Is Bisq safe and open-source?
Yes, Bisq's software is open-source and licensed under Version 3 of the GNU Affero General Public License. Here’s the
source code and
Bisq employs three primary mechanisms to achieve security:
- All bitcoins traded with Bisq are secured in a 2-of-3
- Both traders are required to pay security deposits. These are refunded after trades are completed.
- Bisq uses an arbitrator system to handle trade disputes.
When trading fiat currency for bitcoin, there is always some chargeback risk, as fiat transactions can technically be reversed. To mitigate this risk, Bisq only supports payment methods which are known to make chargebacks difficult—this is why Bisq does not support PayPal and credit
cards, for example.
Read here for more on chargeback risks.
There are already other decentralized exchanges. How is Bisq different?
Currently no other project fits our definition of a decentralized bitcoin-to-fiat exchange. OpenBazaar is one project that comes close to mirroring Bisq’s principles, but it's a general-purpose marketplace,
not a specialized currency exchange.
Most exchanges claiming to be decentralized either do not support fiat exchange, or operate with a client-server architecture and do not fit our definition. And of course there are a lot of ICO projects with whitepapers
but they have not proven yet that they can deliver any working software.
To be properly decentralized, one must avoid single points of failure:
- Bisq does not hold any bitcoins. All are held in multisignature addresses rather than a Bisq-controlled wallet.
- Bisq does not hold any national currency. National currency is transferred directly from one trader to the other.
- Bisq uses a peer-to-peer network over Tor. This means there are no servers to be hacked or DDoS’d.
- Bisq does not know traders. No data is stored on who trades with whom.
- Bisq does not require registration. This means privacy is maintained, there are no “approval” wait times, and identity theft is impossible.
- Bisq is not a company. It is an open-source project organized as a Decentralized Autonomous Organization (DAO).
Which payment methods are supported?
- Advanced Cash
- Cash Deposit
- Chase QuickPay
- Face to face (in person)
- Faster Payments
- Interac e-Transfer
- MoneyBeam (N26)
- National bank transfer
- Perfect Money
- SEPA Instant
- Transfer with same bank
- Transfer with specific banks
- US Postal Money Order
- WeChat Pay
- Western Union
- Zelle (ClearXchange)
What are the trade limits?
To discourage fraud in fiat transactions, Bisq imposes limits on trade amounts. These limits are derived from the payment method’s chargeback risk and the age of the account (i.e., the time since you entered the payment account in Bisq).
There are no limits on the number of trades you can do—just the amount per trade.
For most bank-based payment
methods like SEPA or Zelle the trade limit is 0.5 BTC per trade. For services like Swish, PerfectMoney and AliPay it is 1 BTC. For recently-added payment methods like Revolut, Popmoney, and MoneyBeam (N26) the trade limit
is 0.25 BTC.
When you first add a fiat payment account to Bisq, its trade limit will be 25% of the full trade limit. It will then increase every 30 days until the full trade limit is reached.
Altcoin trades up to 2 BTC are allowed from day one—altcoins do not have chargeback risk, so account aging is not needed.
Why does Bisq require a security deposit?
Security deposits create incentives for both buyer and seller to follow the rules of Bisq's trading protocol. They are locked into multisig escrow along with the bitcoin being traded, and are returned to each user when the trade completes successfully.
If a trade goes to arbitration and one party is found to have violated Bisq's trading protocol, some or all of that party's security deposit may be awarded to the counterparty. Examples of protocol violations include a buyer failing to pay a seller,
or a seller failing to acknowledge receipt of a buyer's payment.
Most Bisq trades complete without any problem thanks in part to the incentives that security deposits create.
How does Bisq protect my privacy?
Bisq is standalone, open-source software that you can inspect before running on your machine, and as a result, you don't have to trust that any server is logging your personal details (as you would in the case of a website).
As for the trading process, your payment information is stored locally on your machine, and only your trading partner (and your arbitrator, in case of a dispute) can ever see it. All data exchanged between users is encrypted and signed.
To transmit data from one user to another, Bisq uses a P2P network built on top of Tor, which provides a high degree of anonymity. The user doesn’t need to do any additional work for all of this to work—it is all integrated in the application.
How long does a trade take?
Your trade duration will be determined by the transfer times of the currencies you're using. National currency transfers can be instant (Faster Payment) or can take days (SEPA).
Bitcoin transactions take about 10 minutes to
confirm, and at least one confirmation is required before the buyer can send the fiat or altcoins.
Here are the maximum trade periods allowed before a trade goes automatically into arbitration:
- SEPA: 6 days
- SEPA Instant: 1 day
- Zelle (formerly known as clearXchange): 4 days
- Chase QuickPay: 1 day
- US Postal Money Order: 8 days
- Interac e-Transfer: 1 day
- Cash Deposit: 4 days
- Western Union: 4 days
- National bank transfer: 4 days
- Transfer with same bank: 2 days
- Transfer with specific banks: 4 days
How much does it cost to trade on Bisq?
