I have not rwad the article but from what you are describing it sounds like they probably should just use itch.
I think anonymity in markets might be something we should experiment with getting rid of. Doing that right is hard because it is difficult to prevent sock-puppetry-spoofing which would require regulations and penalties for rat hole order shredding.
So order anonymity is 'easier'. But now the exchange has to deal with spoofers. Or not. but they must be explicit about their policy with regards to spoofing and rigoursly and rapidly enforce that policy. If they are not they create a syatem where some participants will break the rules to gain advantage and others will follow them and suffer. And allowing spoofing might be a violation of dodd-frank (i am not sure if this exchange implicitly falls under its scope or not) so again, some participants might feel to play it safe while others wont have such qualms.
Atleast using an order based feed makes it easier to track bogus orders which increases the difficulty for spoofers vs motivated play by the rules dont commit hundreds of felonies per day liquidity providers.
Orders should be anonymous or explicitly attributed. What I'm taking issue with is the grey zone coinbase has created where you are mostly anonymous but you might be leaking some identifying information via public client order ids. If they want identities to be public they could make it explicit via explicit market participant IDs.
I understand, I am just pointing out the ultimate situation the exchange arrives in once they (hopefully) patch up the vulnerability you described.
Making parties known via explicit market ids leaves them open to spoofers gaming that process and finding other people to sign up and shred their orders across a pool of ids the spoofer controls. (what I refer to as rat-holing and has been done here [1]). Note that even if a participant doesn't rat-hole/shred their orders doesn't preclude them from spoofing, it just makes it less profitable to do so, and easier for advanced counterparty's to track and recognize bad reputation of a spoofer.
Not making it explicit allows spoofers to trivially run their algorithms without having to rat-hole/shred so it lowers the barrier to entry for spoofers and blends their orders in among the non-spoof orders resting in the book making their strategies more effective.
In any case spoofing is a felony because of dodd-frank. [2]
The only question that remains is does this exchange fall under the scope of dodd-frank's provisions against disruptive practices? What will they do to ensure that spoofing doesn't take place on their exchange? The law doesn't contemplate an exchanges ability to opt-out of this provision. If they are running an exchange that allows people to spoof they could be seen as allowing those felonies to occur through indifference because it generates volume and hence makes them more money, making them an accessory to the crime. In any case someone will need to enforce the provision on their exchange otherwise a perverse moral hazard is created where some participants are willing to risk breaking the law because the worst they will expect is a slap on the wrist, while those that do follow the law are at a severe informational disadvantage.
I would never trade under my own name in a pre- or post-trade transparent market that included broker ID. Competitors are great at working with lots of data. You don't think they'd take a crack at reverse engineering my models given a feed of every trade I did (or even worse, all my orders)?
I think anonymity in markets might be something we should experiment with getting rid of. Doing that right is hard because it is difficult to prevent sock-puppetry-spoofing which would require regulations and penalties for rat hole order shredding.
So order anonymity is 'easier'. But now the exchange has to deal with spoofers. Or not. but they must be explicit about their policy with regards to spoofing and rigoursly and rapidly enforce that policy. If they are not they create a syatem where some participants will break the rules to gain advantage and others will follow them and suffer. And allowing spoofing might be a violation of dodd-frank (i am not sure if this exchange implicitly falls under its scope or not) so again, some participants might feel to play it safe while others wont have such qualms.
Atleast using an order based feed makes it easier to track bogus orders which increases the difficulty for spoofers vs motivated play by the rules dont commit hundreds of felonies per day liquidity providers.
Trading ...ugh