DEV Community

Cover image for How I Exposed a Cryptocurrency Exchange's Dirty Tricks to Fight Competition
Karthik Varma
Karthik Varma

Posted on

How I Exposed a Cryptocurrency Exchange's Dirty Tricks to Fight Competition

It's no wonder that post the bullish market run in 2017, cryptocurrencies are known to almost everyone across the world 🌏. That run attracted more players into the market. From people tempted to make easy money to investors who catered to this sudden spike in users from institutional players to rookie users. Many new platforms known as crypto exchanges where people can buy and sell cryptocurrencies began to sprout up.. As of April 2018, has reported that there are around more than 500 cryptocurrency exchanges. Since there was a sudden spike in the number of exchanges, these exchanges resorted to using various tactics to gather more users onto their platform from competitions to airdrops and referral programs.

BitBns is one of the popular Indian cryptocurrency exchange. It started operating from December 2017. Even though they were new into that market it didn’t take them much time to gather a good reputation thanks to the founders who were already running a good company and a growing user base thanks to the bearish market 📈

When they started they went on a listing spree. They had more digital assets than Koinex, Coinome and even other popular exchanges. People just loved BitBns because of their quick support and that they were offering more choices of cryptocurrencies.

But post Q1 2018 there were many exchanges in the market and all these were using all kind of possible tricks from trading competitions to referral programs to get that market share.

The factors that matter to users to select their exchanges are:

  • 24 Hours Volume (People don’t want to wait a lot of time for their orders to get executed)
  • Good Support (People don’t like waiting and since cryptocurrencies are highly volatile they expect quick support)
  • More Listings (People love to buy all kinds of different cryptocurrencies)

  • 24 Hours Volume plays a very crucial part in regards to any cryptocurrency exchange because CoinMarketCap won’t list exchanges that don’t have volumes above a particular threshold. The CoinMarketCap ranking is very important for all exchanges as its like the search index of all crypto assets or exchanges. Essentially CMC is like Google for crypto-assets and exchanges.

In fact traders like me check the volumes on CMC first and then go to various exchanges. Now coming back to BitBns, it already has all other things except volumes. Maybe due to this they decided to manipulate it just to gain market share.


I have traded on most of the Indian exchanges in the past and BitBns didn’t have that great volumes. Then when BitBns suddenly had better volumes compared to WazirX, Koinex and Coindelta, I thought it was a system bug.
In the past, BitBns was accused of having faked their volumes and they explained that there was a bug in the system. This was even reported by Coincrunch in March, 2018.

Now when it comes to July, 2018 when most of the Indian exchanges volumes are decreasing drastically, BitBns volumes are still good. I had my doubts about it and wanted to check if it was true. To my realisation ,indeed the volumes shown are wrong.

Firstly, I looked at how the Trade History is updated on the website. Essentially, trade history contains the history of last ten executed trades. It shows a timestamp, the volume and the PPU(Price Per Unit).

trade history

Later I found out from the XHR requests that the trade history data is sent using Polling APIs.

There were two APIs. One for generating a Session ID and then the other which uses this Session ID to fetches the Trade History data.

Due to this I decided to check the volumes of BTC and XRP markets as they are in the top five markets by volume on BitBns. Now I knew how to fetch the data and had to decide my stack.

I was quite familiar with Node.js and decided to use it to put all the data I fetch into a database.

After that, I decided on using MySQL because it seemed like the most logical to me. I used MySQL like 3 years back before this and whenever I tell my friends that I use MySQL even now they just laugh 😹

I used axios to fetch data from the APIs. However, the response I received was so shitty I had to clean up the response and turn it into parseable JSON.

I sorted out everything to fetch the data and then had to store everything in MySQL. I programmed it in such a way so that when the program starts it puts the data as it is in the database on the first run. Then from later on it compares the latest record in the database with the newly fetched data from the trade history. If new records are detected based on the timestamp from the API-fetched data, then it is inserted into the database.
I created a table for XRP and BTC each with the SNo, TimeStamp, Volume, PPU columns.

