Is Bisq safe and Open Source?
There are already other decentralized exchanges. How is Bisq different?
Which payment methods are supported?
Which altcoins are supported?
How can I get support for my favorite altcoin?
What are the trade limits?
Why does Bisq require a security deposit?
How does Bisq protect my privacy?
How long does a trade take?
How much does it cost to trade on Bisq?
Why do I need to keep my application online when I have an open offer?
How can I edit my offer?
Will my bank know I’m buying bitcoins?
What is an arbitrator?
How does the arbitration process work?
How is collusion between arbitrators and traders prevented?
What happens if the person buying bitcoin does a chargeback on their national currency after the bitcoin has been released from the multisig escrow?
Wouldn’t a pure reputation system among traders make arbitrators unnecessary?
Can I be an arbitrator?
Can I contact my trading peer?
If I don’t have any bitcoins, how can I obtain enough to pay the security deposit on my first trade?
Does Bisq support ‘XYZ’ payments?
What happens in case of software bugs?
What is a Bitcoin ‘multisignature address’?
I have a question that isn’t covered here…?
Bisq employs three mechanisms of achieving security:
1. All bitcoins traded with Bisq are secured in a 2-of-3 multisignature address.
2. Both traders are required to pay security deposits. These are refunded to them after a trade completes.
3. Bisq features an arbitrator system, to be used in case a trade dispute arises.
If you trade fiat currency there is some chargeback risk open because all banks have the option for reversing a transaction. Bisq supports only payment methods which are known that they it is very difficult to chargeback with them. Paypal and credit cards are not supported for that reason. Read here more about chargeback risks.
Currently no other project fits our definition of a decentralized bitcoin-to-fiat exchange. Open Bazaar stands alone in mirroring Bisq’s principles, but they’re a full market place, not a specialized currency exchange. Most exchanges claiming to be decentralized are either not supporting fiat exchange or operate with a server architecture and do not fit our definition. And of course there are a lot of ICO projects with whitepapers but they have not proven yet that they can deliver any working software.
To be properly decentralized, one must avoid single points of failure:
- Bisq does not hold any bitcoins. All are held in multisignature addresses rather than a Bisq-controlled wallet.
- Bisq does not hold any national currency. National currency is transferred directly from one trader to the other.
- Bisq uses a Peer-to-Peer network over Tor. This means there are no servers to be hacked or DDoS’d.
- Bisq does not know the traders. No data is stored on who trades with whom.
- Bisq does not require registration. This means privacy is maintained, there are no “approval” wait times, and identity theft becomes impossible.
- Bisq is not a company. It is an open source project organized as a Decentralized Autonomous Organization (DAO).
- National bank transfer
- Cash Deposit
- SEPA Instant
- MoneyBeam (N26)
- Zelle (formerly known as clearXchange)
- Chase QuickPay
- Cash App
- Faster Payments
- US Postal Money Order
- Interac e-Transfer
- Western Union
- Perfect Money
- Transfer with same bank
- Transfer with specific banks
- “GRANS”, “10grans”
- “ACH”, “AchieveCoin”
- “ALC”, “Angelcoin”
- “RTO”, “Arto”
- “BETR”, “Better Betting”
- “BCH”, “Bitcoin Cash”
- “BCHC”, “Bitcoin Clashic”
- “BTG”, “Bitcoin Gold”
- “BTX”, “Bitcore”
- “DARX”, “BitDaric”
- “ZNY”, “BitZeny”
- “BURST”, “Burstcoin”
