Close

Get It Together: ChainLink Securely Tying Smart Contracts to the Data They Require

Summary

ChainLink is a project with a clear use case driven by market demand. Supported by a strong team and an engaged community. These positive factors are undermined by opaque distribution and minimal decentralization. Resulting in a token score of 33 out of 50.

Get the Audit

Full report in PDF format available here

Overview

ChainLink’s focus is securely connecting smart contracts to off-chain data sources. Referring to itself as decentralized oracle middleware.

Payment to providers of data services is made in the project’s native cryptoasset, LINK. Which the providers must stake to ensure the quality and timeliness of information delivered.

Cryptoeconomics (4 points out of 5)

Link Tokens are bonded by Oracles to prevent freeloading and ensure their responsiveness. Supply is fixed at 1 billion. Value is generated from transaction fees assessed for moving assets across chains.

As a business to business solution focused on connecting blockchains to each other. There is no obvious path to generating network effects.

Individual oracles should be able to generate network effects. Building a positive reputation, leads to higher usage, further building the Oracles reputation, increasing usage, etc…

Investability (3 out of 5)

The capital allocation process appears disciplined. Cannot be verified due to lack of publicly available financials.

Demand has been on an uptrend. Increased demand results in more value bonded into nodes for services being supplied to smart contracts.

Inevitably some of these nodes will not live up to the terms agreed to with the smart contracts dependent on them. Resulting in their bond being burned. Increasing the value of remaining LINK as they become scarcer.

Link has carved out a brand as a provider of middleware to oracle projects. It’s unclear if oracle middleware resonates with a large enough audience to provide much brand value to the project.

The interoperability and oracle spaces are highly competitive. Chainlink’s hardware-based approach provides defensibility against the software focused approaches of competitors. But, if it proves successful will be prone to copying.

Distribution (1.5 out of 5)

Insider token allocations were not subjected to lock-ups or vesting. Its fixed supply of 1 billion does not optimize for long term usage.

The token sale was not equitable. Only 35% of supply was sold to investors.

Distribution was not widespread. 65% of the supply was issued to insiders and node operators.

Team (4 out of 5)

The team has an accomplished track record of successfully steering technology projects. Having previously built oracles on top of Bitcoin and Ethereum and a decentralized exchange. Giving them unique qualifications.

To build awareness and support it’s day to day functioning. The team employs a variety of individuals with backgrounds in marketing and operations.

Transparency is a concern as there have been large token transfers from project controlled addresses for unknown purposes.

Project (5 out of 5)

The project is live and has active users.

The whitepaper was technically detailed in a good way. Trying to enlighten readers on the objectives of the project.

Outlining a use case the team thought they could tackle. A tool to help smart contracts more securely obtain the information they need to function. Using a unique trusted hardware approach built on Intel’s SGX extensions to better secure these links.

The core codebase along with the standards for the adapters and subtasks are all open source. Ensuring projects have access to the information required to set up secure communications for their smart contracts.

Scalability (3 out of 5)

Due to the impressive team and advisors assembled by ChainLink they have not had problems raising money for the project. Spending also seems reasonable given the capital raised. Details cannot be confirmed due to ChainLink’s structure as a private company.

The team intentionally declined to publish a roadmap. Due to the projects technical complexity.

To assist developers with using the protocol. Tooling is actively updated and improved. While used globally, the bulk of activity currently takes place in North America.

Securability (2.5 out of 5)

ChainLink’s node network is hard to evaluate. The project lacks a robust easy to use Block Explorer.  An ongoing bug bounty is operated by Hackerone.

While rewards are untiered. Initial allocations of tokens to selected node operators from the ecosystem fund appears to have resulted in concentrating rewards from staking in three pools. With minimal transparency on how many individuals are staking their Links in these pools.

As an ERC-20 token. It is easily stored securely.

Decentralization (1.5 out of 5)

Over thirty developers have contributed.

ChainLink, the company, does not plan to decentralize oversight of the project. So, it cannot be expected to function normally absent their involvement.

Holdings are concentrated.

  • Burn model dictates team holds quite a few in reserve. In case node operators don’t perform up to expectations and a large quantity end up being destroyed.
  • Majority in circulation are held on exchanges. So it’s unclear how dispersed these holdings are.
  • Allocations to early node operators concentrated supply of staked tokens

While resources dedicated to the project are active worldwide. The bulk of activity is concentrated in North America.

Engagement (5 out of 5)

Chainlink has been adopted to support blockchain initiatives of many organizations including IBM, SWIFT, and Oracle.

Reddit is active with project focused discussions. Ongoing discussions across multiple channels on both Telegram and Discord. Twitter sentiment is positive.

Project attention spiked on google trends when the mainnet launched. Remains in uptrend from pre-mainnet launch baseline.

Risk Management (3.5 out of 5)

Quantstamp audited ChainLink’s code. Funding risk appears low as most non-ICO funds raised by ChainLink, the company, appear to have occurred in USD.

Given its recent mainnet launch and critical functionality like bonding still under development. It is unclear how anti-fragile the ChainLink network is.

Attack risk is low giving the majority of tokens are held by the ChainLink organization or node operators aligned with it. Regulatory risk appears low given it’s operating network when the ICO took place and functional utility.

Want to get started conducting your own audits. Download the Audit Template Here!

The following two tabs change content below.
Is a CFA® Charterholder and founder of Crypto Jungle. A site devoted to helping people hack through the weeds to find the crypto gems. The CFA designation is globally recognized and attests to a charterholder’s success in a rigorous and comprehensive study program in the field of investment management and research analysis.

Visit the site to subscribe to the newsletter and stay up to date on his latest research into cryptoasset investing.

CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.

Leave a Reply

Your email address will not be published. Required fields are marked *