To trade on Bisq, users pay (1) trading fees to Bisq and (2) mining fees to miners.
Offer makers pay 0.1% of the trade amount, and offer takers pay 0.3% of the trade amount. The minimum in both cases is 0.00005 BTC to avoid dust limits. Fees paid with BSQ can be as much as 90% lower.
An offer maker only pays mining fees for the trade fee transaction. An offer taker pays mining fees for the trade fee transaction, deposit transaction, and payout transaction. This is because mining fees fluctuate and it's impossible for the offer
maker to know what mining fees will be at the time their offer is taken.
Bisq uses this service to estimate fees. Users can see actual mining fees after they've created or taken an offer.
Why do I need to keep my application online when I have an open offer?
If you have published an offer, your Bisq application needs to stay online so it can react when another trader wants to take your offer (the multisig deposit transaction is created in the take-offer process). Be sure you have deactivated your computer's standby mode so your Bisq application can stay online (monitor standby is not a problem).
If your Bisq application does go offline, your offer will get removed from the distributed offerbook. It will be re-published the next time you start your Bisq application.
After an offer has been taken and the trade process has started, neither trader needs to be online continuously, but each trader will need to be online periodically to check if any action
is needed on their side (e.g. sending fiat/altcoin, confirming payment receipt, etc).
How can I edit my offer?
Version 0.7.0 introduced offer editing in the Portfolio > My open offers section without paying additional fees.
Will my bank know I’m buying bitcoins?
There have been reports that some banks have closed client accounts when they sense Bitcoin activity.
The reference text (sometimes called "reason for payment" or similar) of the bank transfer used to trade with Bisq must always only include the Bisq trade ID, which is a random sequence of characters, just like many other purchase IDs. Putting anything else as a "reason for payment" is considered a violation of the trade protocol and will result in a dispute.
To avoid problems, we recommend setting up a dedicated bank account for buying and selling bitcoins. If the bank were to block this account, it would cause fewer problems for you than if the bank were to block your primary account.
Never mention anything else other than the Bisq trade ID in the subject field.
How does the arbitration process work?
On Bisq, arbitrators determine solutions to trade disputes. Arbitrators must pay a very high BSQ bond, which ensures fair evaluations and prevents collusion with traders.
Arbitrators are chosen randomly for each trade.
If trader A fails to confirm the receipt of a national currency transfer within the allotted time, a button to contact the arbitrator will appear to both traders. Trader B can
then submit evidence to the arbitrator that he did, in fact, send the national currency. Alternatively, if trader B never sent the national currency, trader A can submit evidence to the arbitrator that the funds were never received.
Submitted evidence should be cryptographically secure using either
PageSigner or digitally-signed bank statements. If these methods fail, more traditional routes of discovery can be employed.
In our experience the vast majority of disputes are not caused by
malicious intention, but by minor problems like network issues, bugs, bank issues, usability, etc.
Once the arbitrator has clarified the situation, they will sign the 2-of-3 multisignature address in favor of the appropriate party.
How is collusion between arbitrators and traders prevented?
As mentioned above, arbitrators must lock in a high BSQ bond to become arbitrators in the first place–much higher than the trade limit. If both traders disagree with an arbitrator’s resolution, they can request confiscation of the arbitrators BSQ bond.
If collusion is found to have taken place, the misbehaving arbitrator will lose their BSQ bond. This puts the arbitrator at a significant loss, as their BSQ bond was much more than they made by being dishonest.
What happens if the person buying bitcoin does a chargeback after the bitcoin has been released from the multisig address?
Bisq only supports payment methods for which chargebacks are not easy (e.g., this is why PayPal and credit cards are not supported). But there is still a little chargeback risk with banks. If a bank executes a chargeback after the BTC has been released, there is nothing
an arbitrator can do.
Bisq’s goal is to make this scenario as unattractive as possible, using three primary mechanisms:
- There is a trade limit per trade, which is generally too small to attract criminals.
- National currency payment methods which are found to be used for chargebacks are quickly removed.
- With version 0.6.0, a new account-aging feature was added. This feature enables fiat accounts recently added to Bisq to have lower trade limits, and those limits are increased over time. This adds protection against stolen-bank-account scams.
Wouldn’t a pure reputation system among traders make arbitrators unnecessary?
Pure reputation without the option of arbitration is a weak protection system, as you can never avoid
long con attacks.
Such mechanisms are also problematic for protecting privacy and for keeping the service decentralized.
Can I be an arbitrator?
The required BSQ bond is very high and there are currently only very few people who have contributed enough to Bisq to have have earned so much BSQ.
So far, Bisq has intentionally avoided offering a way to get in direct contact with the trading peer. There is generally no need for such a mechanism, and offering one would only open a 'can of worms' with respect to security: malicious users could trick peers into a direct trade without using Bisq, and then exploit the lack of security to rip the other person off, or use the direct channel for other fraudulent activities (social engineering scams, spam, etc).
