A Cry for Action: BlackRock and Securitize's Embarrassing Oversight
Explore the urgent failings of BlackRock and Securitize in their latest tokenized project. This critical analysis delves into oversight issues that need answers
I wrote about the BlackRock tokenized liquidity fund that was recently released.
My original interest in this token was that a pre-eminent asset manager seems to have created a web3 version of the investment triangle. But in this case not in a good way.
The investment triangle is a rather simple concept stating there is a trade-off or tension between return, risk, and liquidity. As a rule of thumb; a financial product cannot maximize all three factors i.e., if you want low risk, you should not expect an investment to be genuine if it also offers a high return and high liquidity at the same time. However, you can have low risk with high liquidity but low return: voila, the cooking recipe of a liquidity fund.
In this case, the tokenization effort achieved the impossible:
Still low return, low liquidity because of the Reg D restrictions, and high risk due to high investor concentration.
One thing stands out: the miracle of getting this through the internal product approval committees! Chapeau! Hut ab, I am impressed!
This phrase is used in German to express admiration or respect for someone's achievements or actions. "Chapeau" is borrowed from French, where it also means "hat" and is used in the phrase to denote tipping one's hat as a sign of respect. "Hut ab" directly translates to "hat off" and similarly conveys a gesture of respect or admiration by symbolically removing one's hat. In contemporary usage, the phrase "Chapeau! Hut ab!" can often carry an ironic or sarcastic tone. While it traditionally expresses genuine admiration, it might also be used in a context where someone is being praised mockingly for something that is actually not impressive or even for a mistake. The intention behind the phrase can vary widely based on the tone and context in which it is used.
So then thought let’s have a look at the technical implementation.
The contract is deployed combining a proxy contract (0x7712c34205737192402172409a8f7ccef8aa2aec) and a large and rather complex implementation contract (0x603bb6909be14f83282e03632280d91be7fb83b2)
The proxy does not deal with the token issuance directly, instead, it receives instructions externally, presumably from Securitize, and allows for the upgradeability and delegation of functionality to an underlying implementation contract. The functionality of this proxy code is as follows: The contract has a constructor function and events which allows for the modification of the owner address and the target address. It has an owner function which retrieves the current owner address. And the same for the the current target address. That’s rather simple.
The implementation contract has a lot of functionality and business events. Have they published a code review in the context of this issuance? Not as far as I am aware, but who knows, maybe Securitize recycled their standard contract code.
It will not surprise you that the smart contract foresees extensive rights to burn or suspend tokens hence calling it a token is a bit of a misnomer. It’s when the Brits tried to sell ‘chocolate’ to Belgium and what arrived on the Continent didn’t meet the expectation of the sophisticated Belgian consumer and what they thought chocolate should be made of.
My anecdote about "British chocolate" and "Belgian chocolate" loosely relates to an actual controversy, often referred to as the "chocolate wars," that occurred within the European Union. This dispute was primarily between Belgium and other countries known for their high-quality chocolates, like Switzerland, and countries that used non-cocoa fat substitutes in their chocolate products, such as the UK and Ireland. Yuck!
A compromise was ultimately found allowing British chocolate on Belgian shelves but they could not call it chocolate but chocolate fantasy. “Token fantasy”, would that be a good idea? Because it provides for the ability for tokens to be seized or frozen without the token holder's consent and banks have T&C to make clear what they can do or not and I suppose investors fully expect the rights of the issuer when they buy a token. This is also why such a model really has no value in bridging TradFi and DeFi. Who needs such a token as collateral when some dude with a laptop at the mall in Miami can simply freeze it.
The implementation contract has an interesting omnibus functionality allowing it to record and manage different positions belonging to different investors within an omni-account. Now omnibus structures are the norm in major financial markets, crypto-custodians also have something that is a bit similar but calling it an omni-wallet would also be very misleading, omni-wallet fantasy would probably be more appropriate (I should explain why and will take note that I should do so soon) to make clear than an omnibus account at a CSD for instance and a commingled wallet of let’s say Coinbase have really not a lot in common.
Different, not saying better or worse!
So, looking through that smart contract which I wanted to set up for a bit of programmatic testing using JavaScript, I noticed something interesting. Initially I thought funny coincidence but its rather tasteless and has no place in finance or any business.
The contract address (0x7712c34205737192402172409a8F7ccef8aA2AEc) for the BlackRock USD Institutional Digital Liquidity Fund (BUIDL) has other investments! Who owns these assets? The fund? BlackRock? Securitize? Nobody?
And they got interesting ones! Total worth 6.89 USD (6 Dollars, not 6 million):
Pinakion $0.027817
Ondo $1.26
Dejitaru Tsu $0.010722
Delta.theta $0.003142
USDC $1.001
Apu Apustaja $0.000485
Ian, which according to Ethereum, seems worthless.
Let’s look at USDC. They had 25 transactions around 80 days ago, looking like ‘test trades.’ The tester from Securitize calls himself—I swear to god it’s true—‘big-dick-fink.eth’ being his ENS address for wallet address 0xD011408699912D298b4cf4329641d71527F8312C.
I vaguely remember the CEO of BlackRock also goes by the name of Fink. That is really all I want to say about this! Hm.
Yes, transparency is wonderful. And immutability too. Now I will stop.
An ENS (Ethereum Name Service) address is akin to a domain name for the Ethereum blockchain. It provides a human-readable alternative to the standard Ethereum addresses, which are lengthy hexadecimal strings, making it easier for users to send and receive transactions or interact with contracts.
There seems to be a lot of misplaced humour at Securitize. (I had some other reference but that may have been an copy error)
Bye.