Risks

The massive growth of blockchain technologies continues to create new opportunities and possibilities as it continues to evolve. With this growth and the increasing surge of investment comes the inevitable onslaught of hackers, fraudsters, scammers and thieves. The reason is obvious, and one can easily imagine the "entrepreneurial spirit" and wide-eyed visions of criminals who see this crypto tech as just as much an opportunity as the technologist who continue to drive it forward.

Startups are risky. Finance is risky. A cryptocurrency exchange startup has all of these risks rolled into a neat package. But if entrepreneurs didn't take on these challenges and work tirelessly to mitigate these risks, then they wouldn't enjoy the benefits and satisfaction of building great things for everyone to use.

This section lists and addresses various identified risks that we face moving forward. ImmutaSwap takes these risks deadly serious, and the founders have collectively 30 years' worth of experience developing mission-critical software for the most security-conscious organization in the world -- The United States Department of Defense.

Compromised Private Key

One of the most significant risks to consider is the compromise of private keys. The ImmutaSwap application would involve a cloud-based server that digitally signs transactions to disburse funds to customers. If done incorrectly, the private key could be exposed to hackers and inside threads, potentially compromising the cryptocurrency stored in the wallet.

Mitigation

1. "Wallet silos" will be constructed. The wallet silos are cloud-based micro services that contain an encrypted private key, but do not contain the decryption key. The purpose of the wallet silos is to accept a decryption key and a stream of bytes to digitally sign. If conditions are met, these silos will use the key to decrypt the encrypted private key, then digitally sign the bytes.

2. Funds will be distributed across multiple wallet silos. No wallet will hold more than is necessary to conduct day-to-day transactions. The core application will decide which wallet silo to use when funds need to be disbursed.

3. Excess cryptocurrency will be stored in cold storage. When large transactions are requested, funds will need to be manually disbursed. This makes the liquidity pool slightly less liquid as it requires a human to deposit funds for large transactions. However, it mitigates security concerns regarding potential theft of cryptocurrency.

4. Seed phrases will be engraved onto a metal plate and stored in a safety deposit box. Only the founders will be permitted access to this safety deposit box.

5. A security consultant will be hired to audit our code and security practices.

6. Industry standard security practices will be used, such as using environment variables on the server, restricting server access to essential personnel, using strong passwords, etc.

Swap Disruptions

Many things can happen while a user is in the middle of a swap. They may lose Internet connection, our servers may go down, Immutable X could experience an outage, etc. If ImmutaSwap implements this incorrectly, transactions could result in the loss of user funds. It could also result in an exploit in the system where users could be paid twice in one swap, for example.

Mitigation

The system will be architected so that swaps will be state dependent and will only transition from one valid state to another valid state. Swappers will be able to resume a transaction when the connection is restored. If any problems arise, the user will be able to request a refund of the funds sent to ImmutaSwap.

Data Loss

The database could possibly be compromised, corrupted, or otherwise rendered invalid. The proposed AMM will be storing liquidity info on trading pairs, details on swap states, and customer information.

Mitigation

1. The database will be backed up regularly.

2. NFT's will be used for Liquidity Pool tokens (similar to Uniswap). This will allow for the re-calculation the liquidity pools using existing Immutable X transfer data and NFT LP metadata.

3. A blockchain will be considered as a storage solution. A StarkNet contract as a database is currently being explored as an option.

Crypto Crash

This is primarily a risk to investors, but not a risk to customers. The constant product formula for the liquidity pools will allow users to conduct transactions at any given moment. The Arbitrage Bots will ensure that the crypto value remains similar to other cryptocurrency exchanges (within a configurable tolerance) as cryptocurrency prices plummet. Customers will be able to trade all the way to zero.

Unfavorable Regulation

Government regulators continue to direct legislation towards limiting DEFI and cryptocurrency exchanges. If continued, this could result in fines for non-compliant business. If cryptocurrency exchanges fail to comply, the enforcement of regulations could chase customers away and could also result in businesses being subject to heavy fines and possible bankruptcy.

Mitigation

1. ImmutaSwap is hiring an experienced startup lawyer to advise us on all regulatory requirements, both present and future.

2. ImmutaSwap is considering using a Know-Your-Customer passport service, eliminating the need to hold user’s personal information on our servers. This should satisfy KYC requirements.

3. ImmutaSwap will work to be compliant with all applicable laws.

Competition

Competition is an inevitable state of any successful business. As Immutable X continues to grow in popularity, there will appear competitors to ImmutaSwap. Competition is good for the consumer but is an unwelcome challenge to businesses and ImmutaSwap will rise to meet any competitor's challenge.

Mitigation

1. ImmutaSwap will strive to become the cryptocurrency exchange of choice for Immutable X.

2. ImmutaSwap will offer user perks that encourage loyalty. For example, users that hold the ImmutaSwap coins or NFT's will be rewarded with cheaper exchange fees.

3. ImmutaSwap will promote Immutable X projects, build community tools, and facilitate the transition of players from one Immutable X project to another. ImmutaSwap is working to become a vital piece of the Immutable X ecosystem and more than just a crypto exchange.

4. ImmutaSwap has lower overhead than larger exchanges and thus can reduce fees to compete.