Crypto Exchange

What Is a Crypto Exchange?

A crypto exchange is a platform that facilitates the buying, selling, and trading of cryptocurrencies. Exchanges match buyers and sellers, provide price discovery, and handle the mechanics of transferring digital assets between parties. They function similarly to traditional stock exchanges but operate in the cryptocurrency market, typically running 24/7 without market closures.

Crypto exchanges come in two fundamental forms: centralized exchanges (CEXs) operated by companies that custody user funds and manage order books, and decentralized exchanges (DEXs) that run entirely on smart contracts without a central operator. Each model involves distinct tradeoffs around speed, security, regulatory compliance, and user experience.

For most users, a centralized exchange is the first point of contact with crypto. These platforms bridge the gap between traditional finance and digital assets by accepting fiat currency deposits and converting them into cryptocurrency: a process known as on-ramping. The reverse process, converting crypto back to fiat, is called off-ramping. This gateway function makes exchanges foundational infrastructure in the crypto ecosystem.

How It Works

Centralized Exchanges (CEX)

A centralized exchange operates as a custodial intermediary. When users deposit funds, the exchange takes control of those assets and records balances in an internal ledger. Trading happens off-chain on the exchange's own infrastructure, and only withdrawals trigger actual blockchain transactions.

The typical user flow on a centralized exchange:

1. Account creation and KYC/AML verification: users submit identity documents (government ID, proof of address) to comply with regulatory requirements
2. Fiat deposit: users transfer funds via bank transfer, wire, debit card, or other supported payment methods
3. Order placement: users submit buy or sell orders specifying price and quantity
4. Order matching: the exchange's matching engine pairs compatible buy and sell orders from its order book
5. Settlement: matched trades settle instantly on the exchange's internal ledger
6. Withdrawal: users can move purchased crypto to an external wallet or convert back to fiat

The order book model is the most common matching mechanism. It maintains a sorted list of buy orders (bids) and sell orders (asks). When a bid price meets or exceeds an ask price, the engine executes the trade. Major exchanges process millions of orders per second using low-latency matching engines.

Decentralized Exchanges (DEX)

A decentralized exchange eliminates the central operator entirely. Instead of an order book managed by a company, DEXs use smart contracts deployed on a blockchain to facilitate trades. Users retain custody of their funds throughout the trading process, connecting their wallets directly to the DEX protocol.

Most modern DEXs use an automated market maker (AMM) model instead of order books. In an AMM:

1. Liquidity providers deposit pairs of tokens into smart contract pools (for example, ETH and USDC)
2. A mathematical formula (typically x * y = k) determines the exchange rate based on the ratio of tokens in the pool
3. Traders swap one token for another by interacting with the pool, shifting the ratio and adjusting the price
4. Liquidity providers earn a share of trading fees proportional to their contribution

Uniswap popularized this model on Ethereum, and variations like concentrated liquidity (used by Uniswap v3 and v4) and Curve's stableswap algorithm have refined it for different asset types. DEXs require no account creation or identity verification, but users pay gas fees for each on-chain transaction and face risks like slippage and impermanent loss.

Fee Structures

Centralized exchanges typically charge fees based on a maker-taker model. Makers add liquidity to the order book by placing limit orders that don't immediately execute. Takers remove liquidity by placing orders that fill against existing orders. Makers generally pay lower fees because their orders improve market depth.

Typical fee ranges at major exchanges (as of 2026):

DEX fees work differently. Traders pay a protocol fee on each swap (typically 0.01% to 1% depending on the pool), plus blockchain gas fees for transaction execution. The protocol fee is distributed to liquidity providers as an incentive.

CEX vs. DEX Comparison

Use Cases

Fiat On-Ramps and Off-Ramps

The primary use case for centralized exchanges is converting between fiat currencies and crypto. When someone receives their paycheck in dollars and wants to buy Bitcoin, they deposit fiat into an exchange and place a buy order. When they want to pay rent with their crypto gains, they sell on the exchange and withdraw fiat to their bank account. For a deeper look at how this infrastructure works, see the research article on the crypto on/off-ramp market landscape.

Trading and Price Discovery

Exchanges aggregate supply and demand across thousands of participants, producing market prices for crypto assets. Spot trading (buying and selling at current prices), margin trading (borrowing to amplify positions), and derivatives (futures and options) all occur on exchange platforms. Professional market makers provide continuous liquidity by quoting bid and ask prices.

Institutional Access

Regulated exchanges provide the compliance infrastructure that institutional investors require: segregated custody accounts, insurance coverage, audit trails, and reporting capabilities. The approval of spot Bitcoin ETFs in the United States in January 2024 further connected traditional finance with crypto markets, with exchanges like Coinbase serving as custodians for multiple ETF issuers.

