Real Estate backed security tokens — deploying 🚀 and detailing the blockimmo platform smart contracts

and… our HackerOne 🐛 bounty is now public!

Michael Dietz
Sep 28, 2018 · 10 min read

Over the last 8 months we’ve been hard at work building the blockimmo platform. In early April we described the smart contracts powering blockimmo. Since then we’ve deployed over 50 smart contracts to the Ropsten test network, intensively tested them with thousands of transactions, and ran end-to-end tests of our platform on the Ethereum MainNet. In June our platform was audited by New Alchemy with near-perfect results. In August our ÐApp was penetration-tested by Hosho with no serious findings, and we launched a private bug bounty program via HackerOne (not a single issue discovered). We’ve continuously improved, refined, and simplified our platform, working closely with our legal partner, MME, and banking partner, Bank Frick, to ensure our platform is fully-compliant with the strict Swiss and Liechtenstein legal / regulatory requirements. The result is a solid, production-ready, regulated platform capable of ushering in a new world of real estate investment and ownership.

Now we’re in the process of rolling out the blockimmo platform to production 🚀. We’re not live yet, but we’re close, very close. Our platform smart contracts have been deployed and are live on the Ethereum main network. This post will thoroughly document the architecture and design of our platform, tying it to our source code and live deployments.

Source code

Contributions in the form of issues, pull requests, and community audits are appreciated 😁.

HackerOne bug bounty 🔎 🐛

We award up to $10,000 for the responsible disclosure of a critical bug.

Design decisions

The fundamental layer of our software stack lives here, on the Ethereum blockchain. This layer is composed of focused, modular, and simple smart contracts that interact / fit-in with each other to encapsulate the critical state and computation of our platform. They’re built on the solid, battle-tested OpenZeppelin. We even adopted the design patterns and code-style of OpenZeppelin in our smart contracts to ensure consistent, high quality, and secure code.

The blockimmo AG platform contracts exhibited many positive characteristics including extensive reuse of well known libraries, very modularized source code, and well documented and thorough unit-level test cases. blockimmo AG also took care to follow a number of best practice coding guidelines …

- New Alchemy, blockimmo security audit

Architecture

This layer is composed of focused, modular, and simple smart contracts that interact / fit-in with each other to produce the behavior of our system / platform.

Image for post
Image for post
The blockimmo platform’s control flow graph, generated with Surya, a utility tool for smart contract systems https://github.com/ConsenSys/surya

Analyzing the above graph, we notice:

1) Low / loose coupling between smart contracts. “Low coupling refers to a relationship in which one module interacts with another module through a simple and stable interface and does not need to be concerned with the other module’s internal implementation (see Information Hiding).”

2) Unidirectional data flow. All data in our system flows in a single direction.

3) No circular /cyclical dependencies between smart contracts.

4) Simple. If you look closely, with a bit of re-arranging, the above graph can be drawn with no lines intersecting each other.

We should aim for simplicity because simplicity is a prerequisite for reliability. Simple is often erroneously mistaken for easy. “Easy” means “to be at hand”, “to be approachable”. “Simple” is the opposite of “complex” which means “being intertwined”, “being tied together”. Simple != easy.

Above, we visualize the blockimmo platform (system) with a single tokenized property. As commercial properties are sold via blockimmo (and later, development projects financed and residential properties sold), this system will evolve. We’ve architected and designed our platform such that it can support an ecosystem of real estate where different entities (ie governments, organizations, people, and smart contracts — a subset being DAOs) can plug-in and enable opportunities and possibilities not yet considered. As Steven Wolfram emphasizes, in the computational universe, we’ve now seen how rules that are incredibly simple can produce incredibly rich and complex behavior.

Preliminary

There is centralization in our platform / smart contracts. Our platform is of no value if it’s not regulated in a AAA jurisdiction (in our case Switzerland / Lichtenstein). This is only possible (currently) with some degree of centralization. We’ve wrestled with our legal partner, MME, to introduce as little centralization into our platform as possible. The result is centralization in two places: our LandRegistry and Whitelist (blockID) smart contracts (both controlled by blockimmo AG).

Realistically, investors are actually safer / more secure with this centralization than without. Switzerland / Lichtenstein are such solid jurisdictions that the probability of loss of funds / investments due to centralization are significantly lower than due to a bug / vulnerability in a decentralized system (extremely hard to design properly, and we’re still in early days). Centralization gives us an additional layer of security / safety-net. Learn more about our legal framework and investor protection here (coming soon).

All that said, we’re taking a major step towards the vision — a completely decentralized world of real-estate. We’re very happy to answer any questions or concerns. The best way to reach us is our twitter or reddit.