- “GBYTE”, “Byte”
- “CAGE”, “Cagecoin”
- “CDT”, “Cassubian Detk”
- “XCP”, “Counterparty”
- “CREA”, “Creativecoin”
- “XCN”, “Cryptonite”
- “DAI”, “Dai Stablecoin”
- “DNET”, “DarkNet”
- “DASH”, “Dash”
- “DCT”, “Decent”
- “DCR”, “Decred”
- “ONION”, “DeepOnion”
- “DVC”, “Devcoin”
- “DGM”, “DigiMoney”
- “DIN”, “Dinero”
- “DOGE”, “Dogecoin”
- “DST”, “DSTRA”
- “DMC”, “DynamicCoin”
- “ELLA”, “Ellaism”
- “ESP”, “Espers”
- “ETH”, “Ether”
- “ETC”, “Ether Classic”
- “EXC”, “Exceed”
- “GEO”, “GeoCoin”
- “GRC”, “Gridcoin”
- “XIN”, “Infinity Economics”
- “ICH”, “Instacash”
- “IOP”, “Internet of People”
- “INXT”, “Internext”
- “KOTO”, “Koto”
- “KUMA”, “Kumacoin”
- “LBC”, “LBRY Credits”
- “LSK”, “Lisk”
- “LTC”, “Litecoin”
- “LCE”, “LitecoinExtreme”
- “MBYT”, “Madbyte”
- “MDC”, “Madcoin”
- “MAID”, “MaidSafeCoin”
- “MAZA”, “Mazacoin”
- “MFC”, “MFCoin”
- “XMR”, “Monero”
- “MT”, “Mycelium Token”
- “NMC”, “Namecoin”
- “NAV”, “Nav Coin”
- “NEET”, “NEETCOIN”
- “NILU”, “Nilu”
- “NBT”, “NuBits”
- “NXT”, “Nxt”
- “ODN”, “Obsidian”
- “888”, “Octocoin”
- “PART”, “Particl”
- “PASC”, “Pascal Coin”
- “PEPECASH”, “Pepe Cash”
- “PHR”, “Phore”
- “PPI”, “Pied Piper Coin”
- “PIVX”, “PIVX”
- “POST”, “PostCoin”
- “PNC”, “Pranacoin”
- “QWARK”, “Qwark”
- “RDD”, “ReddCoin”
- “REF”, “RefToken”
- “RIN”, “Ringo”
- “ROI”, “ROIcoin”
- “SFSC”, “Safe FileSystem Coin”
- “SEM”, “Semux”
- “SC”, “Siacoin”
- “SF”, “Siafund”
- “SIB”, “Sibcoin”
- “SOS”, “SOS Coin”
- “XSPEC”, “Spectrecoin”
- “SCS”, “SpeedCash”
- “STEEM”, “STEEM”
- “STL”, “Stellite”
- “NAH”, “Strayacoin”
- “TMC”, “Tamadcoin”
- “TRC”, “Terracoin”
- “MVT”, “The Movement”
- “UBQ”, “Ubiq”
- “UNO”, “Unobtanium”
- “VDN”, “vDinar”
- “CRED”, “Verify”
- “WAC”, “WACoins”
- “WILD”, “WILD Token”
- “WMCC”, “WorldMobileCoin”
- “WOW”, “Wownero”
- “XUEZ”, “Xuez”
- “YTN”, “Yenten”
- “ZEC”, “Zcash”
- “XZC”, “Zcoin”
- “ZEN”, “ZenCash”
Please read about the requirements and process at this document.
For security reasons Bisq has a limitation of the trade amount per trade. Those limits are derived from the payment method’s chargeback risk and the age of the account. For the number of trades there is no limitation. For most bank-based payment methods like SEPA or Zelle the trade limit is 0.25 BTC per trade. For Swish, OKPay, PerfectMoney and AliPay it is 0.5 BTC and for altcoins it is 1 BTC. For the recently added payment methods Venmo, Cash App, Revolut, Popmoney and MoneyBeam (N26) the trade limit is 0.16 BTC. The trade limits in the first month is 25% of the full trade limit.
Security deposits create incentives for both buyer and seller to follow the rules of Bisq's trading protocol. They are locked into multisig escrow along with the bitcoin being traded, and are returned to each user when the trade completes successfully. If a trade goes to arbitration and one party is found to have violated Bisq's trading protocol, some or all of that party's security deposit may be awarded to their counterparty. Examples of protocol violations include a buyer failing to pay a seller, or a seller failing to acknowledge receipt of a buyer's payment. Most Bisq trades complete without any problem thanks in part to the incentives that security deposits create.
Only your trading partner (and your selected arbitrator in case of a dispute) can ever see your payment information details. The data exchanged between users is encrypted and signed. Bisq uses a P2P network built on top of Tor hidden services and provide the high level of anonymity Tor offers. The user doesn’t need to setup anything – all is integrated in the application. The arbitrator only sees the trade details in case of a dispute.