Stablecoin Trading

Exchanges are a major venue for stablecoin trading pairs. Traders use stablecoins like USDC and USDT as base currencies for trading against volatile assets. This creates constant demand for stablecoin liquidity and positions exchanges as critical infrastructure in the stablecoin payment ecosystem.

Security Considerations

Exchange Hacks and Failures

The history of crypto exchanges includes several catastrophic security failures that underscore the risks of centralized custody:

• Mt. Gox (2014): once the world's largest Bitcoin exchange, Mt. Gox lost approximately 850,000 BTC (around 200,000 were later found in an old wallet) and filed for bankruptcy in February 2014. Creditor repayments began over a decade later.
• FTX (2022): in November 2022, FTX collapsed after it was revealed that approximately $8 billion in customer funds had been misused. Founder Sam Bankman-Fried was convicted of fraud in November 2023 and sentenced to 25 years in prison in March 2024.
• Bybit (2025): in February 2025, hackers linked to North Korea's Lazarus Group stole approximately $1.5 billion in ETH and stETH from Bybit, making it one of the largest crypto heists in history.

Proof of Reserves

In response to the FTX collapse, many exchanges adopted proof-of-reserves (PoR) systems to demonstrate that they hold sufficient assets to cover customer deposits. PoR typically combines on-chain wallet audits with cryptographic proofs:

• Binance uses zk-SNARK (zero-knowledge proof) verification to let users confirm their balances are included without revealing individual account data
• Kraken has published proof-of-reserves audits using Merkle tree verification since 2014
• OKX publishes monthly proof-of-reserves reports

However, proof of reserves has limitations: it shows assets at a point in time but does not prove the absence of hidden liabilities. A full audit requires verifying both assets and liabilities, which most PoR systems do not cover.

Self-Custody Alternative

The phrase "not your keys, not your coins" reflects a core principle in crypto: self-custody eliminates exchange counterparty risk entirely. Users who withdraw funds to a personal wallet (whether a hot wallet or cold storage solution) retain full control over their private keys and are not exposed to exchange insolvency, hacks, or freezes.

Layer 2 solutions like Spark enable users to hold and transfer Bitcoin and stablecoins with self-custody while still benefiting from fast, low-cost transactions: combining the convenience that draws people to exchanges with the security of holding your own keys. See the Spark layer 2 overview for how this works in practice.

Regulatory Landscape

Crypto exchanges operate under an evolving patchwork of regulations that vary significantly by jurisdiction.

United States

In the US, crypto exchanges register as money services businesses (MSBs) with FinCEN and obtain state-level money transmitter licenses. The SEC and CFTC have contested jurisdiction over crypto assets: the SEC considers many tokens to be securities, while the CFTC treats Bitcoin and Ethereum as commodities. The GENIUS Act, passed in 2025, established a federal framework for stablecoin issuance and affected how exchanges handle stablecoin listings and custody.

European Union

The EU's Markets in Crypto-Assets (MiCA) regulation, which came into full effect in December 2024, created a comprehensive licensing framework for crypto-asset service providers (CASPs). Exchanges operating in the EU must obtain authorization, maintain capital reserves, and comply with consumer protection requirements.

Travel Rule

The Travel Rule, originally a FATF recommendation, requires exchanges to share sender and recipient information for transfers above certain thresholds. This anti-money laundering measure applies to both fiat and crypto transfers and has driven exchanges to implement identity verification for withdrawals as well as deposits.

Risks and Considerations

• Counterparty risk: depositing funds on a centralized exchange means trusting that company with custody. Exchange insolvency, internal fraud, or regulatory seizure can result in loss of deposited assets.
• Security vulnerabilities: exchanges are high-value targets for hackers. Even exchanges with strong security practices remain vulnerable to sophisticated attacks, social engineering, and supply chain compromises.
• Regulatory risk: exchanges may freeze accounts, delist tokens, or restrict access based on changing regulations or compliance decisions. Users in certain jurisdictions may lose access to platforms with little notice.
• Smart contract risk (DEXs): decentralized exchanges depend on smart contract code that may contain bugs or vulnerabilities. Unlike centralized exchanges, there is typically no customer support or dispute resolution process for DEX users.
• Front-running and MEV: on public blockchains, traders can observe pending DEX transactions and insert their own trades ahead, extracting value from other users through sandwich attacks and other MEV strategies.

This glossary entry is for informational purposes only and does not constitute financial or investment advice. Always do your own research before using any protocol or technology.