This is how data is stored inside MySQL:
mysql store

If the timestamp, volume and PPU are same for data, then it is treated as duplicate data and does not get stored in DB. This case is extremely rare but I put it just incase if anything went wrong.

I used mail services to send notifications once the script ran and once to send an aggregated volume after 24 hours directly to the email.
After that, I put everything in a setInterval to keep fetching and storing the data.

An overview of the different functions I used:
Fetching new data using setInterval

Since the time interval is pretty high, you might think that we may miss some trades. However in Indian markets thats actually a great refresh rate. This is because there aren’t many trades as they are on Binance. Nonetheless, I didn’t miss any data.
I was fully ready with my code and deploying it.

I deployed my program on WeDeploy and the MySQL DB on Google Cloud Platform. The deployment and infrastructure was not at all a problem, thanks to the amazing team at WeDeploy.


I stopped my program exactly 24 Hours after it has begun. Even though we got the aggregated results on the email, I decided to aggregate them myself inside MySQL. The below are the results from the program.

Here are the 24 Hours aggregated volume of XRP and BTC markets based on our program:
volume mysql

There was a drastic difference between the volumes reported by BitBns and CoinMarketCap
On BitBns and CoinMarketCap :

The 24 Hours Volumes on BitBns of XRP Market (Right) and BTC Market(Left):

The volumes shown on CMC after 24 Hours:

The Volumes shown on BitBns and CoinMarketCap are called as Rolling Volumes. It means that when you open their website, the Volume shown on the website is from the past 24 hours.

If you open it at a time T then the volume shown is from T-24 .

On BitBns website, the 24 Volume of XRP is shown as 3,75,410 and the 24 Volume of BTC is shown as 20.266.
Let's compare this with result of our program.

  • The program said that the 24 hour volume of XRP is 62,365 and on BitBns it says 3,75,410 . The volume reported on the website is more than 500% than the actual volume.
  • Again the 24 hour volume of BTC is 2.638 according to our program and on BitBns it says that it is 20.266. The volume reported on the website is more than 668% than the actual volume.

BitBns is reporting a manipulated 24 hour holumes. It reported 501% more incase of XRP and 668% incase of BTC than the original volumes.

We can clearly see that that BitBns is faking its volumes in order to gain a competitive edge over other exchanges. We have no idea many other exchanges are reporting fake volumes.

Special thanks to MCD-50 for helping me out.

In case you want to verify my claims, here is the link to the project on GitHub

Top comments (37)

halldavid profile image

Exposing unethical practices in the cryptocurrency industry can be a valuable contribution to promoting transparency and fairness. However, it's crucial to approach this process responsibly and ethically. Here's a general outline of how you might go about exposing dirty tricks while competing with a cryptocurrency exchange:

Gather Evidence: Start by collecting substantial evidence of the unethical practices you want to expose. This might include transaction records, communications, or any other relevant documents that clearly demonstrate the wrongdoing.

Stay Legal and Ethical: Ensure that your actions comply with all relevant laws and regulations. You should not engage in any illegal activities or hacking to obtain information. Focus on ethical means of collecting evidence.

Anonymity: Consider protecting your identity during this process. Depending on the circumstances, exposing unethical practices can result in backlash or legal challenges, so anonymity can be essential for your safety.

Documentation: Create a detailed document that outlines the unethical practices you've observed. Include clear evidence, such as screenshots, transaction logs, and any other relevant data. Be precise and factual in your descriptions.

Reach Out to Authorities: If you believe the unethical practices involve illegal activities, consider contacting the appropriate authorities, such as regulatory agencies or law enforcement. Provide them with the evidence you've collected.

Whistleblower Programs: Some countries have whistleblower protection programs that provide legal protections to individuals who expose wrongdoing in their organizations. Look into whether such programs exist in your jurisdiction.

Media and Public Disclosure: Depending on the severity of the unethical practices and your willingness to go public, you may consider reaching out to investigative journalists or media outlets that cover cryptocurrency-related topics. Be prepared for potential legal consequences and backlash from the exchange.