Your trade duration will be determined by the transfer times of the currencies you and your trade partner use. National currency transfers can be instant (Faster Payment) or can take days (SEPA). Bitcoin transactions take in average 10 minutes to get confirmed (at least one confirmation is required before the buyer can transfer the fiat or altcoin amount).
Following maximum trade periods are allowed before a trade goes automatically into arbitration:EURO
- SEPA: 6 days
- SEPA Instant: 1 day
- Faster Payments: 1 day
- Swish: 1 day
- Zelle (formerly known as clearXchange): 4 days
- Chase QuickPay: 1 day
- US Postal Money Order: 8 days
- Interac e-Transfer: 1 day
- Cash Deposit: 4 days
- Western Union: 4 days
- National bank transfer: 4 days
- Transfer with same bank: 2 days
- Transfer with specific banks: 4 days
- OKPAY: 1 day
- Perfect Money: 1 day
- Alipay: 1 day
- Blockchains: 1 day
The trading fees for the offer maker and for the taker are calculated differently.
The trading fees for the offer maker is based on trade amount and distance to market price.
Min. fee (MinFee) = 0.00005 BTC, default fee (DefFee) = 0.002 BTC/per Bitcoin, market price factor (MF) = square root of percent value (e.g. 1% -> 1, 9% -> 3, 0.01% -> 0.1).
Makers trading fee = max(MinFee, DefFee * amount * MF). E.g. 0.002 BTC for 1 BTC trade at 1% market price distance equivalent to 0.2% of the trade amount.
The trading fees for the offer taker depends only on the trade amount.
Min. fee (MinFee) = 0.00005 BTC, default fee (DefFee) = 0.002 BTC/per Bitcoin.
Takers trading fee = max(MinFee, DefFee * amount). E.g. 0.002 BTC for 1 BTC trade. That is 0.2% of the trade amount.
The maker has to pay the miner fee for the trade fee transaction. The taker has to pay 3 times the miner fee (trade fee transaction, deposit transaction and payout transaction). That is because we use a fee estimation service and the maker cannot know which fee will be required at take-offer-time. The mining fee is taken from the recommendation from a fee estimation service and can vary between 20 Satoshi/byte up to 400 Satoshi/byte. The users can see the actual mining fee when creating or taking an offer.
If you have published an offer, your Bisq application needs to stay online so it is able to react in the case when another trader wants to take your offer. The MultiSig deposit transaction is created in that take-offer process. Be sure you have deactivated your computers standby mode, otherwise your Bisq application lose the internet connection (monitor standby is not a problem). If you shut down the application your offer gets removed from the distributed offerbook as it would become unavailable for others. After starting Bisq again your offer gets re-published. After the offer has been taken and the trade process has started both traders do NOT need to be online. Though they need to check for the status of the trade to see if some action is required from their side (e.g. sending fiat/altcoin or confirm receipt).
At the moment you cannot edit an offer once it is published. But you can use the percentage based price so your price will stick with the market price (we use BitcoinAverage for fiat, Poloniex and CoinmarketCap for altcoins). E.g. If you set your percentage price to 1% below the market price for a buy offer, the price will update with every market price update (about 90 sec.) and when a trader takes your offer the actual market price minus 1% will be used.
There have been reports that some banks have closed client accounts when they see that there is Bitcoin activity involved.
The reference text of the bank transfer used to trade with Bisq will include only the Bisq trade ID (which is a random sequence of characters, like many other purchase IDs). Any trader that is not using the exact ID number as reference text of a bank transfer is considered in breach of contract, which will result in dispute resolution.
To avoid problems we recommend setting up a dedicated bank account for buying and selling bitcoins. If the bank were to block this account, it would cause fewer problems for you than if the bank were to block your primary account.
Never mention anything else than the trade reference in the subject field.
Initially, traders make a list of arbitrators they approve. When a new trade is initiated, an arbitrator is randomly selected from among the traders’ overlapping, approved selections. The more arbitrators a trader accepts, the more trades will be available to him.
