DISCLAIMERS: I am not a financial advisor. Please consult a financial advisor before you make financial decisions. This document does not create a lawyer client relationship. You should consult an attorney before you make any legal decisions. This is a general legal memorandum that includes both my personal opinions and my legal opinions. I am not a computer scientist or an expert on cryptography or blockchains. Please consult those relevant experts and generally speaking please perform your own due diligence. Finally, I have made many assumptions sometimes without all of the correct facts and perhaps without inadequate research, at least this document should get the conversation moving in the right direction which is my true goal. I was not paid for this document. I consider this document to be a contribution to the project and a thanks for all of the hard work and dedication of the community members.
So… you have come to the realization that the technology behind Grin makes it a valuable cryptocurrency, but you want the actual value of Grin to match its monetary value. Then you notice Beam’s market cap out pace Grin’s market cap and you wonder why? Similar projects but dissimilar market caps. Maybe this document can shed some light on the topic.
How do we do a CB listing? First we should think about Coinbase (CB). What is it that CB is concerned about? Money, yes but more specifically how will Grin impact their liability and thus their money? First of all CB is a $68 Billion Dollar company and probably more if it gets an IPO. They of course will do nothing and I mean nothing to risk their high valuation. This is precisely why I believe they should list Grin but more on that later. Their lawyers will review any new coin listing for the potential liability of CB.
So how would Grin potentially alleviate the concerns about liability for CB? Well here we need to think about the potential liabilities of Grin. Who is liable? Generally speaking the community, in general, will not be liable for the project, unless it was some specific liability for damages. For instance knowingly inserting malicious code. However, if Grin were held to be responsible for some sort of damages for an accident, think code bug, or fines then the general fund would be a prime target for reimbursement for damages. What sorts of damages? There are general liability damages, there are potential damages for tax related issues, there may be fines for other legal violations, but I am currently unaware of any problems yet.
So how does the Grin Fund avoid liability? The answer is simple, it should comply with the law and protect the developers who are core to what Grin is. This is important because we want to keep the great devs we currently have, they are a precious resource and need to be properly protected. We also want to attract more quality devs because Rome was not built in day. Right? Yes, so how could you do this? I have written a very painless list of things that could be done to prevent general and potentially the specific liability of the Grin Fund while at the same time protecting and encouraging more development.
If Grin wants to be listed on Coinbase it should at least do the following minimum requirements.
To do list:
Become a formal organization wether it be an LLC or a Non Profit Organization, this would grant a more formal mechanism for communication, think about the Bitcoin Foundation See here Bitcoin Foundation - Wikipedia
Hire an accountant to take care of tax related issues, payments to Devs, bounties and other expenses related to the work of Grin. This is mostly for tax compliance issues which are very very real.
Purchase a general umbrella insurance policy that includes Liability Defense for the defense of paid devs, those undertaking bounties and possibly other paid and even some unpaid community members depending on their contributions.
Pay for outside code audits so that our code is fully audited by a third set of eyes.
It is my opinion that the current devs have endeavored to make grin a legally safe coin by keeping the code simple and free from complexity making the code easy to understand and audit. Grin is further legally safe by protecting users data privacy and by including ITX, which I view as an asset that is unique to Grin. Protecting user data privacy protects Grin from some types of general legal liability that other coins do not have, and it is my opinion that this is also another asset to both Grin and CB should they choose to list Grin.
It is also my opinion that Grin can be used in compliance with AML, KYC and FATF laws. Why because Grin contains the ability to provide all listing exchanges, including CB with show keys, as well as the ability to produce invoices, making it fully able to be compliant with all current laws.
Why does Grin Provide greater liability protection to CB over Bitcoin?
Companies can be sued if they leak your personal data or allow others access to it but Bitcoin, until this current moment, currently has no public outcry or liability for leaking your information all over the internet. I view this as a liability. The script should be flipped, until now, if you mention privacy coins you immediately get this holier than thou attitude that there is something wrong with wanting to protect your data privacy. I say nonsense!
Not only do privacy coins provide a necessary safety mechanism for protecting some, if not, most of your personally private information they also protect against the leaking of confidential business secrets. I have explored and am in the process of drafting a form class action law suit that shows how one day lawyers will go after exchanges and other companies that do business unsafely by failing to protect their customers personal data.
Customer data that is subject to leaks include both corporate data and personal data. What kind of confidential corporate/business data could be leaked you ask? Well for starters it could be payments to suppliers that are kept in secret, to protect the supply chain for instance, and this information could be exploited by criminals and business rivals to cause damage or harm to the business through various sorts of sabotage. This information could also be used to track payments to employees or other persons who could later again be revealed and targeted by criminals looking to exploit the information.
