Under review: how to conduct due diligence on a blockchain project (technical articles)

Author / Gene Deyev

Compilation / Blocklike Lan Wen

The author of this article is Gene Deyev. Gene is the CEO of STObox, a US digital securities issuance, management, and trading settlement platform. He has 20 years of experience in business and financial markets. . The content of this translation is its recently published article "Reviewed: How to Perform Due Diligence on a Blockchain Project". The full text of the article elaborates on a project (especially the blockchain industry) in terms of technology, compliance, and business. Due to the limited space, this article mainly shows the technical factors in this article, and compliance factors and business factors will be shown in the next chapter.

Every business is destined to undergo multiple assessments.

Licenses, regulators involved, potential partners, investment consultants, and investors-each has a filtering mechanism that a project must pass to be considered viable. But for tech startups that use blockchain, artificial intelligence, and other cutting-edge technologies, the task becomes a bit tricky.

This article will use the form of a list of questions, and from the three major categories of technology, law, and business to explain how to prepare for the due diligence of startups before investing.

Starting from common problems, we will gradually dive into specific problems in the industry, and provide specific cases in the technical part to illustrate the nuances and pitfalls that a project may face, especially driven by the fierce competition in the blockchain field.

Technical factors

Is the proposed solution technically feasible?

This may be the most obvious, but a problem that many founders overlook when chasing their dreams. Especially in the areas of deep technology such as AI / ML, brain-computer interface, biotechnology or blockchain. If a project is just a concept (especially if you are not a technician and need to be hired), please ensure its developability before marketing.

If this technical solution is currently not feasible, how much time and effort is required for research and development (R & D)? If there are time and funding constraints, are they within expectations?

Often, we think of technical teams as very powerful. But, just like quantum theory to solve pharmaceutical-level enterprise-level challenges, this technology may take five or ten years to develop and adopt.

You must be honest and realistic about time and cost. Here, it is necessary to distinguish between the "research phase" and "software development cost": the research phase is to invent algorithms to build things that were previously unachievable due to technical limitations. The software development phase is to build a more understandable solution, which only takes a certain amount of time.

Obviously, investments in the research phase are difficult to predict. However, software development can also take longer than the team originally planned. Make sure you don't try to overestimate the team's capabilities or place hopes on trying to impress investors.

Do you really need a new solution? Has the OEM solution or SaaS system service been solved?

You don't have to do it again if you have a mature solution. In some cases, spending resources on developing new technology solutions can be a waste of time. For start-up companies, it is not recommended to make software innovation easy. It may be simpler and cheaper to buy off-the-shelf solutions and customize them for specific business needs.

What are its external related items (such as libraries)? How to maintain external applications?

The software is not written entirely by the company's internal team. Every project in the world uses multiple external databases and code bases, which are usually open source and maintained by developers or companies in the global community. In this way, the resilience of the project will depend on the efficiency, security, and update frequency of external software.

If the project involves the "AI" artificial intelligence concept, what is the source of its data? Are these data sufficient?

To a large extent, the quality of data is an important factor in the survivability of artificial intelligence concept projects. If the data is insufficient, the algorithm may be very inefficient, and the inherent bias in the data will also affect the final algorithm. If the data source is its customers, it is necessary to consider whether the main value of the project is carried by artificial intelligence (AI) and machine learning (ML). Otherwise, the question "whether there is a chicken or an egg" may occur.

In addition, data sources are not free, and cost factors should be considered, as well as the potential value of competing products.

How to solve the "environmental dependence" of projects with the concept of "artificial intelligence"?

Even if there is a large amount of available data, these data may only be collected in a specific environment. If you change to an upstream or downstream environment, soil and water may not be satisfied. For example, if the program is able to distinguish cats and dogs indoors, it may not be possible outdoors.

For a blockchain project, why does its database need to be distributed? Or, why do we need a blockchain?

Many problems claimed to be solved by the blockchain can be solved by a simpler database with encryption protection. Such databases have a complete rights management system. If necessary, public key encryption can also be used. In some original concepts of the blockchain, the database was distributed among multiple participants, and all participants were able to enter. Sometimes this is not necessary.

For example, an enterprise may need a database to store and process its internal data, in which case a distributed solution may not be necessary. This could also be a database of government agencies, which everyone can access, but only the government can confirm.

If a distributed database does make sense, must the blockchain use a public chain?

Blockchains are generally divided into public and private chains. The public chain means that anyone can be a node that can read and send transactions and that transactions can be effectively confirmed, and can also participate in the consensus process, and can access all recorded data and confirm it. On the private chain, all nodes in the network are in the hands of a single organization, and only specific nodes can access the data and confirm it.

On the public chain, because the data is scattered among multiple people in multiple countries, this greatly reduces the control of the business, and it also means an increase in regulatory uncertainty, especially in heavily regulated industries or strategically important industry. Therefore, the reasons for establishing a public chain must be very good.

In fact, in many cases, private chains can fully meet business needs. For example, some financial institutions only need to use blockchain for transaction processing; sharing medical history data requires only the participation of hospitals.

What is the motivation for participants to contribute spontaneously to the entire ecosystem in a blockchain project? Are these incentives likely to be broken? How to solve it?

Since the blockchain (especially the public chain) is maintained through the joint efforts of the community, and the data quality and transaction costs depend on the participants, the project should appropriately design incentives to ensure its sustainability.

Tezos is a controversial example. Tezos uses the consensus mechanism of LPOS (liquidity equity). This algorithm is a way for nodes to reach a consensus on the update of distributed ledgers.

In the LPoS consensus mechanism, holders of coins are allowed to choose to verify the transaction by themselves or entrust another trustee to exercise this right, verify the transaction and get incentives. Although this mechanism has many benefits, the main objection is that because other people can be selected and considerable rewards can still be obtained in the competition of potential nodes, resources and time are not used for network maintenance and governance. This may bring the problem of blockchain centralization and the risks of various types of attacks.

How to ensure security?

Cyber ​​security is an important function of any IT infrastructure. For regulators, the main focus is on protecting customers.

In the hardware business, how to ensure the quality of consumables?

The software business relies on libraries, while the hardware business relies on consumable providers to ensure the quality of its products.

Original URL: https://www.securities.io/under-scrutiny-how-to-pass-due-diligence-as-a-blockchain-project-thought-leaders/