Legal Counsel: Consult with legal experts who specialize in cryptocurrency and financial regulation to understand the potential legal ramifications of your actions. They can advise you on how to proceed legally and safely.

Online Communities: Share your findings in online cryptocurrency communities and forums. Engage in discussions and provide evidence to raise awareness about the unethical practices.

Transparency: If you are running a cryptocurrency exchange yourself, emphasize transparency and ethical business practices in your own operations. Show users that you are committed to fair and honest trading.

Keep Records: Document all interactions, communications, and actions related to your exposure efforts. This can be important if legal issues arise.

Protect Yourself: Be aware that exposing unethical practices can sometimes result in personal threats or harassment. Take precautions to protect your safety and anonymity if necessary.

Remember that exposing unethical practices in the cryptocurrency industry can be a risky endeavor, and the outcomes can vary significantly. It's essential to act responsibly, legally, and ethically throughout the process while considering the potential consequences and ensuring your own safety.

shadowruge profile image

Muito coerente seu texto, parabéns

bgadrian profile image
Adrian B.G.

I also think you can double check their addresses and get the numbers directly from the ledgers. It will be harder to aggregate and to get all their wallets though.

Also MariaDB is the new mySQL 😀

leovarmak profile image
Karthik Varma

Directly checking with the public ledger cannot be option for this thing. Lets say a user is using the exchange's wallet service only to store data and not to trade then it will be problem.

Never heard of MariaDB before. Looks nice! Thanks for sharing !

danmandel profile image

I would expect all trading to be done off-chain and to not show up in the ledgers until the user specifically initiates a withdrawal or deposit.

hdennen profile image
Harry Dennen

Yep, trading transactions will not be found on public ledgers.

ben profile image
Ben Halpern

Wow, thanks for sharing. This is really interesting on a few fronts. Will BitBns face any consequences from this?

leovarmak profile image
Karthik Varma

I don't think it will be an issue right now since crypto is not yet regulated here in India. But once its regulations are in place and then if the crypto is dealt like stocks then users can sue the company for showing misleading information.

brick profile image

PaybyPlateMa is a new and innovative way to pay bills online. Instead of sending your invoice by mail, you can use your PaybyPlateMa account to pay immediately with a debit or credit card or even with your mobile phone.

alexclerk profile image

In addition to that, I believe that you can verify their addresses and obtain their phone numbers by directly consulting the ledgers. Despite this, it will be more difficult to collect and obtain all of their wallets.flying together

arthurjonh profile image

Your patients will have easier access to timely and high-quality care when you use the AIM Specialty Provider Portal, which is both straightforward and intuitive to use. The real-time responses are available around the clock through ProviderPortalSM. Through the use of the Supplier Portal, suppliers have convenient and speedy access to information on members and their entitlements. You are able to check on the status of a member's contributions, payments, benefits, and eligibility by using the AIM Provider Portal.

latimer112 profile image

Exposing unethical practices in any industry can be a challenging and potentially risky endeavor. If you have evidence of dirty tricks or unethical behavior by a cryptocurrency exchange, here are some steps you can consider taking:

Gather evidence: Collect all the relevant information and evidence regarding the dirty tricks or unethical practices. This can include screenshots, transaction records, emails, or any other documentation that supports your claims. Make sure to organize and securely store this evidence.

Consult legal advice: It's crucial to seek legal advice to understand the potential legal implications of exposing the cryptocurrency exchange's actions. A lawyer experienced in cryptocurrency and regulatory matters can guide you on the best course of action and how to protect yourself legally.

Document your findings: Create a comprehensive report detailing the unethical practices you have observed. Clearly present the evidence, describe the impact of these practices, and explain why they are harmful to the industry or consumers. This report can serve as a foundation for your case.

Choose the appropriate channels: Decide on the most effective channels to bring attention to the issue. Options may include media outlets, regulatory authorities, industry forums, or social media platforms. Consider the reach and credibility of the channels you choose, as well as any potential legal implications.