Not only is privacy a necessity for businesses but it is a safety concern for end users. I remember hearing about a bitcoin investor Yury Mayorov who lost 300 btc and $20k in a robbery where he was kidnapped and beaten. Russian Crypto Developer Beaten, Robbed Of 300 BTC On Moscow Streets | Bitcoin Insider Today 300 btc is worth around 18 million. Just imagine how many thefts, robberies or worse occur for much less than $100. Now imagine if these same criminals know you have 18 million dollars of crypto sitting on your laptop, or in your ledger nano. Our new technology is going to require new methods of protecting data privacy and it is my opinion that Grin could contain the answer. It is my opinion that it is currently not safe for people to transact in Bitcoin.
The fact is this if your crypto leaks your personal location or other data about you then you are at risk to the same type of criminal activity that banks are at risk of, except you probably don’t have full time armed security around you. Today criminals are getting this information through data leaks and hacks. The information could be sold to criminals by hackers that could one day show up to btc owners homes and businesses looking to get the owners crypto through any means necessary.
However, we should flip the script back for privacy coins. The true name of these coins should be something like “Safety Coins” or “Compliance Coins” in addition to or instead of Privacy Coin.
Privacy by Default
So that I do not draw too much anger to myself by any btc maximalists, I just want to say that it appears to me that whatever problems bitcoin has with leaking too much data about its users the problems probably could be reconciled if users and exchanges used bitcoin correctly, although I require an experts opinion here. However because the majority of users are not sophisticated end users they in fact probably do not use btc safely. In fact because of the unnecessary stigma attached to these methods then even sophisticated users do not use their btc holdings safely.
This makes for a serious liability for exchanges and I predict that in the future we will see class actions related to damages that bitcoin users have suffered because the exchange or business did not provide the end user with the proper warnings on how to use crypto correctly and most importantly without leaking the users information to the wrong people. Exchanges and the news media seem highly concerned about AML, KYC and FATF rules but I think it is time that they be educated that Grin can be used in compliance with all federal regulations through the use of reveal keys and other methods that both protect individual safety and comply with the law.
ITX
I understand that many community members would prefer NITX but it is my opinion that ITX make Grin safer and thus less susceptible to general liability and will make for easier adoption by less technical individuals who may not trust in their ability to make NITX,. Think about an 85 year old who barely uses a cell phone making a bitcoin transaction. I think we can agree that they would benefit from using Grin over NITX crypto’s. In conclusion ITX are an asset to Grin and should be kept put. I believe that in the future Grin can be used with ITX similarly to using a credit card or through VASP’s or even through 3rd parties with contactless payments like for instance Apple Pay. At least for now I think we have other things to worry about.
How does Grin Comply with FATF?
Customer Due Dilligence
Any Virtual Asset Service Provider (VASP) can perform customer Due Dilligence measures when establishing a relationship with its customer, which is currently required by FATF recommendations. The customers can be required to show identification and other documentation to the satisfaction of the VASP and with no detriment to the customers ability to buy and sell Grin.
Transaction Monitoring Technology
FATF requires VASPS to monitor transaction data in order to comply with AML laws and the FATF recommendations. Grin does not prevent the VASP from being in full compliance with customers who buy and sell Grin. In order for Grin to be deposited or withdrawn from a VASP the VASP must install the Grin wallet source code that includes a slate pack that is unique to that customer. With this slate pack address, that is unique to the customer, all deposits and withdrawals to or from that address can be traced and tracked. Additionally because the source code for the Grin Wallet also contains code for what is known as a “Reveal Key” then the VASP’s ability to monitor transactions from that specific wallet will not be impacted and is an additional method for transaction monitoring. Greater detail could easily be provided by the devs to the VASP. (If I have explained the reveal key code incorrectly, then please let me know in the comments below)
Record-Keeping
Through the above transaction monitoring technology the VASP can keep records of all deposits and withdrawals. The VASP can then request additional information if it is needed for compliance with FATF from the customer. Currently FATF recommendations do not require that the VASP request that the customer provide the source address for deposits nor do I think it will ever become necessary. However the VASP can additionally request this information if they require it for internal record keeping purposes. Also the reveal key will show both the withdrawing address as well as the source address for deposits. Again additional information can be requested if needed.
Suspicious Transaction Reports
The above transaction monitoring ensures that a VASP is able to detect any suspicious activity on the part of its customers. The ability to maintain records of its customers’ transactions ensures that the VASP possesses adequate information to make suspicious transaction reports where appropriate.
Travel Rule
Through the Grin Wallet code all transactions can include an invoice and a pay option where the sender can provide the full legal name of the recipient from the VASP. Additional information can also be required or provided by the VASP, however all aspects of the FATF travel rule can be complied with through the use of Grin.
Final Notes:
The legal structure of Grin could be as simple as a non-profit LLC or some other legal entity. Normally an accountant can help with this part, they just need to be competent not expensive.
Of course users of Grin will never be forced to use CoinBase, or other VASP’s, if they feel uncomfortable sharing all of their personal information that could potentially get leaked, after all we agree Grin is great but CB may not be. That is your choice to make.
Most of the costs associated with the above suggestions are quite minimal and will likely result in the addition of more talent and perhaps even more contributions to donation funds.
Grin till ya grave!