leverage or rehypothecate the Trust’s SUI tokens. The Staking Provider would also not be able to change the designated wallet addresses on the Sui Network to which staked SUI is to be withdrawn or to which Staking Consideration shall be sent. In addition, the Staking Arrangements would not alter the Trust’s custody environment or security procedures. The controls currently in place between the Sponsor and the Custodian would also govern the activities related to staking and un-staking SUI, which would be outlined in the Staking Arrangements. These controls and procedures include: • Private Key Management (“Shards”) : The Custodian manages SUI for the Trust using offline storage, or cold storage, which means that the keys to the Trust’s SUI are disconnected and/or deleted entirely from the internet. Transfers and other transactions from the Trust’s wallet require compliance with certain security procedures that will remain in place when the Trust’s SUI is staked, including but not limited to, multiple encrypted private key “shards,” usernames, passwords and 2-step verification. Multiple private key shards held by the Custodian must be combined to reconstitute the private key to sign any transaction and transfer the Trust’s assets. Private key shards are distributed geographically in secure vaults around the world, including in the United States. The Custodian’s system architecture requires the involvement of the Sponsor to reconstruct the private keys and access the Trust’s assets, and it is not possible for the Custodian’s employees to access the Trust’s assets without the Sponsor’s involvement and approval. This architecture is part of the Custodian’s service organizational controls (“SOC”) Type I and Type II reports, which are authored by leading assurance providers to confirm to the Custodian’s clients that the Custodian is compliant with a variety of security and reporting standards, and which are delivered to the Sponsor for review on an annual basis. • General Controls on the Custodian’s Custody Environment : Data related to transaction activity executed on the Custodian’s platform is backed-up and saved to both an alternative location (besides the primary location) and to a “Disaster Recovery” Amazon Web Services (“AWS”) Account to enable recoverability in an event one of the regions becomes unavailable. Authentication requirements for the Custodian’s platform are restricted through two-factor authentication and encrypted network protocols, among others. • User Entity Controls : In addition to security controls in place at the Custodian, the Sponsor expects to implement additional controls and procedures, including, but not limited to, (i) reviewing the Custodian’s SOC report to ensure private key management and other general controls are consistently applied and operating without exceptions, (ii) periodically reviewing Sponsor team members’ access to the custodial wallet environment to ensure appropriateness, and (iii) reviewing the Custodian’s third party management control. The Sponsor also reviews the SOC report for one of the key sub-service providers, AWS, including specifically sections related to availability, security and confidentiality. Under its third party risk management framework, the Sponsor also performs other ongoing monitoring of the Custodian, including the completion of an assessment of the Custodian’s cybersecurity controls. In addition, the Sponsor expects to screen all eligible Staking Providers in a manner consistent with its practices in screening eligible custodians, including, but not limited to, by (i) conducting initial and, thereafter, annual reviews of the Staking Provider’s SOC report to assess controls relevant to the staking activities environment, (ii) conducting initial and, thereafter, annual reviews of the SOC reports of the Staking Provider’s cloud-based infrastructure service provider (for example, AWS) covering availability, security and confidentiality principles to ensure necessary controls governing continued service and “uptime” (i.e., the ratio of signatures provided by the Staking Provider to the total number of signatures it should have provided during a given time period), (iii) reviewing authority levels and access rights within the Staking Provider’s staking activities environment, and (iv) performing other ongoing diligence procedures, including periodic assessments of the Staking Provider’s cybersecurity policies and controls, monitoring the Staking Provider’s online environment for major security events and periodic discussions with the Staking Provider’s client-facing teams regarding new company initiatives. See “Risk Factors—Risk Factors Related to Staking.” Book-Entry Form Shares are held primarily in book-entry form by the Transfer Agent. The Sponsor or its delegate will direct the Transfer Agent to credit or debit, as applicable, the number of Baskets to the applicable Authorized Participant. The Transfer Agent will issue or cancel Baskets, as applicable. Transfers will be made in accordance with standard securities industry practice. The Sponsor may cause the Trust to issue Shares in certificated form in limited circumstances in its sole discretion. Share Splits In its discretion, the Sponsor may direct the Transfer Agent to declare a split or reverse split in the number of Shares outstanding and to make a corresponding change in the number of Shares constituting a Basket. For example, if the Sponsor believes that the per Share price in the secondary market for Shares has risen or fallen outside a desirable trading price range, it may declare such a split or reverse split.
114
Made with FlippingBook - professional solution for displaying marketing and sales documents online