All posts in “smart contract”

Social investment platform eToro acquires smart contract startup Firmo

Social investing and trading platform eToro announced that it has acquired Danish smart contract infrastructure provider Firmo for an undisclosed purchase price.

Firmo’s platform enables exchanges to execute smart financial contracts across various assets, including crypto derivatives, and across all major blockchains. Firmo founder and CEO Dr. Omri Ross described the company’s mission as “…enabl[ing] our users to trade any asset globally with instant settlement by tokenizing assets and executing all essential trade processes on the blockchain.” Firmo’s only disclosed investment, according to data from Pitchbook, came in the form of a modest pre-seed round from the Copenhagen Fintech Lab accelerator.

Firmo’s mission aligns well with that of eToro — which is equal parts trading platform, social network and educational resource for beginner investors — with the company having long communicated hopes of making the capital markets more open, transparent and accessible to all users and across all assets. By gobbling up Firmo, eToro will be able to accelerate its development of offerings for tokenized assets.

The acquisition represents the latest step in eToro’s broader growth plan, which has ramped up as of late. Earlier in March, the company launched a crypto-only version of its platform in the US, as well as a multi-signature digital wallet where users can store, send and receive cryptocurrencies.

The Firmo deal and eToro’s other expansion activities fit squarely into the company’s belief in the tokenization of assets and the immense, sector-defining opportunity that it creates. Etoro believes that asset tokenization and the movement of financial services onto the blockchain are all but inevitable and the company has employed the long-tailed strategy of investing heavily in related blockchain and crypto technologies despite the ongoing crypto winter.

“Blockchain and the tokenization of assets will play a major role in the future of finance,” said eToro co-founder and CEO Yoni Assia. “We believe that in time all investible assets will be tokenized and that we will see the greatest transfer of wealth ever onto the blockchain.” Assia expressed a similar sentiment in a recent conversation with TechCrunch, stating “We think [the tokenization of assets] is a bigger opportunity than the internet…”

After the acquisition, Firmo will operate as an internal R&D arm within eToro focused on developing blockchain-oriented trade execution and the infrastructure behind the digital representation of tokenized assets.

“The Firmo team has done ground-breaking work in developing practical applications for blockchain technology which will facilitate friction-less global trading,” said Assia.

“The adoption of smart contracts on the blockchain increases trust and transparency in financial services. We are incredibly proud and excited that [Firmo] will be joining the eToro family. We believe that together we have a very bright future and look forward to pursuing our shared goal to become the first truly global service provider allowing people to trade, invest and save.”

SpankChain spanked

SpankChain, a cryptocurrency aimed at decentralized sex cams, has announced that a hacker stole about $38,000 from their payment channel thanks to a broken smart contract. They wrote:

At 6pm PST Saturday, an unknown attacker drained 165.38 ETH (~$38,000) from our payment channel smart contract which also resulted in $4,000 worth of BOOTY on the contract becoming immobilized. Of the stolen/immobilized ETH/BOOTY, 34.99 ETH (~$8,000) and 1271.88 BOOTY belongs to users (~$9,300 total), and the rest belonged to SpankChain.

Our immediate priority has been to provide complete reimbursements to all users who lost funds. We are preparing an ETH airdrop to cover all $9,300 worth of ETH and BOOTY that belonged to users. Funds will be sent directly to users’ SpankPay accounts, and will be available as soon as we reboot Spank.Live.

The hacker used a ‘reentrancy’ bug in which the user calls the same transfer multiple times, draining a little Ethereum each time. The bug is the same one that previously affected the DAO.

The company pointed out that a security audit on their smart contract would have cost $50,000, a bit more than the amount lost. “As we move forward and grow, we will be stepping up our security practices, and making sure to get multiple internal audits for any smart contract code we publish, as well as at least one professional external audit,” they wrote.

I’ve reached out to the company for clarification but in short it seems the spanker has become the spankee.

Sagewise pitches a service to verify claims and arbitrate disputes over blockchain transactions

Sometimes smart contracts can be pretty dumb.

All of the benefits of a cryptographically secured, publicly verified, anonymized transaction system can be erased by errant code, malicious actors or poorly defined parameters of an executable agreement.

Hoping to beat back the tide of bad contracts, bad code and bad actors, Sagewise, a new Los Angeles-based startup, has raised $1.25 million to bring to market a service that basically hits pause on the execution of a contract so it can be arbitrated in the event that something goes wrong.

Co-founded by a longtime lawyer, Amy Wan, whose experience runs the gamut from the U.S. Department of Commerce to serving as counsel for a peer-to-peer real estate investment platform in Los Angeles, and Dan Rice, a longtime entrepreneur working with blockchain, Sagewise works with both Ethereum and the Hedera Hashgraph (a newer distributed ledger technology, which purports to solve some of the issues around transaction processing speed and security which have bedeviled platforms like Ethereum and Bitcoin).

The company’s technology works as a middleware, including an SDK and a contract notification and monitoring service. “The SDK is analogous to an arbitration clause in code form — when the smart contract executes a function, that execution is delayed for a pre-set amount of time (i.e. 24 hours) and users receive a text/email notification regarding the execution,” Wan wrote to me in an email. “If the execution is not the intent of the parties, they can freeze execution of the smart contract, giving them the luxury of time to fix whatever is wrong.”

Sagewise approaches the contract resolution process as a marketplace where priority is given to larger deals. “Once frozen, parties can fix coding bugs, patch up security vulnerabilities, or amend/terminate the smart contract, or self-resolve a dispute. If a dispute cannot be self-resolved, parties then graduate to a dispute resolution marketplace of third party vendors,” Wan writes. “After all, a $5 bar bet would be resolved differently from a $5M enterprise dispute. Thus, we are dispute process agnostic.”

Wavemaker Genesis led the round, which also included strategic investments from affiliates of Ari Paul (Blocktower Capital), Miko Matsumura (Gumi Cryptos), Youbi Capital, Maja Vujinovic (Cipher Principles), Jordan Clifford (Scalar Capital), Terrence Yang (Yang Ventures) and James Sowers.

“Smart contracts are coded by developers and audited by security auditing firms, but the quality of smart contract coding and auditing varies drastically among service providers,” said Wan, the chief executive of Sagewise, in a statement. “Inevitably, this discrepancy becomes the basis for smart contract disputes, which is where Sagewise steps in to provide the infrastructure that allows the blockchain and smart contract industry to achieve transactional confidence.”

In an email, Wan elaborated on the thesis to me, writing that, “smart contracts may have coding errors, security vulnerabilities, or parties may need to amend or terminate their smart contracts due to changing situations.”

Contracts could also be disputed if their execution was triggered accidentally or due to the actions of attackers trying to hack a platform.

“Sagewise seeks to bring transactional confidence into the blockchain industry by building a smart contract safety net where smart contracts do not fulfill the original transactional intent,” Wan wrote.