31 May 2021
PUBLIC SECURITY POLICY
We are well aware of many cases where security breaches or code loopholes caused material damage to investors and projects:
  • $160 mn Parity eternal freeze,
  • $1.3 bn cumulative loss from cryptocurrency exchange hacks,
  • Tezos $230 mn conflict,
  • DAO $70 mn smart contract theft and many more.
These multiple incidents brought two conclusions:
First, there are no absolutely unhackable IT systems in the world
Our honest intention is to get as much feedback as possible from any parties: our community, shareholders, partners, token buyers, exchanges, independent consultants, testers, white hat hackers, lawyers, fiat financial professionals. So if you have anything to recommend, or noticed a problem/weak spot in our security design, please let us know openly via this blog comments, or email us at tvolkova@quadrocapital.com.
Second, the system and its policies shall have the maximum possible level of security with human factor reduced to minimum and transparency of all operations increased to a level we prefer calling "paranoid".
We don't want potential attackers to have all our protection measures on their displays, and that is why there is a number of secret layers in our defense system — some traps we don't show publicly, yet deploy them from the very beginning. In addition to that, DGems' security system will evolve over time to address new threats and employ best new technologies available.
General thoughts and basic principles
It is generally acknowledged that the blockchain technology per se is the biggest opportunity and the biggest risk for any data driven company. Its inability to process reverse transactions eliminates risks of window dressing and data manipulation, yet it makes impossible any voluntary repairs by the system architects in case something goes wrong.
Therefore, cybersecurity is one of our most important priorities in the design and development of IT systems. When drafting the project's roadmap, we laid down the mandatory audit and configuration of the entire IT system (especially critical systems for the emission and storage of tokens) together with professionals in this industry. As a result, we are to obtain a certificate from a trusted and respected cybersecurity agency, and also close all security holes and approve a protection strategy.
Token storage security is based on the following approaches and levels of protection (please note that the list is far from complete):
Maximum security and closure of the network management of tokens and cryptocurrencies from the outside world. Management of tokens — their release and transfer from cold storage — takes place in a secure closed network, which will be audited and attacked in test mode from cybersecurity teams with a world name. In addition to the fact that the system components are protected, all events in this network are recorded and monitored. In case of unauthorized events, the network is to be completely turned off and the work is to be switched to the backup network, thus even the hacked network cannot be used because of inactivity.
The network for working with critical cold storage wallets will only be launched upon request. The network is disconnected when it is not needed for conducting transactions. Off-grid will not allow hacking it during the time when specialists conduct security works. Unplugged equipment is harder to crack.
Any transactions on withdrawal of tokens from wallets must be confirmed by the multisignature system in N of M (e.g. 2 of 3) independent wallets that are managed independently of each other and are geographically isolated in very remote areas. We are planning to introduce a multi-level system for checking codes and addresses of wallets for maximum secure transaction.
Smart contracts and tokens will be created on the basis of the proven Ethereum blockchain technology, which has passed numerous security tests and continues to be constantly tested for vulnerabilities and is currently the most secure and technically developed one among all public blockchains, to the best of our knowledge.
The network for managing tokens will undergo regular security audits by the best teams in this area, during which test attacks on the infrastructure will be regularly conducted and new approaches and security software will be integrated.
Protection and encryption of employee devices, encryption of email and corporate chats, multi-level protection of their accounts is to be imposed.
1.
2.
3.
4.
5.
6.
Secure Token Emission
Token creation and release is a multistep process. Because of this, it is extremely important that only reputable third-party companies are involved. Having said this, we need an independent agency that will handle the storage, logistics and redemption of the physical stones.
Mass token emission will be handled according to the following scheme: 1. First, diamonds are purchased according to the investment declaration(which we are currently finalizing and will make public as soon as it is ready). Once bought, they pass through a multi-step physical review and control process, get packed into special sealed boxes and reach the vault. In the vault, they are placed in the diamond pool.
Stones are not delivered to the vault by the management company, but by a carefully selected leader in the diamond logistics (we have limited our search to Brinks, Ferrari or Malca Amit). Thus, the management company cannot tamper or otherwise forge the quality or quantity of the diamonds.
