Orderbook is a decentralised marketplace where users can operate with many different cryptocurrencies. It has an appropriate level of security.

First, you should see the User contracts diagram.  All funds that user deposits to Orderbook website are actually being sent to user's Proxy Contract. For better understanding why it's called Proxy and why we don't use simple Ethereum address, let's see into a matter.

There are three actors:

  1. User Address is a simple Ethereum address. It is assigned to a user after registration. The private key for this address is generated from user's password and is stored on the server in a special encrypted container. It is decrypted on the client side with a user password. After registration, the user receives a backup container with the private key of this address.
  2. User Contract is a smart contract in the Ethereum blockchain that contains a set of operations that user can do with their funds. User Contracts are deployed by Orderbook and assigned to users by giving contract ownership to User Address. Every time user wants to perform an operation with their tokens, User Contract requires two signatures: User Address' signature and Ordebook's signature. This is done for security reasons: Orderbook only signs transactions initiated by the user during an open client session. Therefore, if only the private key is stolen, funds can't be transferred.
  3. Proxy Contract is a smart contract of a very simple architecture. It stores funds and can do any operation written in User Contract. Proxy Contract is owned by User Contract. It means that only User Contract can do any operations with user's funds. Proxy Contract can hold ether and any ERC-20 token. As one may notice, deposit address for every token except bitcoin is the same – that is the address of Proxy Contract.

It may seem unnecessarily complicated, but it has reasons to be so. First of all, users often forget their passwords which makes decryption of their private keys impossible. This leads to inevitable loss of all tokens stored at those addresses. But with User Contract recovery is possible. Password recovery is enabled by default for each user registered on Orderbook. In terms of smart contract, this adds one more cosigning oracle to the user contract. You can read more about recovery here.

To verify user's identity by phone number services of SecondFactor.io are used. When identity is verified, SecondFactor signs recovery transaction and transfers ownership of User Contract to new User Address. This way user can get a new password and, hence, a new address. Therefore, in case User Address' private key is lost, the user can create a new one and have his funds operational.

Smart contracts already deployed into Ethereum network can't be modified. To add a new functionality to User Contract, Orderbook would need to redeploy all User Contracts. That could lead to tokens loss in case tokens had been stored on user contracts. That's why Proxy Contract is needed. Its only function is to store user funds, this contract is never redeployed and is permanently linked to the user.