Polling is an awful API for market data, especially when the poll rate is limited. People end up gaming the system with multiple accounts and getting additional "peeks" into the order book. Maybe it doesn't matter for Bitcoin but it's a bad design for a serious exchange.
If one of these guys provided a more traditional fix/itch/ouch setup, they might get more traction with traders who are already active in other currencies/products.
I've just started to work with the Kraken API it is good. Their key signing/hashing auth is a little weird but the example clients are very useful.
Is there a way to get real time order book updates from the Kraken?
Another good API is Paymium's https://github.com/Paymium/api-documentation the most frustrating thing I find about exchanges API are race conditions when doing HFT, like submitting an order getting an ID, then asking about the ID to find it doesn't exist yet as the update hasn't be prorated yet.
Really? I've found Kraken's pretty hard to work with. They're inconsistent in some ways, like their currency pair names (sometimes "XXBTXZEUR", sometimes "XBTEUR"). Also, they are the only ones I've come across who don't just use plain old integers for ids - they have some weird scheme that has string ids formatted like O6W5EU-VY7YF-CS3XNP.
That said, they're better than say BTC-e and OKCoin :)
The way Coinbase is doing the streaming WebSocket data looks very good. My frame of reference is Bitstamp and Mt. Gox before that...
Keeping a proper copy of the order book on the client side should be fairly straightforward.
Bitstamp's API makes it impossible to keep the full order book synced. They broadcast the top 20 rows over the socket, but for many situations that's not good enough.
Maybe one day and exchange will create a developer email list where they let people know when the API changes (Bitstamp has had an awful history of breaking the API without warning).
No way. Kraken doesn't even have a real-time feed. The best I've ever seen is HitBtc or Coinsetter. Those two are the closest to Wall Street grade APIs out there (demo environments, real-time API agnostic of protocol, colocation, etc). From a brief glance, this Coinbase exchange API is close.
Exposing _all_ order entry traffic on the public market data feed is not great, especially the part where they expose client generated order uuids on the public feed. This allows market participants to potentially identify other market participants' orders based on their client order uuids e.g. if they are using a uuid generator that incorporates the MAC address.
I think I understand why they are doing this. They want to have a clean REST order entry interface, but still allow participants to know immediately when they are filled (via the websockets feed). Ultimately, they should implement a websockets order entry interface and stream accepts, fills, cancels, and rejects only to the involved participants. They should not expose any client generated ids on the public feeds, and only non-marketable orders and trades should hit the public feed. This is how it works literally everywhere else. Also it wouldn't hurt to have time-in-force (IOC, etc) and support for non-displayed orders.
I have not rwad the article but from what you are describing it sounds like they probably should just use itch.
I think anonymity in markets might be something we should experiment with getting rid of. Doing that right is hard because it is difficult to prevent sock-puppetry-spoofing which would require regulations and penalties for rat hole order shredding.
So order anonymity is 'easier'. But now the exchange has to deal with spoofers. Or not. but they must be explicit about their policy with regards to spoofing and rigoursly and rapidly enforce that policy. If they are not they create a syatem where some participants will break the rules to gain advantage and others will follow them and suffer. And allowing spoofing might be a violation of dodd-frank (i am not sure if this exchange implicitly falls under its scope or not) so again, some participants might feel to play it safe while others wont have such qualms.
Atleast using an order based feed makes it easier to track bogus orders which increases the difficulty for spoofers vs motivated play by the rules dont commit hundreds of felonies per day liquidity providers.
Orders should be anonymous or explicitly attributed. What I'm taking issue with is the grey zone coinbase has created where you are mostly anonymous but you might be leaking some identifying information via public client order ids. If they want identities to be public they could make it explicit via explicit market participant IDs.
I understand, I am just pointing out the ultimate situation the exchange arrives in once they (hopefully) patch up the vulnerability you described.
Making parties known via explicit market ids leaves them open to spoofers gaming that process and finding other people to sign up and shred their orders across a pool of ids the spoofer controls. (what I refer to as rat-holing and has been done here [1]). Note that even if a participant doesn't rat-hole/shred their orders doesn't preclude them from spoofing, it just makes it less profitable to do so, and easier for advanced counterparty's to track and recognize bad reputation of a spoofer.
