C.O.S.S CRYPTO-ONE-STOP-SOLUTION [email protected] March 2018 | Version 4.0
TABLE OF CONTENTS DISCLAIMER INTRODUCTION COSS PLATFORM OVERVIEW WHAT IS COSS? GOALS COMPONENTS FEATURES EXCHANGE WALLET WALLET TYPES • Hot wallet • Warm wallet • Cold wallet KYC/AML DASHBOARD • History • Security • Deposit • Withdrawal TOKEN & ICO LISTING COSS TOKEN COSS DAO ARCHITECTURE DEVELOPMENT FUTURE PROJECTIONS APPENDIX: DEFINITIONS
DISCLAIMER This Whitepaper is intended for informative purposes only. COSS makes no representations, guarantees or warranties (whether express or implied). This Whitepaper or any other related document published by COSS is not intended to be construed as or relied upon as an investment/ financial or legal advice on any matter and COSS disclaims all liability and damages of any kind arising from any information stated and relied on in this Whitepaper and any related publications. The reader may contact a competent advisor for tailored advice or conduct own due diligence on the subject matter contained herein. The contents of this Whitepaper are intended only as an educational read on COSS and its journey. The content provided is on an ‘as is-where is’ basis and is liable to change without prior notice, at the sole discretion of COSS. As the COSS eco-system evolves, content included in this Whitepaper, in particular, the “ROADMAP & DEVELOPMENT” will also be subjected to change. The actual results and the performance of COSS may diﬀer materially from those set out in the “ROADMAP & DEVELOPMENT”. Please note, the information contained in this Whitepaper has not been examined or approved by any regulatory authority. The publication, distribution, or dissemination of this white paper or any other document published by COSS does not imply compliance with applicable laws or regulatory requirements.
INTRODUCTION This white paper describes the structure, functionality, and features of Crypto One-Stop Solution (COSS), a cryptocurrency exchange platform launched by a Singapore company, C.O.S.S. Pte Ltd in April 2017. At the time of writing, the COSS platform is in beta, and its primary function is to serve as a cryptocurrency exchange. However, the conceptual model of COSS is not just confined to a cryptocurrency exchange. It also includes the implementation of multiple merchant tools aimed at the massive adoption of cryptocurrencies in the future. We will describe these instruments in the chapters devoted to the company's roadmap and development throughout 2018. Through its services and merchant tools, COSS (a.k.a. COSS.IO) intends to improve the overall cryptocurrency user experience. COSS aims to build a foundation for a community of cryptocurrency users, companies, startups, traders, customers, and merchants into a viable market, or an ecosystem that will expand with the implementation of new features on COSS.IO. All of the components mentioned above in combination will provide a stable ground for the mass adoption of cryptocurrency. With insufficient user and merchant adoption of cryptocurrencies, low transaction volumes, and consequently, low market prices, not enough viable solutions have been provided to make cryptocurrencies user-friendly. The path from creating a digital wallet to making actual payments in cryptocurrencies is still inconvenient, cumbersome, and technically challenging. When addressed mindfully, these barriers can be overcome by using a one-stop solution approach. A one-stop solution implies a single venue or platform designed speciﬁcally to educate users about the variety of tokens on the market, help individuals make informed choices, and provide multiple possibilities for digital currency use, all in the same place. All cryptocurrencies listed on COSS are subject to examination by us. The primary focus of the COSS platform at this time is to improve the overall cryptocurrency user experience through its services and features, and above all, its cryptocurrency exchange. COSS approaches usability issues related to virtual currencies in an innovative way, inspired by disruptive technologies and trends such as blockchain, smart contracts, DAOs, token sales, and so on. The platform gathers the most popular services and products associated with cryptocurrency into a single outlet. COSS allows users to deposit, withdraw, buy, sell, and spend cryptocurrency safely, and to take advantage of the additional services that are and will be continuously implemented on COSS.IO to keep up with the fast-paced fintech industry.
