We are excited to announce support for Zcash trading and custody. Starting on Saturday, May 19th at 9:30am EDT customers will be able to start depositing Zcash into their Gemini accounts. Trading will begin on Tuesday, May 22nd at 9:30am EDT. We will be offering the following new trading pairs and services:
4pm Daily Auction
When we began building Gemini over four years ago, we envisioned a platform that would allow customers to trade many virtual commodities. Zcash is a friendly fork of the Bitcoin source code, making it a member of the “Nakamoto Family Tree” of virtual commodities. The Zcash protocol’s cutting edge use of zero-knowledge succinct non-interactive arguments of knowledge (“zk-SNARKS” or “zero-knowledge proofs”) makes it a truly innovative privacy coin that offers confidentiality for peer-to-peer transactions similar to those afforded to fiat currency transfers (e.g., ACH, FedWire, SWIFT, etc.).
We have been working closely with the New York State Department of Financial Services (NYSDFS) to obtain approval to offer Zcash trading and custody services to our customers as a New York trust company. Our approval makes Gemini the first licensed Zcash exchange in the world. It also makes the NYSDFS the first regulatory agency in the world to supervise Zcash, reaffirming their position as the leading financial regulator in the area of digital assets. Regulatory certainty and oversight are critical for both fostering innovation and protecting consumers — and we’re excited to provide our customers with a safe, secure, and regulated platform to buy, sell, and store Zcash. We are proud to be supporting this new and incredible technology, and contributing to the next generation economy and the future of money.
Zcash supports two types of addresses: unshielded addresses, which start with ‘t’ (i.e., “t-address”), and shielded addresses, which start with ‘z’ (i.e., “z-address”). At launch, Gemini will support deposits from unshielded or shielded addresses, but will only support withdrawals to unshielded addresses. We are working to support withdrawals to shielded addresses in the future.
Building a rules-based marketplace is critical to our mission to build the future of money — individuals and institutions need to feel safe and secure when trading. To that end, we are excited to announce that over the coming months we will be implementing Nasdaq’s SMARTS Market Surveillance technology to monitor our marketplace.
SMARTS Market Surveillance, which is considered the most widely deployed surveillance system in the world, will enable us to monitor across all of our trading pairs, including BTC/USD, ETH/USD and BTC/ETH. Further, SMARTS will surveil our newly launched Gemini Block Trading, as well as Gemini Auctions, which are used to determine the settlement price for the Bitcoin (USD) Futures Contracts that trade on Cboe’s CFE Exchange under the ticker symbol “XBT” (contract specifications | fact sheet).
Adding trade surveillance technology is the most recent development in our efforts to build a rules-based marketplace, which already includes: (i) an Information Sharing Agreement with Cboe Exchange, Inc. allowing for cross-market surveillance, (ii) our internal Trading Policy with respect to material nonpublic information, and (iii) our Marketplace Conduct Rules that apply to all trading on our marketplace.
Our market surveillance team looks forward to using Nasdaq’s Alerts Development Environment and Alerts Management System to become a market leader in custom surveillance rule creation and alerting for the crypto-asset market. We believe that it is this advanced functionality combined with Nasdaq’s proven, rule-based approach to traditional financial market surveillance that will allow for the most thorough monitoring of the evolving crypto-asset marketplace, today and into the future.
Gemini looks forward to a long and productive relationship with Nasdaq.
As part of our mission to continue to improve and expand our platform, we are excited to launch Gemini Block TradingTM, a fully electronic block trading facility. Block Trading enables our customers to buy and sell large quantities of digital assets outside of Gemini’s continuous order books, creating an additional mechanism to source liquidity when trading in greater size. Gemini Block TradingTM will go live at 9:30am ET on Thursday April 12th.
Here’s how it works: Any customer can place a block order that specifies: (i) buy or sell, (ii) quantity, (iii) minimum required fill quantity, (iv) and a price limit (the “Indication of Interest”). Market makers only receive quantity, minimum quantity, and the collar price — they do not receive any other information (i.e., side, price limit, etc.) related to the block order. If a market maker agrees to “make a market” that satisfies the Indication of Interest, the block order will be filled. To learn more, please see our Marketplace page. To participate as a market maker in Gemini Block TradingTM or for further information, please contact email@example.com.
