Gladius Network Fraud (Pt. 7)
Going back to the ANN thread for Gladius Network, one can see the swarm of investors that are concerned about the Gladius Network team’s lack of response, failure to communicate any solid plan to refund investors (per the SEC’s stipulations in their C&D notice), and, of course, investors are wondering where their refunds are.
Below is a post from one of the Gladius team members that was issued shortly after the SEC put out their press release in February:
With regard to the refund of tokens distributed via their token sale (as per the SEC’s mandate), Gladius states:
“All refunds will be processed in Ethereum and the GLA purchased in the ICO will be returned to Gladius. If the GLA purchased in the ICO was sold, the claimant will be entitled to the difference (if any) betwen the value of GLA at the time purchased and its value when sold, payable in ETh. There will be requirements to verify the GLA was purchased in the ICO, as well as requirements to verify sales, trades, transfers, etc.”
What is interesting is the announcement of a hefty verification as well as the demand that any $GLA (cash tag for the token sold during the ICO) be returned to the team in order for investors to receive a refund. Since the token was released via crowdsale, the team should already have all of the addresses of those that participated in the crowdfund.
To validate the statement above, Zerononcense took some time to sift out the actual contract for Gladius, which is posted very clearly on Etherscan’s website. However, before reviewing this, let us take a step back for a minute and explain a critical concept for all those following along with this report that may not be technically inclined or familiar with blockchain technology, in general.
So at this point, it should be clear that the issue at hand, as it pertains to Gladius Network, is that they sold $12 million worth of digital tokens to investors online without registering the offering with the SEC.
This obviously constituted a significant violation of U.S. securities law (see: Securities Act of 1933).
Gladius Network sold these digital tokens to investors in an event that is known as an ‘ICO’, or “Initial Coin Offering”. As you may have guessed, the term, ‘ICO’, is analogous to the concept of an ‘IPO’ in traditional finance.
Thus, a good analogy for ‘tokens’ would be to think of them as ‘shares’ in a company. The only difference, however, is that stakeholders in this case, do not receive dividends.
This is where things get slightly more technical, but the following should break things down.
Typically, ICOs are held through what’s called a ‘smart contract’. A ‘smart contract’ is essentially computer code or a script that contains directions that govern the ICO.
In most cases, the logic is as simple as this: A) ICOGuy wants to hold an ICO for his coin, ‘GuyCoin’
B) ICOGuy has managed to generate interest from a lot of investors online. So ICOGuy decides he will hold the ICO.
C) In order to collect funds from investors in the ICO, ICOGuy creates something called a ‘smart contract’
D) ICOGuy codes the contract with the logic: “If investor A sends $5, give investor A five tokens in return.”
E) ICOGuy has the flexibility to code the contract with infinite customized settings. For example, ICOGuy might decide he wants $10 for five tokens. He may also decide he wants to set a ‘cap’ on the total number of tokens that will be produced at 10,000 tokens. Perhaps ICOGuy wants no cap on the amount of tokens produced, which would allow him to produce more tokens in the future by simply writing additional code.
What is written above sums up ICOs to a large extent (in a vastly over-simplified manner).
The only discrepancy in what was written above is that users cannot send physical cash to the ‘smart contract’. Instead, they must use cryptocurrency, like Bitcoin. However, the cryptocurrency, Ethereum, is almost always the cryptocurrency that is used in these scenarios for reasons that this report will not delve into.
Since Gladius Network held a traditional ICO, tracking down all of the participants would be easy.
The reason for this is because the Gladius Network 4ICO was held on the blockchain, thus there is a record of who sent funds to the contract on a public ledger that can be accessed, with ease, on the internet.
Once this information is accessed, all that is left to do is to parse the contract to find contributing addresses (which typically isn’t too difficult if you’re very familiar with blockchain).
The way that blockchain works is that everyone that possesses cryptocurrency has it in something that’s called a ‘wallet’. This wallet is not physical — it is digital, and it is denominated with an alphanumeric string of characters like this: 1NDyJtNTjmwk5xPNhjgAMu4HDHigtobu1s(Binance Bitcoin hot wallet).
Every wallet is associated with a ‘private key’ (pretty much the same as a password). You don’t get to choose your ‘private key’ however. Using cryptography and encryption, wallet addresses generated for users are created from the private key (i.e., your password).
The brilliance of blockchain, however, is that there is no known way to ‘reverse engineer’ someone’s private key (password) from one of these public addresses. Thus, as long as someone has the private key to a given address, that’s all that they need to spend funds. Therefore, if someone is sending or moving funds anywhere, we know that they are in possession of that wallet.
Thus, if we can find a record of all of the wallet addresses that sent cryptocurrency to Gladius Network’s contract address, then we will have found all of the individuals entitled to a refund at the same time.
What’s even better is that the blockchain also possesses a record of how much was sent and when, so there will also be no question of how much each wallet is entitled to.
To add on to the benefits of blockchain listed above, users do not need to grant ‘permission’ in order to receive funds. Therefore, Gladius Network does have the ability to source each and every single individual that contributed to them via their crowdfund and reimburse them the exact money that they contributed — even if Gladius Network lost any and all personal documentation of the crowdsale event.
In order to prove that this is true, Zerononcense will take some time to source addresses of all users that contributed to the Gladius Network crowdsale.
[Sidenote: This is also a good practice for the community, in general, because it allows investors to validate information about the project, such as the money that they have received, total tokens created, total funds on hand, etc.]
The hyperlinked address (alphanumeric-string) with a red box around it in the picture above is the contract address for Gladius Network.
Etherscan, fortunately, has hyperlinked that address. So all one must do in order to view every single transaction related to the contract, is simply click on it, which takes us to the screen below:
At this point, however, a true analysis does get slightly more technical for those that are not familiar with how blockchain/cryptocurrency works.
Those that are technically inclined most likely noticed that there are 18,723 total transactions in the wallet. Also, those that are familiar with Etherscan.io are aware that the Ether value (showing ‘0’) is technically correct because the transfers into the wallet are calling some function in the Gladius Network smart contract to transfer the token and when that happens, one must switch to the ‘Erc20 Token Txns’ tab.
However, putting all of that to the side, Bloxy is by far the most convenient Ethereum block explorer to use in situations like this where a contract analysis would need to be performed.
Below is a picture of the Bloxy website interface for the Gladius Network token contract that was used for their crowdsale:
While it is for the much more technically-inclined, in terms of analyzing Ethereum contracts, the site is unrivaled when it comes to conducting such investigations.
For example, in the picture above, Bloxy shows that the Gladius Network (main) token contract was created by the address 0x197f48540296b76cabe1b7c27f35767338084e03.
Keeping that address in mind will be critical to this analysis.
Closer examination of this address yields significantly greater information about the Gladius Network token and the confluence of interactions.
As seen in the picture below on Bloxy, there are a number of calls to smart contracts by the 0x197f48540296b76cabe1b7c27f35767338084e03 address that are labeled with similar names, which implies that there is more than one contract that was designed with the name ‘GLA Token’:
August 7, 2019