COSS PLATFORM OVERVIEW WHAT IS COSS? COSS, or Crypto-One-Stop-Solution, is a platform which encompasses all features of a digital economic system based on cryptocurrency. The COSS platform is made up of core elements such as an e-wallet, a cryptocurrency exchange, and a native token. Additionally, it provides related features and services such as market cap rankings, token listings, and merchant tools (namely, a payment gateway or point of sale), a merchant list, and an early version of a cryptocurrency-friendly marketplace. COSS aims to facilitate the mass adoption of cryptocurrency. GOALS The principal purpose of COSS is to oﬀer multiple services associated with the use of cryptocurrency within a single state-of-the-art cryptocurrency platform and exchange. The number of potential features possible to implement on COSS is inﬁnite and will continue growing as the platform evolves. COSS aims to offer its users a seamless experience when accessing the available cryptocurrency services and products within a single interface. COMPONENTS COSS aims to develop solutions to the global needs of the cryptocurrency industry in general, and with particular attention to the demands of individual users who intend to manage their assets online. The platform focuses on providing individuals with guidelines for a smooth start in the cryptocurrency world. The full COSS system comprises multiple interconnected applications that are available to COSS account owners, divided into two main types of users: regular users and admins (company staff).
The principal COSS applications are: FEATURES The COSS platform currently includes the following features:
EXCHANGE The COSS platform has an integrated exchange allowing users to trade cryptocurrencies directly from their COSS wallets. The exchange back-end manages trading pairs dynamically. New tokens and trading pairs are continuously added in accordance with the community's preferences, and with the collaboration of token developers. Dynamic fees are set for each cryptocurrency. Users can mark specific pairs as favorites. For each trading pair, the exchange displays the following information: the type of currency, the daily transaction volume of the chosen cryptocurrency, and price increase/decrease over the last 24 hours. The COSS exchange runs on a separate, independent custom-developed trading engine. This trading engine communicates with the web server through an internal API. The trading order is accomplished automatically based on the available requests on the exchange in real time. Every exchange occurs between two parties: the maker, who places his or her order on the order book before the trade, and the taker, an individual who places a matching order or accepts the maker's order. The COSS Exchange oﬀers both limit and market orders. Limit orders are executed automatically only when prices match; if prices do not match, the limit order may never execute. Market orders are executed instantly. The chart below summarizes the diﬀerences between limit and market orders: Orders can also be partially ﬁlled, which means that the order amount can be divided into parts and sold to diﬀerent people (e.g. a sale order of 100 Bitcoin can be split and partially purchased by several buyers willing to buy 25 Bitcoin each).
WALLET Every user on COSS automatically has access to an e-wallet which supports multiple cryptocurrencies and FIAT. Wallet management functions include viewing balances in each currency, making deposits and withdrawals. Balances which are currently reserved in limit order on the exchange are also displayed in the wallet, although they cannot be withdrawn unless the user cancel their orders.
WALLET TYPES COSS stores funds in 3 diﬀerent types of portfolios: hot, warm, and cold wallets. Savings owned by COSS account holders are kept in cold wallets, while funds that are actively used for transactions are stored in warm wallets, adding an extra layer of protection against loss of funds. Hot wallets are used mainly for deposits and for temporary storage. Hot wallet Warm wallet Cold wallet Hot wallets are stored on Warm wallets locate on a Cold wallets are stored on the platform in order to be separate server protected air-gapped PCs in secure used for deposits; by an enhanced security locations mechanism: These wallets hold funds • All the communication These computers have no only for a limited amount of ports except for the internet connection, and the time until the deposit blockchain transactions from the cold transactions are conﬁrmed; synchronization ones are wallets are processed blocked. manually by our ﬁnancial Once the blockchain • No user has access to the managers; transactions are conﬁrmed, server directly. the funds are placed into • The wallet's password is The most considerable part the warm wallets. encrypted, etc.; of the users' funds is kept in • Only a limited amount of the cold wallets. funds can be stored in the warm wallet.
