Blockchain Ecosystem Risk

Blockchain technology is a relatively new and untested technology which operates as a distributed ledger. Blockchain systems could be vulnerable to fraud, particularly if a significant minority of participants colluded to defraud the rest. Access to a given blockchain requires an individualized key, which, if compromised, could result in loss due to theft, destruction or inaccessibility. Risks can also differ by blockchain. For instance, the process by which Ethereum transactions are verified (i.e., achieve consensus) is called proof-of-stake. In proof-of- stake, users (referred to as “validators”) stake a minimum amount of capital in the form of ether (the currency of Ethereum) into a smart contract, or computer program, stored on Ethereum. Validators process proposed transactions and bundle them into a data packet known as a “block.” A randomly chosen validator is permitted to add a block of transactions to the Ethereum blockchain after attestation by other validators and is rewarded by a grant of newly-issued ether. This type of process is susceptible to a 51% attack, with such applicable risk further described below. In contrast, the Stellar network’s transactions are verified on the Stellar blockchain through a federated Byzantine agreement. A federated Byzantine agreement is a system in which each participant knows of others it considers important. It waits for the vast majority of those others to agree on any transaction before considering the transaction settled. In turn, those important participants do not agree to the transaction until the participants they consider important agree as well, and so on. Eventually, enough of the network accepts a transaction for verification (i.e., achieve consensus) that it becomes infeasible for an attacker, including a 51% attack, to roll it back, or for a fork to occur.

In addition, blockchain technology risk can carry with it additional sub-risks, including: (1) Regulation of Blockchain Technology Risk; (2) Information Availability Risk; (3) Functionality and Transaction Processing Risk; (4) Fork Risk; (5) 51% Attack Risk; and (6) Risk of the Ethereum Blockchain’s Change to a Proof-of-Stake Consensus Mechanism.

Regulation of Blockchain Technology Risk

There is little regulation of blockchain technology other than the intrinsic public nature of the blockchain system. Any future regulatory developments could affect the viability and expansion of the use of blockchain technology. Because blockchain technology systems may operate across many national boundaries and regulatory jurisdictions, it is possible that blockchain technology may be subject to widespread and inconsistent regulation. Blockchain technology is not a product or service that provides identifiable revenue for companies that implement, or otherwise use it. Currently, blockchain technology is commonly used for the recording of transactions in digital assets, which can be extremely speculative and volatile. Problems in digital assets markets could have a wider effect on companies associated with blockchain technology. Blockchain technology also may never be implemented to a scale that provides identifiable economic benefit. There are currently a number of competing blockchain platforms with competing intellectual property claims. The uncertainty inherent in these competing technologies could cause companies to use alternatives to blockchain

Information Availability Risk

Gold Token holders will interact through a digital wallet, such as the digital wallet service provided in the App, with such interactions generally performed in a similar manner to non-blockchain based Apps used to transact in other assets. However, information recorded on the Stellar or Ethereum blockchains will be available to the public and will record the complete history from transacting in Gold Tokens on the applicable blockchain. As a result, robust and transparent data, other than Gold Token holder personal identifying information, will be publicly available through one or more “block explorer” tools capable of displaying activity on the applicable blockchain. Accordingly, the Gold Token transaction data (but not a Gold Token holder’s personal identifying information) will be exposed to the public via the blockchain. The personal identifying information necessary to associate a given Gold Token with the record owner of that Token will be maintained by WisdomTree Digital in a separate database that is not available to the public. However, if there are data security breaches with respect to such database(s) resulting in theft of the information necessary to link personal identity with the public key and related Gold Token transactions, the stolen information could be used to determine a Gold Token holder’s identity and complete transaction history.

Functionality and Transaction Processing Risk

Delays in transaction processing have been known to occur on each blockchain. Such a delay may occur on account of, among other things, the inability of nodes to reach consensus on transactions. Nodes, which are typically hosted by third parties with specific hardware, form the infrastructure of a blockchain. Nodes on a blockchain are connected to each other and they exchange the latest blockchain data and verification and confirmation of transactions requires a consensus of nodes. Blockchain systems could also be subject to internet connectivity disruptions, consensus failures or cybersecurity attacks, and the date or time that you initiate a transaction may be different then when it is recorded on the blockchain. Access to a given blockchain requires an individualized key, which, if compromised, could result in loss due to theft, destruction or inaccessibility. During a delay in transaction processing, it will not be possible to record transactions in Gold Tokens on the blockchain. Digital asset transactions are generally irreversible, which means that a digital asset may be unrecoverable in instances where: (i) it is sent to an incorrect address, (ii) the incorrect amount is sent, or (iii) transactions are made fraudulently from an account.