The value of the diamond pool is then calculated by the pricing algorithm(another separate document to become publicly available), and a new total value and per token price is established. The pricing algorithm is designed to analyze the diamond market daily, and uses that data to quickly and effectively establish the cost of any diamond with given parameters. As a result, we will know the full value of the bought diamonds in basic (presumably, fiat at this stage) currency, e.g. US dollars.
At this point, the blockchain initiates the creation of a smart contract for the necessary amount of tokens. The amount is calculated as value of diamonds arrived at the vault divided by current price of the token. At the initial issue phase, the token price will be conveniently set at $1.00 per token, so if $10 mn worth of diamonds arrive at the storage, there will be 10 mn new tokens minted. If at a later stage a new emission occurs, let's say, in a size of $10 mn again, and the current token price at the moment is $1.05, there will be 9,523,809 tokens issued.
Speaking of confirmation procedure and oracles: the creation of the smart contract(s) and tokens will then be checked for correct calculation of token value and general legitimacy by the following agents: the escrow, the vault, and the management company. Only when all three groups approve the new tokens through a public signature, the tokens are released.
After the successful completion of all checks the newly issued tokens are made public on the Ethereum blockchain via the smart contract. At the same time, information about the approval of the individual tokens is published in a private blockchain so that users can personally verify the emission process and the confirmation of both the escrow and the vault.
Following the publication on the public blockchain, the token can be sold through different channels: directly through our platform, via crypto exchanges, and via approved crypto brokers.
1.
2.
3.
4.
5.
6.
Security of the diamonds redemption process
As you remember, one of the important features that DGems presents is investors' ability to convert the token into physical diamond(s). The process is very straightforward, transparent and secure.
To facilitate this opportunity, we have created a complex system that has its interface as a web based interface with a required multi-factor authentication for access. Within the interface, users can check clients for successful/unsuccessful completion of the KYC/AML, ownership of tokens, ownership of DGem diamond certificates, as well as go through the entire process of physical redemption, given successful verification.
The interface includes:
Token creation and release is a multistep process. Because of this, it is extremely important that only reputable third-party companies are involved. Having said this, we need an independent agency that will handle the storage, logistics and redemption of the physical stones.
Mass token emission will be handled according to the following scheme: 1. First, diamonds are purchased according to the investment declaration(which we are currently finalizing and will make public as soon as it is ready). Once bought, they pass through a multi-step physical review and control process, get packed into special sealed boxes and reach the vault. In the vault, they are placed in the diamond pool.
a multifactor authentication for entry to the interface for management and verification of DGems data,
the register of KYC/AML clients which holds the status of completion of KYC/AML, and the documents involved,
the register of the diamonds stored in the vault, with their characteristics and serial numbers,
the register of diamond ownership (for those stones already attributed for redemption) which is double checked by the blockchain data upon the verification of the DGems ERC721 token certificate, and
the centralized backup data kept by DGems.
This block implements several functions:
completion of the KYC/AML by investors,
double checking of the ownership of the ERC721 token, and the specific diamond to which it is anchored. Here, the check is focused on the owner or a legal representative of the owners, with the relevant documentation and list of diamonds which they own,
verification of the payment of all the relevant redemption commissions.
tracking of ERC721 tokens: after a successful redemption, the involved ERC721 token must be erased from the blockchain according to specific procedures, and the data on diamonds held must be updated accordingly,
upkeep of the decentralized system (the lifeboat feature).
One of the key ideas of the DGems project is the decentralized solution on the blockchain base to establish steadfast infrastructure under which token owners can access their investment, in the form of diamonds, even in the unlikely event that the management company is unreachable/unfunctional.
This is achieved by the delegation of the redemption process to a third party company, with a long unmarred track record in working with diamonds. The process also relies on the blockchain technology as a registry of ownership rights to diamonds, and it is guaranteed that the register is impossible to alter by the very blockchain tech.
The diagram below illustrates the flow of tokens and diamonds within our system.
United Service Company on the diagram represents the two most important third party services - the safe storage of diamonds and redemption of the physical diamonds according to our procedure.
Email us
Feel free to contact us whether you are interested in becoming our client or have any questions.
By pressing "Submit" you confirm that you have read and agree with the terms of our Privacy Policy.
Contact us
Just type your contacts and we'll let you know
By pressing "Submit" you confirm that you have read and agree with the terms of our Privacy Policy.
Close
Do you have any questions? Contact us!
By pressing "Send" you confirm that you have read and agree with the terms of our Privacy Policy.