KYC/AML For enhanced platform security, all COSS account holders are required to complete a Know Your Customer(KYC)/Anti Money Laundering(AML) process. Account holders can check their verification status on their user dashboard. Once an account holder has complete KYC requirements, he or she will be able to activate their account and use the platform. KYC is mandatory for all COSS users. COSS verifies all users before allowing them to access their accounts on the platform and use its functions. Our procedures are compliant with international “Know Your Customer” best practices as outlines in Anti money Laundering and the Combating of Terrorist Financing. Those guidelines require the following: • Customer risk assessment • Customer due diligence (Identification, Verification and Acceptance) • Monitor customers’ transactions on an ongoing basis RISK ASSESSMENT COSS take steps to identify, assess and understand, its AML and CTF risks in relation to - 1. It's customers 2. The countries or jurisdictions its customers are from or in; 3. Political status (e.g. PEP relationship) RISK ASSESSMENT MATRIX INDIVIDUAL CPI - Corruption Perceptions Index COUNTRY RISK FATF - Financial Action Task Force OECD - Organization for Economic Co-operation and Development TAX RISK FSI - Financial Secrecy Index FATCA - Foreign Account Tax Compliance Act SCREENING RISK PEP/Sanctions/Adverse news Industry STRUCTURAL RISK Occupation Onboarding Mode OPERATIONAL RISK Payment Mode The complexity of Products and Services
CUSTOMER DUE DILIGENCE PROCESS The user shall not open, operate or maintain any anonymous account, and/or any account in a false name, and/or in the name of a fictitious person. COSS shall verify the identity of the customer using reliable, independent source data, documents or information. Key requirements: 1. Establish and verify the identity of any customer 2. Must obtain sufficient and satisfactory evidence of his or her identity Our standard KYC Customer Due Diligence (CDD) requirements for Personal customers include: Information needed Documentation/Verification Acceptable Format Legal Name Passport Copy JPG, GIF, PNG, TIFF or Date of Birth PDF Nationality OR Date of expiry (Document should be in Gender English) Government issued photo IDs ID number *(Expiration date should not be less than 6 months from the time of submission) Residential Address Bank statement issued within 3 JPG, GIF, PNG, TIFF or months. PDF OR Utility bill issued within the last 3 months (mainly payment for gas or water bills for your residential home) (Note: - Latin characters are allowed as long as legal name, residential address and date of issue are specified.) Note: Screenshots cannot OR be accepted A tax assessment issued within the year OR Tenancy contracts issued within the year with legal name of the customer, residential address followed by your
signature and the landlord’s signature together with the date of issue. OR Letter from a recognized public authority /government correspondent (subject to our satisfaction). (Notes: Non -English document needs to be translated into English and notarize their proof of addresses by a certified lawyer before uploading) Selfie 1) Your head must face the camera JPG, PNG (The file has to directly with full face in view. be below 2MB) 2) You must have a neutral facial expression or a natural smile, with both eyes open. 3) Taken in clothing normally worn on a daily basis. 4) Taken in the last 6 months. 5) Use a plain white or off-white background. Phone Number 2FA and SMS verification format <country code > <phone number> e.g. +65 12345678 Email address Only Verified email address (no NA temporary or junk email addresses) Source of Funds 1) Download, complete and submit JPG, GIF, PNG, TIFF or declaration of the Proof of source of funds PDF customer 1.Screenshots are not 2) Source of funds declaration is accepted mandatory for the below scenarios: 1)Any transaction of a value exceeding $20,000USD 2)Where Enhanced Due Diligence 2.Non-English documents (EDD) is required due to the risk needs to be notarized by a profile of the customer. certified lawyer and/or public notary
EFFECTIVE SCREENING CONTROLS AND RISK MANAGEMENT We shall screen customers against the Sanction lists, Politically Exposed Persons(PEP) and Adverse News media to meet our AML compliance obligations. The results of screening and assessment will be documented. ENHANCED DUE DILIGENCE (EDD) Enhanced Due Diligence (EDD) is used by global organizations to mitigate and protect against reputational damage during the on boarding of high-risk customers. As part of enhanced due diligence, for any customer that presents a higher risk for money laundering or terrorism-related financing, we will obtain the following: 1) approval from COSS management to establish or continue business relations with the customer; 2) establish, by appropriate and reasonable means, the source of wealth and source of funds of the customer. LISTS OF SANCTIONED COUNTRIES COSS will not approve accounts based in sanctioned countries as defined by the MAS Act (Section 27A), UN Security Council Resolution 1373 (UNSCRs), and the Terrorism (Suppression of Financing) Act (Chapter 325). 1. Democratic People’s Republic of Korea 2. The Democratic Republic of the Congo 3. Eritrea 4. Iran 5. Libya 6. Somalia 7. South Sudan 8. Sudan 9. Yemen
