DXdao Blockchain Review and Report Proposal

Background:

This proposal relates back to work done in June 2021 to obtain an initial blockchain AML review of the DXdao treasury. Though the initial review and related report have been useful to allow the DXventures program to function, the review was not thorough enough to be used in many other circumstances (e.g. bank transactions, government inquires +).

An initial budget was approved to obtain a more thorough and publicly available report in September 2021. After looking for some time to find a capable analytics team that can receive payment on-chain, I am submitting this proposal on behalf of the analytics team that will be completing the blockchain review of the DXdao treasury.

Objective and Summary:

To prepare a comprehensive compliance report of DXdao treasury deposits and DXD holder transaction activity. All DXdao transactional activity will be screened for Targeted Sanctions and High Risk activity using data from Chainalysis, the market leader in blockchain compliance and investigation software.

The report will be professionally prepared and can be posted and shared publicly, including with government and other entities to foster growth of the DXdao community.

Source Data and Definitions:

Any address labeled as sanctioned or deemed to be “high risk” according to Chainalysis data will be mentioned in the final report.

  1. Sanctioned is defined as appearing on any of the following lists:

  2. OFAC sanctioned addresses

  3. EU sanctioned addresses

  4. UN sanctioned addresses

  5. High Risk: is defined as any address which Chainalysis has categorized as:

  • Child exploitation
  • Ransomware
  • Terrorist Financing

Screening will cover addresses which have directly interacted with the DXdao smart contract or held the DXD token.

Technical Methodology:

  1. Review all addresses which have interacted with the DXdao token contract including, bought or sold DXD for Sanctions or High Risk addresses (Ethereum Mainnet)
  2. Review all current holders of DXD for Sanctions or High Risk addresses (Ethereum Mainnet)
  3. Review all DXdao treasury payments for Sanctions or High Risk addresses (Ethereum Mainnet)
  4. Review all addresses which have interacted Gnosis Chain treasury for Sanctions or High Risk addresses (Ethereum Mainnet)
  5. Review all DXdao REP holders for Sanctions or High Risk addresses (Ethereum Mainnet)
  6. Review all xDXdao Gnosis Chain REP holders for Sanctions or High Risk addresses (Ethereum Mainnet)
  7. Review all addresses which have interacted with the DXdao token contract on Arbitrum for Sanctions or High Risk addresses (Ethereum Mainnet)

Timeline for Delivery:

Analysis and report will commence on the date that the initial deposit is received. The estimated completion time is 5 weeks from the date of proposal acceptance / initial payment.

Payment, Terms, and Milestones:

Payment is requested via USDC on the Gnosis Chain.

Project Milestones:

  • Proposal submitted
  • DXdao agrees to move forwards and fund the proposal;
    • DXdao makes 40% payment
  • Pre-read of Compliance Report delivered to DXdao team 3 weeks from date of proposal agreement
    • DXDao team has 1 week to request changes or amendments to the compliance report
  • Final report is delivered to DXdao team 1 week from date of
    • 60% payment delivered upon receipt of final report.

The complete project will be billed at $20,000 USDC

About:

The compliance report will be prepared by Anil Kadimesetty who has multiple years of experience building blockchain compliance and investigation software. Anil is the former director of engineering at Chainalysis and is currently the Head of Engineering at Opyn.

6 Likes

Just a question on something I’m unclear:

On point 1. Review all addresses which have interacted with the DXdao token contract including, bought or sold DXD for Sanctions or High Risk addresses (Ethereum Mainnet)

The link links to the DXD contract - what does “bought or sold” as any DXD mean? IMO we should review all addresses which purchased DXD from the bonding curve - as that’s how we raised money and fund operations. “Bought or sold” sounds like it’s just anyone who ever held DXD at any point in time? Even if this was acquired on the secondary market? I don’t see much value in such an analysis as it was not purchased from DXdao, and there is nothing we could even do to address any issues, if there were to be any. But I do think it’s great to review all addresses which minted or burnt DXD while the bonding curve was active – as these are funds DXdao holds and uses. Reviewing any address that held DXD just seems outside of the scope IMO.

The same feedback applies to point 2. and 7.

Also just curious why DXD is reviewed on Arbitrum and Mainnet, but not Gnosis Chain - is there a specific reason for that? But same feedback above would apply to GC too.

5 Likes

Thanks for the comment. Yes, I will clarify the proposal to state that only addresses that bought / burned DXD via the bonding curve contract will be reviewed for the report.

Great Q re: the absence of Gnosis Chain review – there isn’t enough analytics available on Gnosis chain to conduct a proper review. I can check with the analysts if they can do some ad hoc review. However, since we’ll be limiting the review to the bonding curve only this shouldn’t be too relevant.

4 Likes

Thanks for researching this @Tammy. In my opinion, it doesn’t make sense to move forward with a $20k expenditure right now for this research report.

