vulnerabilities of the Avalanche Network which would result in the Trust’s AVAX not being staked for a period of time. The Sponsor anticipates that the AVAX protocol and the Staking Arrangements will permit withdrawal of staked AVAX at regular intervals. The Sponsor believes that market practice for Provider-Facilitated Staking arrangements has largely become standardized, with little variation in terms, and therefore, the Sponsor anticipates that the Staking Arrangements generally align with the current practice of Staking Providers’ arrangements with other similarly situated third parties, subject to the negotiation of certain bespoke terms outlined above. Accordingly, and because transitioning to a new Staking Provider would involve friction costs, the Sponsor does not expect the Trust to change Staking Providers frequently, if at all. In addition, while the Trust may enter into Staking Arrangements with multiple Staking Providers, the Sponsor anticipates that any such arrangements would be substantively identical in all material respects to the Staking Arrangements described in this prospectus, including, for the avoidance of doubt, the bespoke terms of the Staking Arrangements outlined above. Any material deviation from the Staking Arrangements as described in this prospectus would be disclosed in the Trust’s subsequent filings with the Commission. Security and Controls The Trust’s Custodian has multiple layers of security protocols designed to protect the Trust’s assets from unauthorized access or transfer, which remain in place when the Trust’s AVAX is staked. The Trust’s AVAX is staked from the Trust’s wallets and is not transferred to any other wallet to be staked. The Avalanche protocol limits the activities of the Staking Provider to executing only those activities specified by the protocol, such as staking, un-staking and performing validation activities and does not enable the Staking Provider to unilaterally transfer staked assets to any wallet not specified by the Sponsor. Accordingly, the Staking Provider does not have any powers to move the Trust’s staked AVAX other than at the direction of the Sponsor. In particular, the Staking Provider is not authorized to leverage or rehypothecate the Trust’s AVAX tokens. The Staking Provider is also not able to change the designated wallet addresses on the Avalanche Network to which staked AVAX is to be withdrawn or to which Staking Consideration shall be sent. In addition, the Staking Arrangements do not alter the Trust’s custody environment or security procedures. The controls currently in place between the Sponsor and the Custodian also govern the activities related to staking and un-staking AVAX, as outlined in the Staking Arrangements. These controls and procedures include: • Private Key Management (“Shards”) : The Custodian manages AVAX for the Trust using offline storage, or cold storage, which means that the keys to the Trust’s AVAX are disconnected and/or deleted entirely from the internet. Transfers and other transactions from the Trust’s wallet require compliance with certain security procedures that will remain in place when the Trust’s AVAX is staked, including but not limited to, multiple encrypted private key “shards,” usernames, passwords and 2-step verification. Multiple private key shards held by the Custodian must be combined to reconstitute the private key to sign any transaction and transfer the Trust’s assets. Private key shards are distributed geographically in secure vaults around the world, including in the United States. The Custodian’s system architecture requires the involvement of the Sponsor to reconstruct the private keys and access the Trust’s assets, and it is not possible for the Custodian’s employees to access the Trust’s assets without the Sponsor’s involvement and approval. This architecture is part of the Custodian’s service organizational controls (“SOC”) Type I and Type II reports, which are authored by leading assurance providers to confirm to the Custodian’s clients that the Custodian is compliant with a variety of security and reporting standards, and which are delivered to the Sponsor for review on an annual basis. • General Controls on the Custodian’s Custody Environment : Data related to transaction activity executed on the Custodian’s platform is backed-up and saved to both an alternative location (besides the primary location) and to a “Disaster Recovery” Amazon Web Services (“AWS”) Account to enable recoverability in an event one of the regions becomes unavailable. Authentication requirements for the Custodian’s platform are restricted through two-factor authentication and encrypted network protocols, among others. • User Entity Controls : In addition to security controls in place at the Custodian, the Sponsor expects to implement additional controls and procedures, including, but not limited to, (i) reviewing the Custodian’s SOC report to ensure private key management and other general controls are consistently
134
Made with FlippingBook - professional solution for displaying marketing and sales documents online