In accordance with our commitment to an equitable, transparent, and rules-based marketplace, block orders will be electronically broadcast to participating market makers simultaneously, ensuring best execution and price discovery for those participating in the program. Block orders do not interact with our continuous or auction order books. Trade information will be published via our market data feeds ten minutes following the execution of a block trade.
Beginning April 2, 2018, we will be updating our fee schedule for each of our three trading pairs: BTC/USD, ETH/USD, and ETH/BTC. You can see our updated Trading Fee Schedule here. This new fee schedule will go into effect at midnight UTC, April 2, 2018 (7:00 pm ET, April 1, 2018), and then be applied to all trades going forward from that time.
As part of Gemini’s mission to build the future of money, we believe in the importance of thoughtful regulation in the virtual currency industry. Starting in 2014, we worked with the New York State Department of Financial Services (NYSDFS) to obtain a trust company license for Gemini’s exchange and custody business. In 2017, as part of the development of the Cboe Bitcoin (USD) Futures Contract, we entered into an Information Sharing Agreement with the Cboe Futures Exchange (CFE), owned by Cboe Global Markets, Inc. (Cboe) and registered with the Commodity Futures Trading Commission (CFTC), to allow CFE to perform cross-market surveillance of Gemini’s marketplace. Lastly, we have adopted an internal Trading Policy with respect to material nonpublic information, as well as Marketplace Conduct Rules for all trading on our marketplace, in an effort to foster a rules-based marketplace.
With that said, there has been recent discussion among U.S. regulators and legislators about the need for further oversight and self-regulation of the virtual currency industry. When evaluating this need, it is important to first note that the term virtual currency (often used interchangeably with the terms “digital asset,” “digital currency,” or “cryptocurrency”) can refer to different asset types including virtual commodities like bitcoin, and separately, tokens built “on top of” blockchains that are securities (i.e., “security tokens,” which are sometimes issued via initial coin offerings (ICOs)). The legal status of bitcoin as a commodity was established by the CFTC in the 2015 order against Coinflip, Inc. This order stated that “Bitcoin and other virtual currencies” fall under the definition of a “commodity” as defined in Section 1a(9) of the Commodity Exchange Act of 1936 (CEA). This was recently confirmed by the U.S. District Court for the Eastern District of New York. As a result, virtual commodities like bitcoin (as a group, these are referred to in this document as “virtual commodities”) are “exempt commodities,” which is the same category in which the CFTC places metals and energy commodities, including gold, silver, oil, and natural gas. The cash markets (or spot markets) for exempt commodities, including virtual commodities, do not fall under the jurisdiction of the CFTC; however, the CFTC does have fraud and manipulation enforcement jurisdiction over these markets and market participants under the CEA. The legal status of whether or not a token is a security (i.e., not a virtual commodity) is determined by the Securities and Exchange Commission (SEC), which has traditionally been guided by the Howey Test and other SEC enforcement precedent when making these types of determinations. Unlike virtual commodities, security tokens and cash markets for security token transactions fall under the direct jurisdiction of the SEC and the federal securities laws, rules, and regulations.
The purchase and sale of commodities in the spot/cash markets has been historically exempt from the CEA and CFTC jurisdiction because cash market transactions, unlike derivative contracts, are: (i) traded for immediate delivery, (ii) settle “on the spot,” and (iii) are often underpinned by a commercial purpose (i.e., a farmer selling grain). As a result, these transactions are typically found to not be speculative in nature or readily susceptible to manipulation.
Cash markets for virtual commodities, however, are unique inasmuch as: (a) the commercial use-cases for virtual commodities are still developing, (b) there is strong speculative interest, (c) these marketplaces involve a large number of individual participants, and (d) technology makes individual transaction costs exceptionally low (on a relative basis) as compared to other physical commodity spot markets. As such, we believe adding an additional layer of oversight on virtual commodity cash markets, in the form of self-regulation, is important for consumer protection and to ensure the integrity of these markets. Below, we outline a proposal for the Virtual Commodity Association (the “VCA”), an industry sponsored self-regulatory organization for the U.S. virtual currency industry, specifically virtual commodity exchanges and custodians (collectively, “platforms”). The VCA: (i) will be a non-profit, independent regulatory organization that does not operate any markets, (ii) will not be a trade association, (iii) will not provide regulatory programs for security tokens or security token platforms, and (iv) will be in compliance with global standards and best practices for SROs.