If trader A fails to confirm the receipt of a national currency transfer within the allotted time (e.g. six days for SEPA, four days for Zelle, one day for altcoins, etc.), a button to contact the arbitrator will appear to both traders. Trader B will then be able to submit evidence to the arbitrator that he did, in fact, send the national currency. Alternatively, if trader B never sent the national currency, trader A will be able to submit evidence to the arbitrator that the funds were never received. Submitted evidence should be cryptographically secure using either
PageSigner or digitally-signed bank statements. If these methods fail, more traditional routes of discovery can be deployed.
From our experience the huge majority of cases are caused not by any malicious intention but by problems like network issues, bugs, bank issues, usability, etc.
The arbitrator will side with buyer or seller and sign the 2-of-3 multisignature address in favor of the appropriate party.
As outlined above, arbitrators must lock in a high BSQ bond to become such – much higher than the trade limit. If an arbitrator’s dispute resolution is not agreed to by both traders, they can request confiscation of the arbitrators BSQ bond.
If collusion is found to have taken place, the misbehaving arbitrator will lose her BSQ bond. This puts the arbitrator at a significant loss, as her BSQ bond was much more than she made by being dishonest.
We only support payment methods in which chargeback is not easy (i.e. we don’t support Paypal or credit cards). But there is still certain chargeback risk with banks. If a bank executes a chargeback after the BTC has been released, there is nothing the arbitrator can do.
Bisq’s goal is to make this scenario as unattractive as possible, using three primary mechanisms:
1. There is a trade limit per trade, which is generally too small to attract criminals.
2. We will remove national currency payment methods which are found to be used for chargebacks.
3. We introduce with version 0.6.0 a new feature for detecting the age when a payment account has been set up. Recently opened accounts will have lower trade limits. This adds protection against stolen-bank-account-scams.
It is also problematic for protecting privacy and apply it in a decentralized way.
The required BSQ bond is very high and there are currently only very few people who have contributed that much to Bisq that they have earned so much BSQ. But as soon the full DOA is released and more people have allocated higher amounts of BSQ it will be open to anyone.
Bisq intentionally does not offer a way to get in direct contact with the trading peer. The security mechanisms does not require any direct contact (other than on reputation based systems like Localbitcoins) and we feel that by offering such a feature we might easily open a can of worms. E.g. malicious users could try to trick the peer into a direct trade without using Bisq and then exploit the lack of security or they use the direct channel for other fraudulent activities (social engineering scams, spam,...). For any problems users can open a dispute and the arbitrator will take care to resolve the issue. Beside that they can use the Bisq forum if they need help or for getting questions answered.
We recognize that this could be a barrier to entry to bitcoin beginners.
The security deposit is needed to protect Bisq from fraud and abuse. That said, we will always investigate possible solutions which would allow new users to trade without needing bitcoin first.
Following security deposit values are set by default forbuyer:
- 0.01 BTC (minimum 0.0005 BTC, maximum 0.05 BTC)
- 2.00 LTC (minimum 0.0600 LTC, maximum 12.00 LTC)
- 0.50 DASH (minimum 0.0150 DASH, maximum 3.00 DASH)
- 0.003 BTC
- 0.600 LTC
- 0.150 DASH
Bitcoin can be purchased via many channels: friends or family, Bitcoin meetups, Bitcoin ATMs, Vouchers, Localbitcoins or from any of the centralized exchanges.
Bisq supports already a wide range of payment methods for national currencies. The criteria for inclusion are that the payment method is safe against chargebacks, and that it allows the arbitrator to view evidence of the transaction. National bank transfer is supported in every country.
If the Bisq application recognizes that you’re having a software problem, it will display a “support ticket” button. Your arbitrator will forward your bug report to the developers, who will begin an investigation of the problem. You may be asked for the log file to assist the process.
If the button does not appear, you can open a support ticket by the key combination cmd + o (or ctrl + o).
“Multisig”, as it’s called, is built into Bitcoin as a simple version of a smart contract. A multisig address is generated with multiple public keys and a specification of how many of those keys must sign to release the funds.
Bisq uses 2-of-3 multisig addresses. This means three public keys are used to create the payment address (the buyer’s, seller’s, and arbitrator’s), and the transaction must be signed by two parties for the funds to be released. A typical trade takes place when the buyer and seller sign the transaction to release the funds to the appropriate party. But in case of a dispute, the arbitrator will side with either the buyer or seller, and these two parties’ keys will release the funds to the appropriate party.
Please post your question at the Bisq forum.