BLOCKCHAIN

MoonFi

A centralized exchange (CEX)

Client

Confidential

Duration

2 months

Introduction

MoonFi is an online marketplace that allows users to buy, sell and trade cryptocurrencies such as Bitcoin, ETH, Solana, USDT and many others.

Challenges

MoonFi aims to provide a high-frequency, low-latency environment for trading digital assets. However, several core business and operational challenges stood in the way of achieving this goal:

– Massive transaction volume and latency: The platform must be capable of processing thousands of orders and market data updates per second with minimal delay, especially during periods of extreme market volatility. Failure to maintain near-instantaneous processing leads to customer dissatisfaction, loss of trust, and missed trading opportunities.

– Maintaining data integrity in a distributed system: The system relies on multiple, specialized services (e.g., an order matcher, an account balance manager, a notification service) that all require up-to-date information. Ensuring transactional events are processed reliably and that all services reflect a consistent, accurate state of user balances and orders at all times is fundamentally difficult.

– Digital asset security and regulatory exposure: As a central custodian of large amounts of value, the platform is a high-value target for sophisticated attacks. Protecting customer funds, private keys, and sensitive personally identifiable information (PII) is non-negotiable, and compliance with evolving global financial regulations must be baked into every part of the infrastructure.

Solutions

To overcome the challenges, Hola Tech adhered to the best practices. Key components of the solution included:

– Achieve ultra-low latency trading: The core order-matching system must be developed using a highly efficient language (Go) specifically chosen for its speed and concurrency. Furthermore, an in-memory data store (Redis) is essential for caching the active order book, eliminating slow disk I/O and enabling sub-millisecond execution times. This is the foundation for a responsive trading experience.

– Establish asynchronous event-driven consistency: Implement a robust event streaming platform (Apache Kafka) to serve as the single, durable source of truth for every transaction. This ensures all specialized microservices (Go-based Matching Engine, Node.js-based APIs) receive and process events reliably and sequentially, guaranteeing eventual data consistency across the entire ecosystem.

– Development a specialized real-time margin & liquidation engine: This is necessary to handle the complexities of futures contracts by preventing systemic risk. This engine’s function is twofold: first, it performs Real-Time Margin Calculation by continuously ingesting all position changes and live price updates via the event stream (Kafka) to immediately assess a user’s margin health (Initial Margin, Maintenance Margin) upon any market or account event; second, it utilizes a dedicated, low-latency compute service (e.g., a high-performance Go microservice) to perform Automated Liquidation, which instantly executes partial or full liquidations when a user’s margin health falls below the required threshold.

Featured numbers

– Trusted by 15,000 users from 20 countries

– Secured $1 million in total value locked (TVL) within the first 60 days of launch

– Mitigated 100% of all attempted SQL injection and cross-site scripting (XSS) attacks in Q1

Results

The implemented system successfully met the MoonFi’s requirements for performance, security, and global accessibility. The platform has rapidly established market confidence, securing $1 million in Total Value Locked (TVL) within the first 60 days of launch, demonstrating the effectiveness of the highly optimized backend and secure AWS infrastructure. Furthermore, MoonFi immediately achieved global reach, attracting and securing the trust of 15,000 users from 20 countries by providing a reliable and low-latency trading experience. Crucially, the robust security measures mitigated 100% of all attempted SQL injection and cross-site scripting (XSS) attacks in Q1, validating the design’s focus on protecting user data and funds in a highly targeted industry.