Foster financially sound, responsible, and innovative virtual commodity markets through a system of industry sponsored standards, sound practices, and oversight that promotes price discovery, efficiency, and transparency.
Incentivize the detection and deterrence of manipulative and fraudulent acts and practices, including partnering with regulators and particularly the CFTC to share or refer information, as appropriate.
Require member firms to commit in writing, upon joining VCA, to operating their virtual commodity markets in compliance with Sound Practices, described below; and provide a sanctions based accountability program to compel ongoing member compliance.
Structure – Membership and Governance
Open for membership to virtual commodity platforms, over-the-counter (OTC) trading firms, and other trading facilities acting as counterparties that:
Provide an all-to-all platform or venue, available to U.S. participants, for transacting in the spot virtual commodity markets; or
Provide OTC or off-exchange services, available to U.S. participants, for transacting in the spot virtual commodity markets.
When applicable, the entities must otherwise be in compliance with and have obtained relevant licenses required to operate a business that involves holding customer fiat funds and the custody of customer virtual commodities.
To be governed by a Board of Directors – Board structure to come (including a required number of independent directors); funded by member fees.
To consider other potential member types in the future; website to come.
Sound Practices – Annual Certification by Members
Members shall certify to VCA, annually, that they are in compliance with “Sound Practices,” including:
Responsible Financial Management – Establish a transparent program of financial responsibility and controls for members to ensure confidence in the fiscal soundness of members and to encourage customer confidence.
Transparency; Conflicts of Interest – Provide appropriate transparency regarding bids, offers, executions, and other relevant data to the public; adopt policies to avoid conflicts of interest.
Rules Based Markets – Maintain and enforce a system of marketplace conduct rules; and implement policies and procedures to respond to and address customer concerns and complaints.
Cyber and Information Security; Recordkeeping – Implement and maintain current best practices with respect to cybersecurity, information security, and recordkeeping.
Surveillance – Monitor and surveil markets to detect and deter (and where appropriate, discipline) manipulative and fraudulent acts and practices.
Information Sharing – Agree to enter into information sharing agreements for the purposes of marketplace surveillance with other members and with regulated exchanges and trading platforms that list products based on virtual commodities.
Cooperation With Regulators – Among other things, agree to report instances of manipulative and fraudulent conduct to the CFTC and other regulators as appropriate.
Legal Analysis – Agree to perform proper diligence and legal analysis when determining the legal status of a virtual commodity for listing and trading in order to avoid listing and trading security tokens, unless the member has obtained necessary licenses for security tokens.
Primary Function of the VCA and its Board
Facilitate the periodic examination of members and issue a report indicating whether the member is adhering to its primary obligations and complying with Sound Practices;
Where members fail to comply with Sound Practices, impose agreed upon sanctions; and
Interact with and educate regulators (such as the CFTC or the SEC) and legislators.
The SRO approach has historically worked to protect and police various markets. For example, the National Futures Association is an SRO for the U.S. derivatives industry and is a model for how the VCA can work together with the CFTC to provide additional oversight to virtual commodity cash markets. The promise of virtual commodities and their impact on the future will be profound — but individuals and institutions need to feel safe and secure when transacting. We believe a thoughtful SRO framework that provides a virtual commodity regulatory program for the virtual commodity industry is the next logical step in the maturation of this market. We look forward to engaging with industry leaders, participants, regulators, and legislators on this proposal. If you would like to discuss this further, please email: firstname.lastname@example.org.
From day one, Gemini has required 2FA using the Authy service for all accounts. Starting on March 13, 2018 we will be enabling a new Authy feature for added security while performing sensitive transactions: Authy push notifications.
Sessions vs transactions
Most consumer-grade authentication systems operate at the level of sessions. Users provide their credentials — which may involve multiple factors such as a password in conjunction with a short-lived, one-time passcode. This initial step creates an authenticated “session” lasting for a fixed duration (e.g., one hour). During this time, users are allowed to browse around the site and use various features. After the clock runs out, the session reverts to an unauthenticated state, requiring users to prove their identity once again.
One shortcoming of this model is that after initial authentication, any number of actions are allowed within the authenticated session. Transactional authentication improves on that model by tying the authentication to a unique action. “Unique” being the operative keyword here: asking users to type their password one more time or even enter another 2FA code is not sufficient. Without knowing what will happen after completing those steps, users are effectively approving some action which may not be what they had in mind.