Not making it explicit allows spoofers to trivially run their algorithms without having to rat-hole/shred so it lowers the barrier to entry for spoofers and blends their orders in among the non-spoof orders resting in the book making their strategies more effective.
In any case spoofing is a felony because of dodd-frank. [2]
The only question that remains is does this exchange fall under the scope of dodd-frank's provisions against disruptive practices? What will they do to ensure that spoofing doesn't take place on their exchange? The law doesn't contemplate an exchanges ability to opt-out of this provision. If they are running an exchange that allows people to spoof they could be seen as allowing those felonies to occur through indifference because it generates volume and hence makes them more money, making them an accessory to the crime. In any case someone will need to enforce the provision on their exchange otherwise a perverse moral hazard is created where some participants are willing to risk breaking the law because the worst they will expect is a slap on the wrist, while those that do follow the law are at a severe informational disadvantage.
I would never trade under my own name in a pre- or post-trade transparent market that included broker ID. Competitors are great at working with lots of data. You don't think they'd take a crack at reverse engineering my models given a feed of every trade I did (or even worse, all my orders)?
Also if they're charging 25 bps to be a taker vs. 0 to make, people will want a post-only order.
I actually like the idea of putting ClOrdIDs on the feed, maybe encrypted with some key only the sender has? Would make excluding one's own orders so much easier and no concerns about who sees what first: http://www.wsj.com/articles/SB100014241278873237981045784550...
Yes that's how things work on itch/ouch. Downside with that is you can see your order hit the feed before you know it's yours. For people who want to exclude their orders from their view of the market, they have to build heuristics to handle this case or risk flashing/chasing their own tail.
Also doesn't help the IOC case. If market data dissemination is usually faster than the private order entry/ack/fill channel, it would be better to know that a trade resulted from my IOC by seeing it on the data feed rather than waiting.
They note that your trading 'bots should be running on Amazon AWS East for minimum latency. They're encouraging high frequency trading. Since they're coming up with zero fees, they may have huge 'bot volume. Then they can announce they are the biggest exchange.
Given their maker/taker fee setup, they clearly are trying to attract liquidity providers, who definitely want to be able trade algorithmically.
But, other technical choices make it clear that they are not targeting existing HFT firms. For instance, cloud based virtualized servers are unacceptable for HFT firms. Not being located at one of the "major" exchange data centers is a problem for most firms as well. Finally, building an http/json based proprietary api instead of a standards based one or a proprietary binary format is a clear signal that they are not targeting existing HFT firms.
Heh, you could imagine Bitcoin HFT shops spinning up EC2 instances until they happen to get one close to Coinbase's.
(I don't know AWS networking well enough to know if this would make much of a difference, or even if the overhead of the HTTP API wouldn't make the difference negligible)
I really hate these `position: fixed` left-hand navigations. On my Macbook everything after the "Market Data" section is below the scroll and can't be seen.
Why does an exchange, which is based on basic market principles and claims to incorporate a supply and demand (maker vs. taker) model, have a fixed rate vig on half the transactions? Shouldn't the vig float and have a mechanism which drives it towards zero?
I don't know much about basic market principles (by the looks of it they aren't very profitable for the host) but constant fee does make it easier to backtest automated trading strategies.
As I understand it, it's not a fee that the maker receives, it's a fee CoinBase receives, i.e. it's their way of making profit off of this exchange. The mechanism which could drive it to zero is competition from other exchanges.
So you think the fee to remove liquidity should "float" in what way exactly? With per-customer tiered volume discounts like many exchanges offer to customers who trade enough in a given month? Or when you said "float" did you mean it should be variable across the entire exchange over time, but the same for all customers at any given time?
Nice to have a ASCII-based REST API, but they should also add a proper binary protocol, which does not involve HTTP. Mainly to reduce parsing and encoding times.
(This is my personal and not my employer's opinion.)
The only other respectable API out there belongs to Kraken [1].
[1] https://www.kraken.com/help/api