In-Depth Analysis of Stablecoin QIAN 2.0 | Multi-Layer Protection For Users’ Assets

  1. Bug in ERC777 Standard
  • Basic component: Assets Protected Elastic Contracts (APEC).
  • Extended component: Blockchain Enquiring, Auditing & Messaging System (BEAMS).
  • Financial component:
  • Global Emergency Lockdown (GEL);
  • Cooperative Automatic Lockdown Mechanism (CALM);
  • Multisig Admin Keys (MAK).

Basic Component — APEC

  • Data: Data from the classic contract structure is isolated and made into data contract(s) for data storage. Only necessary read and write interfaces are revealed to the public.
  • Logic: logical contracts only cover business logic, not business data.
  • Router: The field data that the business logic needs to read and write can be queried from the routing table according to the data module and field name, and then accessed based on the positioning result.
Fig 1 APEC Technical Structure Diagram

1. Routing Table

2. Upgradable Logic

3. Expansible Data

4. Asset Security

  • The data contract will maintain a swap table of user addresses and asset details internally. This table exists in the data contract and only provides two interfaces — incoming and outgoing transfers. Other interfaces are not allowed to write or update this asset table.
  • Incoming transfers will be sent directly to data contract address and call the incoming transfer interface. After the transfer is locked in the contract, the user’s address and asset details will be recorded on the asset swap table. And the logical contract will be called, then the business logic will be processed and recorded.
  • When making an outgoing transfer, the outgoing transfer interface on the data contract will be called directly and the contract will verify whether the user’s address exists in the asset swap table and then call the logical contract, calculate the transfer and finally make it happen.
  • For any address that does not exist in the asset swap table, the outgoing transfer interface will not answer its request. This ensures that any asset that is going out belongs to the original address that it went into from a logic level, hence guarantees the ownership and security of assets. And even the operation team itself will not be able to tamper with or steal any locked asset.

Extended Component — BEAMS

1. BEAMS Technical Structure

Fig 2 BEAMS Technical Structure Diagram

2. Data Enquiry

3. Audit Risk Control

4. Message Push

Financial Component

  • Protect the platform from attack and invasion
  • Protect the assets once the platform is invaded
  • Minimize the loss when the assets are no longer secure

1. GEL


3. MAK

  • If an admin key is stolen, the attacker cannot use the key to complete high-level permissions. And the platform administrator can use the multi-signature mechanism to delete the leaked key and make it invalid.
  • If an admin key is lost, the remaining admin keys can be used to add a new admin key and delete the lost one.
  • The admin key multi-signature mechanism makes every high-level authority operation depend on collective decision-making and execution, which has effectively prevented internal control risks and further protected the assets.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store