Phishing attacks and malware can exploit that disconnect. For example, in a phishing attack a user will be mistakenly interacting with a fraudulent copy of the service operated by an attacker. This fake website can:
Collect the password
Collect a 2FA code
At this point, the attacker can turn around and use those credentials (quickly, before the 2FA code expires) to login to the legitimate website to impersonate the legitimate customer.
Requiring additional 2FA codes to perform sensitive actions such as authorizing a payment is not sufficient to mitigate this. The phishing site can adjust its tactics, feigning an error after collecting the initial 2FA— even though it is valid and used by attacker to login— and trick the user into giving away a second 2FA code to use for authorizing the subsequent action.
While other authentication systems such as U2F are not susceptible to phishing, they have similar limitations against malware. If the device a customer is using to access their favorite website has been compromised by malware, that malicious software can silently alter user actions. For example, it can change the Bitcoin address submitted to a web page in order to funnel payments to a different destination. Not even the proof-of-presence required in U2F by pressing a button helps. While that event cannot be fabricated by malware running on the device— the token itself registers the contact— the user is more than willing to press the button in service of the attacker. After all, they are under the impression that this action will result in some intended, legitimate behavior. In reality it is authorizing some action that can be manipulated under the covers by malware. (Not to mention, malware can wait until authentication is complete to take advantage of the resulting session, complete with all required cookies and even TLS channel binding.)
The root cause of these problems is lack of context about the action being approved: the user believes that providing a 2FA code or pressing a button will lead to one outcome while the adversary has carefully altered the setup to trigger something else entirely. What is required is an out-of-band channel to verify the intended transaction, independent of the original device where it is initiated.
This is far from a new idea; there are many precedents for such verification in high-value scenarios, typically involving special purpose hardware:
Some cryptographic hardware tokens feature a trusted display and user-interface with physical buttons to confirm transactions. That display is driven by the token and cannot be manipulated by the machine the token is attached to.
Several Bitcoin hardware wallets have a display for confirming the destination addresses on transactions. Even if local malware running on the PC sends a different Bitcoin transaction for signing — as malware in the wild was discovered to be doing by manipulating the clipboard — the user has an opportunity to detect this substitution because the display cannot be manipulated.
A more mainstream example can be found in NFC payments using a smart-phone. While standard credit card payments (even with chip cards) involve blindly trusting the point-of-sale terminal to charge the expected amount, mobile wallets can first display the amount requested and obtain confirmation from the consumer before proceeding with the payment.
Introducing Authy Push Notifications
Luckily esoteric hardware is not required to get the benefits of out-of-band authentication. With the right application installed, the ubiquitous smart-phone can function as the independent verification channel. Authy, used by Gemini, is an example of such an app. When customers attempt to withdraw cryptocurrency from their Gemini account, they will receive an approval request on their mobile Authy app containing transaction details:
Unless the transaction is confirmed by clicking on the “Approve” button, no funds will be sent. Note this exchange is taking place on a completely different channel (via the Authy mobile app) than the browser session used to access Gemini. In fact, it is typically taking place on a different device altogether: a customer may login to the exchange on their laptop while receiving the notification on their phone. This out-of-band channel is protected from risks associated with the primary device. For example, even if a customer accidentally provides their password and 2FA code to a phishing site, that site has no way to compel that person to approve the notification requesting approval for funds transfer. More importantly, there is no way to obscure or misrepresent the intent of the transaction. Crucial details including amount and destination address will be included in the UI, giving the legitimate customer an opportunity to recognize it for what it is: an attempted theft. Similarly even malware running on the primary device can not in general cause the push notification prompt to be approved outside of user consent. (It would also require compromise of the mobile device to forge that approval.)
At this time, for customers who are already using the Authy mobile app, Gemini will require push notification approval for all crypto-currency withdrawals – no action is required to opt-in to the additional level of security. Gemini strongly recommends all customers to use the Authy mobile app and cautions against relying on SMS for two-factor authentication.
Gemini is proud to announce the successful first settlement of January expiry Bitcoin Futures, which trade on the Cboe Futures Exchange, LLC (CFE) under the ticker “XBT” (contract specifications | fact sheet).