Instead, in case of any issues, users can open a dispute and resolve the issue with the help of an arbitrator. There is also the Bisq forum and Slack channel available for users to get help.
Note: with the launch of the new trade protocol, however, there will be a means for peers to directly communicate with one another.
What is the Bisq DAO?
The Bisq DAO (decentralized autonomous organization) is a decentralized governance mechanism for the Bisq software. It takes the place of a company. How good can decentralized software possibly be if it's still controlled by a single entity, like a company?
Decentralized software is no good without decentralized governance.
That's why Bisq is not a company or legal entity of any kind—instead, it's organized as a DAO. The DAO handles the software's funding and strategy-making to enable the Bisq network to thrive, and at the same time, harden it against attacks on the infrastructure that powers its leadership and operation.
In a nutshell, the Bisq DAO enables Bisq to become even more censorship-resistant, a core principle of the project from the very beginning.
Read more about the Bisq DAO in this introductory doc.
How does the Bisq DAO work?
The primary purposes of the Bisq DAO are financing the project and determining strategy.
- Trading fees are distributed directly from traders to contributors with a token (colored bitcoin) called BSQ.
- Strategy is determined collectively through voting done in the Bisq software and recorded on the Bitcoin network.
Learn more about how this actually works in this series of short 3-5 minute videos.
What do I need to know about the DAO, as a trader?
Since the Bisq DAO is a governance mechanism, it doesn't affect the day-to-day usage of the software very much.
One thing you should be aware of is what the BSQ token actually does. Practically speaking, you'll pay lower trading fees by using BSQ instead of BTC.
But why have the BSQ token at all? Because it enables Bisq contributors to be paid for their work without any central wallets or points of control. When you buy BSQ, you're directly paying a Bisq contributor for their work, and in the process, helping to sustain the whole project. The dynamic this token enables is not possible with plain bitcoin.
When you use BSQ to pay trading fees, it's destroyed and 'burned' out of existence.
See more about how this process works in this doc or in this video series.
Can I use Bisq without BSQ and without this DAO?
You could. All you'd have to do is pay your trading fees with BTC instead of BSQ. But we hope you don't, because doing so would render the project unsustainable.
Before the Bisq DAO, trading fees went to just a couple of wallets owned by specific Bisq contributors (arbitrators). All other contributors were not paid. Bisq needs its contributors to be paid in regular, predictable ways to ensure continual (and reliable) development, service, and growth; the Bisq DAO enables this to happen by distributing trading fees to all contributors in a totally decentralized way.
The Bisq DAO and BSQ token enable a funding and governance mechanism that is not possible with plain bitcoin. We highly recommend you check our documentation and video series to learn more.
Is Bisq doing a token because it needs money? What's the issuance schedule for the token?
Bisq already earns revenue from trading fees. It's not launching this DAO and BSQ token for earning revenue—it's doing it to distribute the revenue it already earns to more people without any central points of control.
BSQ tokens are issued every time a contributor's compensation request is approved through voting, and the tokens are destroyed every time a trader uses BSQ to pay trading fees.
BSQ issuance is not a 1-time event, and its purpose is not to raise capital. You can see a walk-through of the BSQ issuance process in this video series.
If I don’t have any bitcoin, how can I obtain some to pay the security deposit and mining fees for my first trade?
Bitcoin security deposits are necessary to protect Bisq traders from fraud and abuse.
Security deposits are set to be a percentage of the trade amount—2% by default—but they can be adjusted by the offer maker.
We realize this requirement may be a barrier for bitcoin beginners, but there are plenty of ways to get your first bitcoin: friends and family, Bitcoin meetups, Bitcoin ATMs, vouchers, work for it, etc.
Does Bisq support ‘XYZ’ payments?
Bisq already supports a wide range of payment methods for national currencies, but new ones may be added as long as:
- chargebacks are unlikely
- arbitrators can view evidence of the transaction
National bank transfers are supported in every country.
You can suggest a new payment method on the forum, Slack, or GitHub.
What happens in case of software bugs?
If the Bisq application recognizes that you’re having a software problem, it will display a “support ticket” button. Your arbitrator will forward your bug report to the developers, who will begin an investigation of the problem. You may be asked
for the log file to assist in the process.
If the button does not appear, you can open a support ticket by hitting Cmd+o (or Ctrl+o, depending on your system) when the trade is selected in the Portfolio > Open Trades list.
What is a Bitcoin ‘multisignature address’?
“Multisig”, as it’s called, is built into Bitcoin as a simple version of a smart contract. A multisig address is generated with multiple public keys and a specification
of how many of those keys must sign to release the funds.
Bisq uses 2-of-3 multisig addresses. This means three public keys are used to create the payment address (the buyer’s, the seller’s, and an arbitrator’s), and the transaction must be signed by two of the three parties for the funds to be released.
Typically, the buyer and seller each sign the transaction to release funds. But in case of a dispute, an arbitrator will side with one of the parties to provide the second signature to release funds.
I have a question that isn’t covered here…?
Please post your question at the Bisq forum or Slack channel.