  • Is this a need or a nice to have? DXdao needs to take a close look at all its expenses as the market turns and I think this $20k would be much better spent on product development. The only need is on a potential DXventures investment, but it doesn’t make sense to preemptively spend the money until it is requested. Especially considering the report would not come with an established company name/logo, which would likely be required by anyone interested in obtaining a report.
  • The signal proposal that you reference is the “Q4 Legal budget signal proposal”, which passed in October 2021 and estimated the cost of such a report at $10k. That signal proposal passed on GC with only 2.7% REP and hardly seems justification for work to be done close to Q3 2022 in a much different market environment. Furthermore, that signal proposal estimated $38k in costs, but the work in that proposal has already surpassed $53k. This proposal would request a different amount, in a different quarter than was stated in a signal proposal that has already exceeded its budget.
  • DXdao is currently looking for a DAO Counsel and I do not think DXdao should proceed with a large legal expenditure until there is a paid DXdao contributor that can investigate and coordinate these efforts.

Considering these points, Caney Fork would vote NO on this proposal in its current form.

9 Likes

Thanks for the comments @Powers As the former counsel for DXdao, this blockchain reportl is a need not a “nice to have”.

  • A proper review of DXdao’s $20 million treasury for $20,000 is the bare minimum a DAO of this size can do to protect itself against regulatory enforcement in a bear market.

  • Why preventing regulatory enforcement is an obvious need

Over the past few months, the US and EU have been gearing up on regulations directed at crypto and DeFi. Also, regulatory enforcement doesn’t slow down in a bear market; it often picks up.

In fact, the US House of Representatives Financial Services Committee has recently made inquiries to industry actors on if they are complying with targeted sanctions. Inquiries like this are exactly what DXdao should be attempting to avoid, but should be prepared for.

  • The Q4 Proposal covered legal fees to establish the Swiss AG, which is how EU contributors can be paid to develop products

Thanks to the Q4 signal proposal you mentioned, a legal entity was set up to pay contributors in Europe, which was almost impossible previously without violating money transmitter, AML, and tax laws.

  • Finding a legal counsel will be a lot easier if DXdao demonstrates that it takes regulatory issues seriously

You mentioned that DXdao has been looking for a new DAO counsel since I moved to Opyn. An individual based in Germany contacted me about the position asking my opinion on DXdao. They only seemed interested in the position if DXdao could provide him with a non-temporary, salaried position complying with social security and VAT laws. Through the AG set-up with the Q4 proposal, DXdao can now do that.

  • I will request compensation through my law office for my time on this project when it’s delivered

Not sure I get your concerns on the paid contributor front. I will request payment for the work done on this project and the lesser help provided in setting up the Swiss AG. @fluidDrop mostly handled this. Because of my past relationship with DXdao, I will pro-rate costs based on the contributor guidelines and deliverables (instead of an hourly rate).

4 Likes

Interesting proposal! Thank you for this @Tammy. As someone who has also previously worked as a lawyer within the privacy and compliance sector, I’d like to put my 0.02$ in the discussion as well.

Regarding compliance efforts, I’d often metaphorically compare it to riding a bike. Everything goes well until you suddenly fall off the bike and wish you had at least worn a helmet. The compliance helmet would at least dampen the fall, which can be the difference between a catastrophic result and just some bruises. And it’s unfortunately not possible to wait until we’re requested to show compliance; by then, it is far too late.

My experience from working with regulators is that they will often consider everything in their judicial decisions. Let’s say we have a report in place, but then there are tainted wallets that enter the ecosystem after the analysis. That’s bad luck, but for the regulators, it shows the intent of doing something instead of nothing. I’ve personally seen when simple intent and actions are the difference between a warning and millions of dollars in fines.

However, as @Powers mentioned, the expenses for implementing compliance will have to be weighed with product development. In my opinion, these expenses are justified. From my point of view, few things could prove as much a threat to DXdao as being investigated for processing funds with sanctioned/high-risk wallets.

Lastly, regarding the report format, I would like to see more details of the credentials the team performing the analysis. Do they have proven experience of being scrutinized by regulators, for example?

5 Likes

Thank you for your thoughts @vangrim. Great to have more contributors at DXdao with a legal background that can provide their input.

I agree that simple intent makes a big difference in the outcome of a government contact turning into an investigation. I’ve seen similar outcomes in white collar and money laundering cases. With AML, in particular, it’s a proactive regulatory regime in the US and Europe that requires businesses to do compliance before they are contacted.

On Team Credentials

Anil is the former head of engineering at Chainalysis – where he managed a dev team building out blockchain review tech for crypto projects.

Chainalysis’s tech uses various sources to review wallet addresses, including the Department of Justice (DOJ) publications, Open Source Intelligence (OSINT), and humans at Chainalysis that do blockchain analysis research. Chainalysis has extensive investigative controls so that its data is admissible as evidence in court.

The other analyst that will be working on the report is a Chainalysis product manager with experience working in the Chainalysis Investigations and Special Programs Team, which provides ongoing assistance with cases, investigations, and prosecutorial support.

3 Likes