Overview

Image for post
Image for post

Properties are officially and legally represented as asset-backed tokens (securities) on the Ethereum blockchain. When a property is tokenized its rights and ownership are encapsulated in an ERC20 token (each property gets its own, independent / unique token). Supply is fixed (every single (commercial) property on the blockimmo platform is represented by 1,000,000 tokens — the token name is the property’s eGrid, and the token symbol is the property’s grundstück).

blockimmo AG is heavily involved (at first) in the tokenization process of each property. Property owners interested in selling a property contact us to list it for-sale on our platform, and after thorough checks and verifications (with industry partners), blockimmo AG will append the TokenizedProperty to our on-chain LandRegistry. If a TokenizedProperty isn’t in the LandRegistry, it isn’t valid! Our legal framework works in synchronization with our smart contracts, and maps this on-chain LandRegistry to the traditional (old-world) registry. This ensures that at any time and in any scenario, an investor can obtain a certificate of ownership (in the old-world).

Tokenized properties are sold via TokenSale. Each property essentially has its own ICO. It would be more appropriate to refer to this as a security token offering (STO) though, as these tokens are (regulated) securities. Properties are valued by strong industry appraisal partners to ensure realistic soft / hard caps. It is also important to note there is no utility / in-between token in these sales. Investments are made directly in Ether, and the seller of the property receives Ether at the conclusion of a successful token sale (this can be converted to a FIAT currency with our brokerage partner, Bitcoin Suisse). One interesting feature of our TokenSale smart contract is the use of Maker’s medianizer to give seller’s the option to set the soft / hard cap of their TokenSale in USD (instead of the default, Ether). This is an extremely simple solution to mitigate the volatility of Ether (from a seller’s perspective) as these sales are often long-running. Investors have the freedom to invest earlier or later in the sale to mitigate (or play) Ether’s volatility.

Once tokenized and sold, commercial properties continue to be managed by well-known local management companies specializing in property management (strictly vetted by blockimmo AG). Quarterly financial performance reports and updates are delivered by the management company to blockimmo AG, thoroughly checked by our finance team, and provided to investors. These properties generate income, and all profits (minus blockimmo AG’s 1% fee) are distributed to the property’s investors via the TokenizedProperty smart contract — proportional to the investor’s share of tokens. Investors are notified when dividends are paid-out, and dividends can be claimed at any time (no expiration date), only claimable by the token holder at the time of payout.

Owners of a property are able to extend and vote on proposals via ShareholderDAO (i.e. vote to elect a new management company for the upcoming year), which is attached to each TokenizedProperty. Voting is proportional to the investor’s share of tokens.

Lastly, as our platform is regulated and these tokens are securities, we must be able to identify the owners of any given property, at any given time. This means we must perform KYC / AML checks, and whitelist investors before they’re able to invest in properties. Our on-chain Whitelist enforces this at the smart contract level — our platform is coded with compliance.

LandRegistry

Image for post
Image for post
https://etherscan.io/address/0xf31b25b753dfb6a79cf36630dcf03ff53178341c
Image for post
Image for post
https://www.withpragma.com/share/jPu1Vxl012MK
Image for post
Image for post
https://gitlab.com/blockimmo-ch/blockimmo-contracts/blob/master/contracts/LandRegistry.sol

Whitelist

Image for post
Image for post
https://etherscan.io/address/0x2d1711ada9dd2bf8792ad29dd4e307d6527f2ad5#code
Image for post
Image for post
https://www.withpragma.com/share/MJrW6Bq4NRz9
Image for post
Image for post
https://gitlab.com/blockimmo-ch/blockimmo-contracts/blob/master/contracts/Whitelist.sol

TokenizedProperty

Image for post
Image for post
https://etherscan.io/address/0x2bec82472a1f3ad941a94fb9d5512c9e51ec979d#code
Image for post
Image for post
https://www.withpragma.com/share/AlT2RUUZqmjJ
Image for post
Image for post
https://gitlab.com/blockimmo-ch/blockimmo-contracts/blob/master/contracts/TokenizedProperty.sol

ShareholderDAO

Image for post
Image for post
https://etherscan.io/address/0x27bd6d1f438692f72cf082a62acdb45855869e29#code
Image for post
Image for post
https://www.withpragma.com/share/CQza3CFz2vW3
Image for post
Image for post
https://gitlab.com/blockimmo-ch/blockimmo-contracts/blob/master/contracts/ShareholderDAO.sol

TokenSale

Image for post
Image for post
https://etherscan.io/address/0x9d713e0a2f6a1c9650083ebca27f4520cd2cde8e#code
Image for post
Image for post
https://www.withpragma.com/share/zDx9Z3sXdV0v
Image for post
Image for post
https://gitlab.com/blockimmo-ch/blockimmo-contracts/blob/master/contracts/TokenSale.sol

Future

Etherscan (verify / info)

Image for post
Image for post
We re-use our platform smart contracts and ÐApp to tokenize 20% of our company’s shares (blockimmo AG) and sell them in a STO to finance the massive scaling of our platform. Note this is not a utility / in-between token! It is shares of blockimmo AG

More information about our platform launch will be announced soon™ aka in 2–4 weeks 😄. Shortly after going live we’ll post again, and send an email to all who have subscribed (you can do so below).

Did we spark your interest? Would you like to find out more about our platform, technology, or meet us? We’re happy to invite you to our offices in Crypto Valley Zug. Let’s keep in touch! https://blockimmo.ch

blockimmo

Facilitating an accessible, streamlined real-estate market

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store