| | | Effective PR

The chase is on: what happened to the ICO money raised by Confido?

BIScom Subsection: 
Nigel Morris-Cotterill

How many tags can we add to this article? LexTech (as in legal technology)?, LegalTech? FinTech, contracting? Cloudflare? DNS Laundering? ICO? Regulation? If nothing else, the story is a warning to regulators to stop and think: are they really doing it right or just being swept along on a wave of other people's self-interest and enthusiasm?

Confido described itself as "using smart contracts with a unique shipment tracking feature." The idea was that it would become a trusted third party (remember that term from the early days of internet payments? It's still useful) as, in effect, an escrow holder. In fact, what the company was offering was far more prosaic:

While there are still odd "cached" copies of the confido.io website around, the site itself has been taken down. The site, registered using NameCheap, inc., is registered to the name Joost Van Doorn of Kufsteiner Str. 9, Berlin, 10825, Germany. The "organisation" is marked as "Confido" with no indication that it is a formal company.

The domain confido.io was routed through Cloudflare, a service used by many criminals to shield their actual location by DNS laundering. The servers were pat.ns.cloudflare.com and owen.ns.cloudflare.com

The website was, in fact, a single page plus a "white paper." We don't have a copy of the "white paper" but we do have the full webpage as it was available to the public prior to its being taken down. The following are listed as "Our Team"

Joost van Doorn - founder, CEO
Max Kruger - co-founder, CTO
Liam Bellum - Full stack developer
Nick Spatz - iOS/Android developer

The ICO was sparsely documented and like much of the rest of the page awash with buzzwords. The page says that funds raised in the ICO will be "escrowed by Kraft & Wurgaft, P.C." - but endeavours to find such a firm has met with zero success. There is a law firm in Newark, New Jersey, USA with a similar name (Kravis and Wurgaft, PC) but there is no current indication that the firm had any connection with Confido.

The ICO was run through Ethereum which, on its website says "Ethereum is a decentralized platform that runs smart contracts." There it is again: the "smart contracts" thing.

Ethereum is, at its heart, a platform that allows anyone to create their own crypto-currency, mine "tokens" and issue them. It does much more. Ethereum is what central banks would be if they grew up.

Those behind Confido used Ethereum to create their own tokens and to place them in an ICO during which, they said, they would accept "over 75 cryptocurrencies." They said they were aiming to raise USD400,000 because that was enough and they didn't subscribe to the view that companies should just raise whatever they could. he total supply will be 15 million tokens. Sixty percent of the tokens (9.000.000) will be sold in the ICO, thirty percent (4.500.000) will be held by the company and ten percent (1.500.000) will be allocated to the bounty campaign. Our hard cap is 1250 ETH."

It is said that they raised the equivalent of USD375,000, and then killed their web presence, closed their (anonymous, nil-archive) e-email accounts.

The case clearly shows that there is a place for improved regulation of ICOs - and that must include some mechanism that equates to issuing bank in an IPO.

In a wonderful display of how changing the meaning of words creates unintended consequences, Ethereum says "Kickstart a project with a trustless crowdsale." That sounds dodgy and so it proved in the case of Confido which marketed its services as "Confido takes away the trust barrier in exchanges involving cryptocurrencies, while also staying decentralised and trustless. "

Trustless indeed.

So, where's the money? Right now, no one except those involved know but those who sent their money have its identification tags and so, if someone wants to start a chase, data can be collected. But the money isn't enough, in total, much less individually, to get a law firm excited. So the losers are to be thrown back onto government authorities. But which? Germany where the company purported to be? Switzerland, where Ethereum is based? The USA because the USA thinks it owns the internet?

The fact is that, by running a relatively small, quickly evaporating, scheme, those behind it have almost certainly got away with it. Sure, Cloudflare and the CheapDomains will have credit card information but that's not likely to be real.

The domain information we found shows that the domain was registered on 31 August 2017. The ICO was set to run in late October. The problem of "shooting star" domains used for dodgy dealings has long been an issue and this case is, in this respect, nothing new. The ICO was hosted at TokenLot (tokenl.ot) which has reportedly said that there was a fraud which they are considering reporting to the FBI.

TokenLot is, essentially, a service where ICO issuers post their offerings for purchase. It says, on its website "At TokenLot, we provide the research tools to give our customers the opportunity to make the most informed decisions possible. For each ICO, we present a summary of the project, links to relevant content (including white papers, videos, or articles), and methods to contact the companies hosting the ICO through social media pages." Taking out the references to publicly available material which is produced by the issuer and not independently verified, it is difficult to find what else TokenLot does to facilitate "the most informed decisions possible." Did it, for example, do a LinkedIn search for Joost van Doorn? Had they done so, they would have found that there are a number of members but the one that is most interesting in this context is the Head of infrastructure services at ABN AMRO in Singapore.

Or perhaps Max Kruger whose photo on the website shows him at an event hosted by The Association of Network Marketing Professionals - and again, the only relevant LinkedIn profile is for someone different.

In fact, nothing about this case is new except the market place in which the sales were made. It's an old-fashioned fraud just like the guy who turns up at a market, sells a pig in a poke, and runs away before anyone looks in the bag.

Meanwhile, an internet search for Confido provides little on that venture but lots on "Confido Himalaya Herbs" which, it is claimed (without any government approvals) "reduces anxiety, calms the individual and restores male confidence. A herbal combination that betters sexual performance." Aside from the mistaken use of "betters in the promo," investors might have done better to put their money into whoever is producing those herbs.

After all, according to coinmarketcap.com, a website that tracks the value of digital tokens, Confido tokens have, in the past week, fallen to less than one tenth of one US cent in value. Bitcoin it ain't.