Security First: The DAV Foundation’s Rigorous Crowdsale Process

By Tal Ater

As the DAV Foundation approaches our main token sale on June 11th, I wanted to share a few details about the seriousness and diligence with which we are managing this upcoming critical milestone. The sale of DAV tokens will fuel our efforts to build the world’s most robust and versatile blockchain applications for global transportation in the autonomous-vehicle era. While our eyes are on that big prize, we understand that the next critical step in that journey, our crowdsale, must strictly follow the best practices for cryptocurrencies — putting security first.

It will start with a “Know Your Customer” (or KYC) process administered by Finpass. KYC, a widely understood concept in global finance, verifies the identity and residency of participants in sensitive cross-border transactions. We understand that regulatory oversight of crowdsales will only get more stringent over time. Our approach is to not only meet current requirements, but to anticipate an era of increasing scrutiny and to exceed the requirements by financial institutions in every geographical jurisdiction.

We chose Finpass for the company’s four layers of scrutiny — a combination of getting token buyers to fully understand the sales term; gathering detailed required personal information (including government issued forms of ID); the capturing of biometric data (via live video recordings and photo capture); and clearances from sanction lists. By following Finpass’s KYC methodology, we can protect all concerned parties from the chance that a contribution is being made to launder fiat currency while ensuring that all contributions follow the strictest legal requirements. We encourage you to visit Finpass’s website for a deep dive into the company and its detailed process.

Beyond those regulatory steps, our token and crowdsale smart contracts will be extensively audited by London-based Zero Knowledge Labs Ltd. The contract audit will be personally handled by ZK Labs’s founder Matthew Di Ferrante. The audit will be published publicly and be tied to a specific version of the contract — verifiable by the hash of the contract.

Di Ferrante previously oversaw numerous big-name audits, includes those for AdEx, BCSHOP Crowdsale, Databroker DAO, Enjin, Ethfinex Tether, and Polkadot. We expect Di Ferranti to provide necessary recommendations about crowdsale contracts, coding and design standards, deployment issues, function ordering, naming conventions, structural flaws, versioning, and security best practices.

Our anti-phishing and fraud efforts are run by Segasec, which specializes in helping organizations like ours protect the community from phishing scams, before, during and after the token sale. Segasec uses a combination of machine learning and a team of specialists to monitor activity across the web and the various social channels, looking for indications of malicious activities. Once spotted, Segasec works to takedown and block these activities, so that the community stays safe.

While ZK Labs and Segasec are providing the necessary third-party scrutiny, our own team of blackbelt code auditors will be even tougher than our hired guns. The group includes Nick Johnson — a core team member of Ethereum, the creator and chief developer of the Ethereum Name Service, and a core developer of Go Ethereum. Johnson brings his deep knowledge of hardware and software engineering, and seven years of experience in multiple roles at Google.

We are also consulting with Jay Adelson, who sits on our board of advisors, about the best ways to protect our online assets. He co-founded Equinix, the largest colocation data-center company in the world. Adelson, in turn, helped us secure auditing advice from Barrett Lyon, the creator of Prolexic, a major provider of security solutions for protecting web sites, data centers, and enterprise IP applications from Distributed Denial of Service attacks. Prolexic, which was sold to Akamai in 2014, serves corporations in the airline, banking, e-commerce, energy, and financial services industries. Lyon, who also founded BitGravity, XDN, and Defense.Net, is currently head of security, research, and development for Neustar, a leader in the field of authoritative identity resolution with more than 12,000 clients worldwide. DAV has joined that client list, as Neustar will be providing the security and DDOS protection for our servers.

From our offices and labs in Zug, Tel Aviv, San Francisco, and Vancouver, we are now working around the clock to get our code ready for the crowdsale. This process will further assure that we are building the best possible blockchain-based platform for the coming Internet of Transportation. Our software will help manage the movement of self-driving and self-flying hardware in the real world — transporting real goods and actual human beings. The safety implications are real. It’s a big responsibility. Trust is essential. That is why we are taking every thoughtful, preventative step to make sure our crowdsale is safe and successful.

If you’d like to register for our Token Sale you can do so at DAV.Network. If you have any questions please ask our team on our Telegram Channel.