Maintain anonymity if necessary: Depending on the circumstances and potential risks involved, you might consider preserving your anonymity to protect yourself from potential backlash. This can involve using pseudonyms, encrypted communication channels, or relying on whistleblowing platforms that prioritize anonymity.

Engage with the community: Share your findings and evidence with the cryptocurrency community. Engage in discussions on reputable forums, social media groups, or industry-specific platforms. Educate others about the unethical practices you've uncovered and encourage open dialogue.

Cooperate with regulatory authorities: If the unethical practices involve illegal activities or violations of regulations, consider reporting the issue to relevant regulatory authorities. Provide them with the evidence and information you have gathered to aid their investigations.

Remember that exposing dirty tricks or unethical practices can have consequences, both for the cryptocurrency exchange involved and for you personally. It's essential to take the necessary precautions, consult legal advice, and consider the potential risks before proceeding. MyCenturaHealth

hirsch112 profile image

PayByPlatema is a toll payment platform used by some toll road agencies in the United States. It allows drivers to pay tolls electronically by linking their license plate number to their account and adding a payment method, such as a credit card or bank account.

davidpay profile image

Exposing unethical practices in any industry can be a complex and risky endeavor, especially when it involves a cryptocurrency exchange. While transparency and ethical behavior are important, it's crucial to approach this in a legal and responsible manner. Here are some steps you can consider if you believe a cryptocurrency exchange is engaging in unethical practices and you want to expose them to help foster competition:

Gather Evidence: Start by collecting concrete evidence of the unethical practices you believe the exchange is involved in. This could include documents, emails, chat logs, or any other relevant information that demonstrates wrongdoing.

Anonymity and Safety: Protect your identity and safety first. If you decide to expose these practices, consider using an anonymous identity online and avoid sharing personal information that could lead back to you.

Legal Consultation: Consult with an attorney who specializes in cryptocurrency and securities law. They can advise you on the legal implications of your actions and help you understand any potential risks.

Whistleblower Protections: Investigate whether there are any whistleblower protections or programs in your jurisdiction. Some governments offer legal protections and rewards for individuals who expose corporate misconduct.

Secure Channels: Use secure and encrypted communication channels when sharing information with journalists, regulatory authorities, or the public. Tools like encrypted email services, VPNs, and anonymous browsing can help protect your privacy.

Media and Journalists: Reach out to reputable journalists who cover the cryptocurrency industry or financial markets. Provide them with your evidence and discuss the possibility of an investigative story. Ensure that you protect your identity during these communications.

Regulatory Authorities: Contact the relevant regulatory authorities, such as the Securities and Exchange Commission (SEC) in the United States or equivalent organizations in your country. Share your evidence with them and let them investigate the matter.

Online Forums and Communities: Share your findings on reputable cryptocurrency forums and communities where users discuss exchange-related issues. Be cautious about the information you share to avoid legal repercussions.

Public Awareness: If you believe that the practices are causing significant harm to the cryptocurrency community, you might consider making your findings public through a blog post or website. Ensure you have a legal and ethical basis for doing so.

Protect Yourself: Be aware that exposing unethical practices can lead to backlash or legal consequences. Take steps to protect yourself and your interests. Consult with your attorney throughout the process.

Remember that exposing unethical practices should be done with the goal of improving the industry and protecting investors, not for personal gain or vendettas. It's important to act responsibly, ethically, and within the bounds of the law while striving for transparency and fairness in the cryptocurrency market.

brick profile image

MyFordBenefits web portal is created for the company’s employees’ welfare. It provides all the necessary information to both current and retirees.

jaysiddik profile image
Jay Siddik

Great post.

To check all the prices of indian exchanges. try this app IOS and Android

pipahaha profile image

I'm looking forward to it word counter

brick profile image

PFMLogin com is an online portal through which employees, customers or drivers can access all the information and tools necessary to collect information.

recoolhair1 profile image

What great info, thank you for sharing. this will help me so much in my learning.

jeonlae profile image

Thanks for sharing this helpful stuff. kp my hre connect

Some comments may only be visible to logged-in visitors. Sign in to view all comments.