DeFIRE’s Safety Measures
You’re all here very early. From a security standpoint, that’s an unavoidably double edged sword. The nature of DeFi is to innovate at such a pace that teams either enter the market at a full sprint and build as they go or tap into an enormous well of financial resources to launch a fully formed system. In the latter scenario, investors come into the market on a wing and a prayer, hoping it’s not too late to score a decent return.
DeFIRE will be a bootstrapped project, and we hope to chart a middle path that attempts to anticipate the actions that will provide assurance to investors while also remaining nimble, embracing the possibilities of decentralisation. Allowing the community to step in and claim a stake in the direction of the project through the establishment of a DAO is at odds with building out a fully formed financial juggernaut ahead of launch.
That said, we’re taking as many safety measures as possible before our Early Adopters Sale. We have already:
- Completed an internal KYC amongst the founding team’s members.
- Found a public figure willing to join our multi-sig, subject to community approval.
The following measures are currently in progress:
- An external KYC of Glitch with https://synaps.io/
- Identifying a community member to join our multi-sig.
And, before the Early Adopters Sale, we will also:
- Commission a professional review of our Early Adopters Sale smart contract code.
- Open-source our smart contract code for community review.
There have been a tremendous amount of rug-pulls from new projects over the last few months. It’s gotten so bad that it’s hard to trust a single measure to keep you safe these days. One of DeFIRE’s core values is transparency, so let’s discuss each measure listed above, which risks it mitigates against, and what it wouldn’t mitigate if it was the only safety measure.
KYC
Know Your Client (KYC) typically means a business verifying the identities of their customers. However, the acronym is used to mean almost the opposite in the context of crypto pre-launch sales, namely that the investors have assurances that a trusted entity holds the real life identity of the project’s team. The way it works is that a trusted entity verifies the identity of the project’s team, announces that they have done so, and then holds the identity in escrow, only disclosing it to the authorities in the case of malfeasance by the project’s team.
DeFIRE is performing both an internal KYC and an external KYC. Firefly, Glitch, and Phenix have already participated in a video call with each other, sharing our IDs, faces, and other identifying information.
Protection Offered by KYC
KYC is intended to significantly raise the stakes of dishonest action by a project’s team. If an anonymous team steals funds from their investors, the first step in holding them accountable is to discover their identities. Often this is very difficult to do. On the other hand, if a KYC’d team steals funds from their investors, authorities can skip straight to prosecution, because the identities of the founding team will be disclosed.
Shortcomings of KYC
Of course, a team who is KYC’d can still steal from their investors. KYC doesn’t actually prevent dishonest behaviour, it just means teams who act dishonestly will face serious consequences.
Multi-sig
“Multi-sig” stands for multiple signatures, meaning that more than one signature is required for a transaction to be approved.
Protection Offered by Multi-sig
If a project uses multi-sig wallets to store funds, this means that one person can’t run away with everything. Instead, if a dishonest person wants to steal the funds, they need to convince other people on the multi-sig to collude with them, in order to get enough signatures to approve the transaction.
Shortcomings of Multi-sig
Collusion is possible, especially if the multi-sig is comprised entirely of members of the project’s team. It’s also important to keep in mind that the protection offered by multi-sig setups can become a double-edged sword depending on how many signatures are required.
For example, imagine a multi-sig with five signatories where all five signatures are required. This sets the bar for collusion very high, because everybody on the multi-sig would need to cooperate in order to steal the funds. But it also means that any single person on the multi-sig can veto any transaction simply by not signing it. This allows any one of the five members to hold all of the funds hostage. Consequently, there needs to be a balance between preventing collusion and vetoing.
We’ve decided to use a 4 out of 5 multi-sig structure. Firefly, Glitch, and Phenix will each hold a key. The remaining two keys will be held by a public figure and a community member not on the team. This structure gives real veto power to the non-team signatories while still preventing a single person from holding funds hostage.
Code Review
DeFIRE’s team will pay a well-known figure in the DeFi community to review the Early Adopters Sale code. That person will publish their findings publicly for the entire DeFIRE community to review. If they discover any issues, DeFIRE’s engineering team will resolve them before the Early Adopters Sale and resubmit the updated code for further review.
Protection Offered by Code Review
The point of a code review is to get a third party to identify potential vulnerabilities. This catches both honest mistakes and attempts at introducing backdoors. Choosing a reputable member of the DeFi community should mean there’s little risk of collusion. Public figures won’t risk their reputation to collude in stealing funds.
Shortcomings of Code Reviews
Code reviews, even when done by a professional, are not the same as a formal audit. We believe the Early Adopters Sale code is simple enough that the expense and time of a formal audit isn’t warranted. However, we will seek a formal audit for BLAZE, because the codebase will be much larger and more complex.
Open Source Code Review
“Two heads are better than one, not because either is infallible, but because they are unlikely to go wrong in the same direction.” ― C.S. Lewis
If “two heads are better than one,” what about thousands of heads? This is one of the ideas behind open-sourcing the Early Adopters Sale smart contracts. We will do so far enough in advance of the Early Adopters Sale that the community has time to read the code carefully and bring up any issues they find. There will be bounties announced and paid as compensation to anybody who can find a vulnerability in the Early Adopters Sale code.
In addition to improving trust, safety, and transparency, we believe in the values behind open-source software. Creating a solid codebase for a public sale and making it open-source means other developers can use it for their own projects in the future. This aligns with DeFIRE’s mission to accelerate development in the DeFi space.
Protection Offered by Open Source Code Review
As with the professional code review, open-sourcing the code allows for outside review of the developers’ work. Unlike the professional code review, there should be no concerns about collusion, because it’s not realistic for DeFIRE’s team to collude with every coder in the community. It wouldn’t even be possible to identify every coder in the community in advance, let alone convince all of them to turn a blind eye to vulnerabilities in the code.
Shortcomings of Open Source Code Reviews
Not everyone can read code. If you’re one of those who can’t, you have to trust those who can to be honest about what they see in the code. But there’s no incentive for them to lie, and in fact the bounties should give a very good incentive for people to try their hardest to find vulnerabilities in the code.
You should also keep in mind that audits, professional code reviews, and open-source software are all about finding technical exploits. Even if the code is completely secure, that doesn’t protect against theft by a project’s team. That’s why we’re using a combination of measures.
DeFIRE’s Combination of Safety Measures
To recap, DeFIRE will take the following safety measures before conducting its Early Adopters Sale:
- Perform an internal KYC amongst the founding team’s members.
- Complete an external KYC of at least one member of the founding team.
- Create a multi-sig which meaningfully includes third parties.
- Commission a professional review of our Early Adopters Sale smart contract code.
- Open-source our smart contract code for community review.
Individually, no single one of these measures would be enough to call the Early Adopters Sale ‘safe.’ But we believe that in combination, these measures make a public sale about as safe as it possibly can be.
Hopefully you now understand better what each individual safety measure protects against and what it doesn’t, so you can make informed decisions about whether or not to participate in DeFIRE’s Early Adopters Sale or other pre-launch sales.
