee (because 0.002 * 0.1 * 0 = 0, so minimum fee applies).
Example 2: making an offer to sell 0.1 BTC at a 4% premium to current market price results in a 0.0004 BTC fee (because 0.002 * 0.1 * sqrt(4) = 0.0004).Offer taker fees
The trading fee for an offer taker is based only on the trade amount:
0.002 * <amount of BTC being traded>
(Minimum fee is 0.00005 BTC)
Example: taking an offer to buy 0.1 BTC results in a 0.0002 BTC fee (because 0.002 * 0.1 = 0.0002).Mining fees
An offer maker only pays mining fees for the trade fee transaction. An offer taker pays mining fees for the trade fee transaction, deposit transaction, and payout transaction. This is because mining fees fluctuate and it's impossible for the offer maker to know what mining fees will be at the time their offer is taken.
Bisq uses this service to estimate fees. Users can see actual mining fees after they've created or taken an offer.
If you have published an offer, your Bisq application needs to stay online so it is able to react in the case when another trader wants to take your offer. The MultiSig deposit transaction is created in that take-offer process. Be sure you have deactivated your computers standby mode, otherwise your Bisq application lose the internet connection (monitor standby is not a problem). If you shut down the application your offer gets removed from the distributed offerbook as it would become unavailable for others. After starting Bisq again your offer gets re-published. After the offer has been taken and the trade process has started both traders do NOT need to be online. Though they need to check for the status of the trade to see if some action is required from their side (e.g. sending fiat/altcoin or confirm receipt).
Since version 0.7.0 you can edit your offer under Portfolio/My open offers without paying additional fees.
There have been reports that some banks have closed client accounts when they see that there is Bitcoin activity involved.
The reference text of the bank transfer used to trade with Bisq will include only the Bisq trade ID (which is a random sequence of characters, like many other purchase IDs). Any trader that is not using the exact ID number as reference text of a bank transfer is considered in breach of contract, which will result in dispute resolution.
To avoid problems we recommend setting up a dedicated bank account for buying and selling bitcoins. If the bank were to block this account, it would cause fewer problems for you than if the bank were to block your primary account.
Never mention anything else than the trade reference in the subject field.
Initially, traders make a list of arbitrators they approve. When a new trade is initiated, an arbitrator is randomly selected from among the traders’ overlapping, approved selections. The more arbitrators a trader accepts, the more trades will be available to him.
If trader A fails to confirm the receipt of a national currency transfer within the allotted time (e.g. six days for SEPA, four days for Zelle, one day for altcoins, etc.), a button to contact the arbitrator will appear to both traders. Trader B will then be able to submit evidence to the arbitrator that he did, in fact, send the national currency. Alternatively, if trader B never sent the national currency, trader A will be able to submit evidence to the arbitrator that the funds were never received. Submitted evidence should be cryptographically secure using either
PageSigner or digitally-signed bank statements. If these methods fail, more traditional routes of discovery can be deployed.
From our experience the huge majority of cases are caused not by any malicious intention but by problems like network issues, bugs, bank issues, usability, etc.
The arbitrator will side with buyer or seller and sign the 2-of-3 multisignature address in favor of the appropriate party.
As outlined above, arbitrators must lock in a high BSQ bond to become such – much higher than the trade limit. If an arbitrator’s dispute resolution is not agreed to by both traders, they can request confiscation of the arbitrators BSQ bond.
If collusion is found to have taken place, the misbehaving arbitrator will lose her BSQ bond. This puts the arbitrator at a significant loss, as her BSQ bond was much more than she made by being dishonest.
We only support payment methods in which chargeback is not easy (i.e. we don’t support Paypal or credit cards). But there is still certain chargeback risk with banks. If a bank executes a chargeback after the BTC has been released, there is nothing the arbitrator can do.
Bisq’s goal is to make this scenario as unattractive as possible, using three primary mechanisms:
1. There is a trade limit per trade, which is generally too small to attract criminals.
2. We will remove national currency payment methods which are found to be used for chargebacks.
3. We introduce with version 0.6.0 a new feature for detecting the age when a payment account has been set up. Recently opened accounts will have lower trade limits. This adds protection against stolen-bank-account-scams.
It is also problematic for protecting privacy and apply it in a decentralized way.
The required BSQ bond is very high and there are currently only very few people who have contributed that much to Bisq that they have earned so much BSQ. But as soon the full DOA is released and more people have allocated higher amounts of BSQ it will be open to anyone.
Bisq intentionally does not offer a way to get in direct contact with the trading peer. The security mechanisms does not require any direct contact (other than on reputation based systems like Localbitcoins) and we feel that by offering such a feature we might easily open a can of worms. E.g. malicious users could try to trick the peer into a direct trade without using Bisq and then exploit the lack of security or they use the direct channel for other fraudulent activities (social engineering scams, spam,...). For any problems users can open a dispute and the arbitrator will take care to resolve the issue. Beside that they can use the Bisq forum if they need help or for getting questions answered.
We recognize that this could be a barrier to entry to bitcoin beginners.
The security deposit is needed to protect Bisq from fraud and abuse. That said, we will always investigate possible solutions which would allow new users to trade without needing bitcoin first.
Following security deposit values are set by default forbuyer:
- 0.01 BTC (minimum 0.0005 BTC, maximum 0.05 BTC)
- 2.00 LTC (minimum 0.0600 LTC, maximum 12.00 LTC)
- 0.50 DASH (minimum 0.0150 DASH, maximum 3.00 DASH)
- 0.003 BTC
- 0.600 LTC
- 0.150 DASH
Bitcoin can be purchased via many channels: friends or family, Bitcoin meetups, Bitcoin ATMs, Vouchers, Localbitcoins or from any of the centralized exchanges.
Bisq supports already a wide range of payment methods for national currencies. The criteria for inclusion are that the payment method is safe against chargebacks, and that it allows the arbitrator to view evidence of the transaction. National bank transfer is supported in every country.
If the Bisq application recognizes that you’re having a software problem, it will display a “support ticket” button. Your arbitrator will forward your bug report to the developers, who will begin an investigation of the problem. You may be asked for the log file to assist the process.
If the button does not appear, you can open a support ticket by the key combination cmd + o (or ctrl + o).
“Multisig”, as it’s called, is built into Bitcoin as a simple version of a smart contract. A multisig address is generated with multiple public keys and a specification of how many of those keys must sign to release the funds.
Bisq uses 2-of-3 multisig addresses. This means three public keys are used to create the payment address (the buyer’s, seller’s, and arbitrator’s), and the transaction must be signed by two parties for the funds to be released. A typical trade takes place when the buyer and seller sign the transaction to release the funds to the appropriate party. But in case of a dispute, the arbitrator will side with either the buyer or seller, and these two parties’ keys will release the funds to the appropriate party.
Please post your question at the Bisq forum.