CCXT Open Source Project in Controversy: Default rebate Settings Trigger Community Doubts

Recently, the popular cryptocurrency trading open source library CCXT has sparked widespread discussion due to a setting in its core code. Some users discovered that the software, without explicit notification, used a preset rebate ID to divert a portion of the exchange fee rebate income that should belong to the users. This finding not only reveals the potential business model behind open source projects but also causes many developers and trading teams that rely on its services to reassess their trust in the project.

CCXT, as a unified cryptocurrency trading interface, supports connections to numerous trading platforms around the world. It supports multiple programming languages, including JavaScript, Python, PHP, C#, and Go, making it widely used in various development environments. Users can perform various operations through CCXT, such as market analysis, indicator development, algorithmic trading, strategy backtesting, and placing orders, serving as a simplified trading analysis tool.

Currently, CCXT supports over 100 cryptocurrency trading platforms, covering almost all mainstream exchanges. Its convenience and Open Source characteristics make it one of the most commonly used tools for quantitative trading and strategy trading teams. On code hosting platforms, CCXT has over 36,000 stars, and its download count has reached more than 93 million, reflecting its widespread use globally.

However, a user recently revealed on social media that he found an abnormality in the rebate fees while using the CCXT framework. Upon checking, he discovered preset broker IDs in the source code of several exchange adapters of CCXT, which means that if users are unaware or have not modified it, some rebate fees will be charged by default. The user estimated that approximately $15,000 in rebates were collected in just two months across a few exchanges.

By examining the Open Source code of CCXT, it is indeed found that the default brokerId is included in the Python adapters of multiple mainstream trading platforms. These parameters mostly exist in a hard-coded form and will be sent along with the request when the user has not explicitly set or modified the relevant options, attributing potential fee rebates to the accounts provided by CCXT.

This practice can possibly be traced back to 2018. At that time, CCXT transitioned from a paid model to completely free, and a user suggested adding an optional referral ID on a code hosting platform to support CCXT. The project maintainers welcomed this and added the relevant code in the update. However, this seems to have become the starting point for CCXT to profit, as later maintainers added similar logic in the code of most mainstream exchanges, and the way it was written was relatively concealed.

The community has mixed reactions to this. Some question that as professional traders, one should not be overly concerned about these transaction fee rebates, while others believe that since it is Open Source code, not discovering and modifying these settings during use is a problem of the users themselves. However, considering the widespread use and good reputation of CCXT, this hidden coding method may indeed violate the trust the community has in it.

As of now, the CCXT official has not made a public response to this matter, and the code continues to be updated regularly, but no modifications have been made regarding the issue raised by the community.

This incident has sounded the alarm for users: in the cryptocurrency field, it is crucial to maintain a necessary scrutiny and vigilance towards any "free" services. Carefully inspecting every line of code may be the most basic and critical line of defense in protecting one's rights and interests. Because sometimes, the most expensive cost is precisely hidden beneath the facade of "free".