Fork Risk

Blockchain software is generally open-source. Any user can download the software, modify it and then propose that network adopt the modification. When a modification is introduced and a substantial majority of users consent to the modification, the change is implemented and the blockchain network remains uninterrupted. However, if less than a substantial majority of users consent to the proposed modification, and the blockchain consensus mechanism, such as that used by Ethereum, allows for the modification to nonetheless be implemented by some users and the modification is not compatible with the software prior to its modification, the consequence would be what is known as a “fork” (i.e., “split”) of the blockchain network (and the blockchain), with one version running the pre-modified software and the other running the modified software. The effect of such a fork would be the existence of two (or more) versions of the blockchain network running in parallel, but with each version’s native asset lacking interchangeability. Additionally, a fork could be introduced by an unintentional, unanticipated software flaw in the multiple versions of otherwise compatible software users run. If a fork occurs, the original blockchain and the forked blockchain could potentially compete with each other for users and other participants, leading to a loss of these for the original blockchain.

51% Attack Risk

If a majority of staked native cryptocurrency on a blockchain using a proof-of-stake consensus mechanism, such as Ethereum, is controlled by a bad actor, whether singularly or as a group (often referred to as a “51% attack”), it may be able to alter the blockchain on which the blockchain network and network transactions rely. This could occur if the bad actor were to construct fraudulent blocks or prevent certain transactions from being completed in a timely manner, or at all. It could be possible for the malicious actor to control, exclude or modify the ordering of transactions, though it could not generate new network coins or transactions. Further, a bad actor could “double-spend” its own network native digital asset (i.e., spend the same network digital asset in more than one transaction) and prevent the confirmation of other users’ transactions for so long as it maintained control. If the network community did not reject the fraudulent blocks as malicious or to the extent that such bad actor did not yield its control, reversing any changes made to the blockchain network may be impossible. The possible crossing of this threshold indicates a greater risk that a single validator (or group of validators working together) could exert authority over the validation of network transactions. If the feasibility of a bad actor gaining control of the blockchain network increases, it may negatively affect the ability of Gold Tokens to be held on the blockchain undergoing a 51% Attack.

The 51% threshold is the level which would almost guarantee a malicious actor’s success. However, such attacks could in theory occur at thresholds lower than 51% of the staked cryptocurrency. In addition, a malicious actor may also obtain control over the blockchain network through its influence over core developers by gaining direct control over a core developer or an otherwise influential programmer. To the extent that a blockchain network’s ecosystem does not grow, the possibility that a malicious actor may be able to obtain control of the processing power or development control on the blockchain network in this manner will remain heightened.

Additional Risks of the Ethereum Blockchain’s Recent Change to a Proof-of-Stake Consensus Mechanism

Ethereum previously used a consensus protocol called proof-of-work, similar to Bitcoin. This allowed the nodes of the Ethereum network to agree on the state of all information recorded on the Ethereum blockchain and prevented certain kinds of economic attacks. The Ethereum blockchain recently changed to a proof-of-stake consensus mechanism. One risk of the Ethereum blockchain moving to proof-of-stake is centralization of staking power in a relatively small number of validators, which could occur, for example, as a result of validators ceasing operations or if staked ether is otherwise concentrated in a small number of validators. As a result, it may adversely affect the confirmation process for transactions (i.e., temporarily decreasing the speed at which blocks are added to a blockchain until the next scheduled adjustment in difficulty for block solutions or otherwise be possible for a bad actor to manipulate the Ethereum blockchain and hinder transactions). Any reduction in confidence in the confirmation process or processing power of the Ethereum blockchain may adversely affect the ability to transaction in a Gold Token. Another risk of the Ethereum blockchain moving to proof-of-stake is that segments of the mining community and other users were against this change, and it is possible that two Ethereum blockchains (among potentially others) will endure and compete going forward, which may slow or impede transactions.