The settlement price was $10,900.00, as determined by Gemini’s 4pm Eastern Time BTCUSD auction, in which 616.86 bitcoin traded — a notional value of $6.72m USD.
Cboe Global Markets, Inc. (Cboe), one of the world’s largest exchange holding companies, and Gemini Trust Company, LLC (Gemini), the world’s most regulated digital asset exchange and custodian, partnered to launch the first-ever bitcoin futures contract on December 10, 2017. Since inception, over 124,000 contracts have traded across expiries, representing a notional value of over $1.5bn USD.
Ed Tilly, Chairman and Chief Executive Officer of Cboe, stated: “This is an encouraging initial milestone, and we look forward to working with customers to power the growth of this nascent market.”
Gemini is excited to announce that Bitcoin (USD) Futures Contracts will begin trading on the Cboe Futures Exchange, LLC (CFE) starting at 6:00 p.m. EST on Sunday December 10th, 2017 under the ticker symbol “XBT” (contract specifications | fact sheet). Monday, December 11th, will be the first full day of trading, and there will be no trading fees for XBT futures in the month of December.
XBT futures are cash-settled contracts based on Gemini’s auction price for bitcoin, denominated in U.S. dollars. XBT futures are specifically designed to allow participants to implement straightforward trading strategies, through settlement to a single, tradeable auction price.
XBT futures will cash-settle on the third Wednesday of the month
Final settlement value (XBTS) will reflect the Gemini 4:00 p.m. ET daily bitcoin auction price
XBT futures will enable investors to take a directional view on the price of bitcoin (both long and short), gain exposure to bitcoin prices, or hedge their existing bitcoin positions
XBT futures will bring benefits to traders, including transparency, efficient price discovery, deep liquidity and centralized clearing
CFE is regulated by the Commodity Futures Trading Commission (CFTC)
Gemini is a New York trust company regulated by the New York Department of Financial Services (NYSDFS)
Gemini and CFE have cross-market surveillance and information-sharing agreements in place
As many are aware, Bitcoin attained new peaks of value on November 28th and into November 29th. On the morning of November 29th, our Web interface experienced an unprecedented increase in traffic which impacted the performance and availability of our Web interface and to a lesser extent our API servers. At no time was this increase in traffic an attack on any of our systems and our customers’ funds remain secure. This was solely a result of an unprecedented surge of requests on our platform.
Throughout the events that lasted from 10:11AM EST through 07:11PM EST, we made repeated attempts to tune the system to handle the extremely high traffic on the Web server. Most of these attempts were met with new, higher spikes in activity. The API remained unimpacted during the majority of the time that our Web interface was experiencing the excessive traffic, and our FIX and matching engines continued to fully operate throughout.
The environment stabilized at 7:11PM EST and, after monitoring the mitigation for a period of time, we communicated to our customers at 8:45PM EST on our status page that both our Web and API interfaces were in full functioning order.
As many of you may know, in August we migrated our primary trading platform and network PoP (Point of Presence) to our own hardware in the Equinix NY5 data center in Secaucus, New Jersey. The downtime on November 29th was due to an application tuning issue, and our servers in the data center had plenty of room to scale. Still, in preparation for events such as the one above, we have forecasted and prepared for increasing capacity and were already installing our new hardware when this occurred. We plan to bring this new capacity online in the near future to continue scaling our infrastructure to better service our customers and community. The security and availability of our Web, API, and FIX interfaces is our first concern and we strive to have them available for all our customers at all times.
Beginning November 15, 2017, Gemini’s best taker fee for liquidity-taking trades will be 10 bps (0.10%), on each of our three order matching engines: BTC/USD, ETH/USD, and ETH/BTC. Gemini’s best maker fee for liquidity-making trades will be 0 bps (0.00%), on each of our three order matching engines: BTC/USD, ETH/USD, and ETH/BTC. Market participants can achieve these favorable fee rates based on their 30-day trading volume. Note: we are removing the previous requirement related to maintaining a specific buy/sell ratio.
Please see below for a chart illustrating our updated Fee Schedule:
30-Day Volume (bitcoin)
30-Day Volume (ether)
In addition, all trades executed in Gemini’s daily BTC/USD and ETH/USD auctions will be subject to the same liquidity-making fee schedule and will be included in your 30-day trading volume used to determine your fee rates.