After recent of SEC taking on EtherDelta, one might expect would be next in the list. We have to ask ourselves — how truly decentralized and safe IDEX is? news IDEX IDEX is present on Etherscan. Let’s dive into it. smart contract Why so small one might ask? The entire smart contract is only 184 lines. The reason behind this is that IDEX is not full capacity exchange on the blockchain. It doesn’t store its order book on the blockchain, neither it uses smart contract for order matching. That all is delegated to their private servers. Then their code has to be open-source in case something happens to them, right? Their source code is private. In other words, if their website is taken down by hacker/regulators, the entire exchange would be stopped for sure with no easy way to make it operational. Nope. At least I can get my ether/tokens back anytime, right? They have lock time on ether/token withdraw called . At that moment it is set to 17 days, but it can be increased by admin to roughly 6 months.Proof. Nope. inactivityReleasePeriod Your funds are locked You would think. In absolute worst case, I’ll get my funds back in 6 months, right? In the worst case, you would get your money almost never. Inactivity period updated on every traded line 182. That means if hacker gets IDEX and you have at least one open order, the hacker can fill your order with just one token to block your funds for yet another 6 months. Essentially that can last almost forever. Nope. lastActiveTransaction[tradeAddresses[3]] = block.number; Conclusion I am disappointed by IDEX on many levels. First of all, it is a gigantic stretch for IDEX to call themselves a decentralized exchange. They could claim to be a decentralized custodian, but even here they failed with implementing locking properly as it allows to lock user funds somewhere between 6 months and many years. They are vulnerable on both levels blockchain and private servers. Whatever gets hacked exchange would halt. And even worse if the smart contract is hacked, then users funds can be locked. It is especially upsetting taking into account an amazing smart contract developed by . EtherDelta TL;DR IDEX is not decentralized exchange at all. IDEX is the decentralized custodian of ether/tokens, but due to poor smart contract implementation funds can be locked for minimum 6 months up to many years. If this post was helpful, please click the clap 👏button below a few times to show your support! ⬇⬇ Social Connect with me on . LinkedIn Follow me on . twitter Read More _We are going to figure out what is EOS token and how you can create and deploy one yourself._hackernoon.com How to Create and Deploy Your Own EOS Token _You think your AWS or Digital Ocean bill for your website is killing you?_hackernoon.com How Much Does It Cost to Run DApp in 2018 Originally published at ylv.io on November 21, 2018.