FATF HIGH-RISK COUNTRIES High-risk countries as per Financial Action Taskforce(FATF) will require COSS Compliance to perform enhanced due diligence by ascertaining their source of funds with documentary proof. A user from the list of countries mentioned below will only have access to a COSS account after undergoing a review by our COSS Compliance team. 1.Ethiopia 2. Iraq 3. Serbia 4. Sri Lanka 5. Trinidad and Tobago 6. Syria 7. Tunisia 8. Vanuatu TRANSACTION MONITORING For the purposes of ongoing monitoring, we shall put in place and implement adequate systems and Controls. Data Protection Protocol: ● Collecting information about users' login attempts and IP addresses; ● Screening for and reporting multiple accounts registered by the same user by comparing their names, registration addresses, and IP addresses; ● Collecting trading history, deposit, and withdrawal addresses from all users DASHBOARD Once logged in, an account holder can access information about the COSS Token-Based Fee Split Allocation (if he or she owns COSS tokens) including the guidelines to enable it. In this section a user can: ● view and modify his or her account information (User Info); ● manage his or her cryptocurrency wallets and FIAT (Wallet); ● get verified (Verification); ● view transaction and trading history (History); ● take part in promotional sales of listed tokens (Trading Promotions); ● participate in ongoing ICOs ● report technical issues and contact support; ● view withdrawal fees;
● share referral links via email, Facebook, Twitter, or LinkedIn to increase his or her aﬃliate level and to receive additional perks such as reduced trading fees; ● make cryptocurrency and FIAT deposits and withdrawals. HISTORY In the history section, a user can view his or her transaction history, including information about withdrawals, deposits, account security, and so on. The tabs below are grouped by the following action types: Creation, Authentication, Enabling/ disabling 2FA, changing password/ Email. Creating/ Completing orders, Trading Viewing the history of deposits, withdrawals, and Transaction. SECURITY COSS’ main priority is system security, protecting user accounts against any unwanted or fraudulent activity, and protecting their funds from theft, using advanced two-factor authentication (2FA) and end-to-end encryption processes. The security sub-module can only be accessed after additional password conﬁrmation. This sub-module allows the user to: ● edit the user's contact information, e.g., a phone number or email address (only after conﬁrmation); ● change their password; ● activate/deactivate 2-Factor Authentication (2FA). Upon inputting 2FA, users receive a code either through a mobile authentication app or via email.
DEPOSITS A user can deposit a cryptocurrency into their wallet by clicking the "deposit" button in their wallet section, and then select the cryptocurrency he intends to deposit from the list. Having chosen the cryptocurrency, the user will see a pop-up with a wallet address and a QR-code for the deposit. The payment can be completed by scanning the QR-code, copying and pasting the address, or by clicking on the payment link (if the user's wallet app is installed on the device he or she is using). Depending on the cryptocurrency type, the user's balance will be updated after the required amount of conﬁrmations. An email conﬁrmation will also be sent out once the payment is received, indicating that the payment has been completed. WITHDRAWALS Withdrawals are processed diﬀerently depending on the currency that is retrieved. Some of the withdrawals are automated, and some are manual. Larger amounts will require approval from our finance department. TOKEN & ICO LISTING COSS is open to partnerships with fintech startups that already have a token or are in the planning stage of its ICO sale. Such companies can feature their cryptocurrencies on COSS in the market cap listing section, on the exchange, or on the ICO listing page.
1.KYB FORM Click on the KYB form to download and complete the checklist, and forward the completed KYB form and documents to [email protected] 2.SCREENING COSS has a systematic procedure for identifying new business partners, and are unable to establish a relationship until the identity of a new business partner is verified. a) Client Identification Program (CIP) The first step is Customer Identification Program (CIP), which requires COSS to collect, document, and establish the basic identity of the client (e.g. legal name & existence, registered details and nature of business activity, etc.) b) Client Verification COSS will verify the authenticity of gathered information, verify the client’s identity, and assess the risk of establishing a business relationship. The precise procedures for CDD and EDD depend on the risk profile of the bank that the business partner is using. c) Client Acceptance Policy i) No client account can be opened using an anonymous or fictitious name ii) Parameters of risk perception are clearly defined in terms of the nature of the client’s business activity, the client’s jurisdiction and its associates, its financial status, and any other information that COSS deems relevant. iii) COSS will conduct any checks required before opening a new account to ensure that the identity of the customer does not match with any customer with known criminal background or sanctioned individuals. 3.LEGAL Upon receipt of the legal opinion, the COSS legal team will review the documentation and will be in touch with the client’s legal team in the event that any clarification or additional information is needed. Once reviewed, the legal team will forward the listing request to the Commercial Department.
4.COMMERCIALS Clients may pay a listing fee and/or commit to a trading promo on COSS.io A trading promotion requires you to commit to a certain number of days, and there has to be an initial contribution of tokens, which can be discussed with COSS management A typical trading promotion can be described as: Promo duration: <number of days> days of trading, between <date > and <date>, and ends at 2359hrs. • The top 10 traders by volume split 30% of the pool: • The top 11-20 traders by volume split 25% • The top 21-30 traders by volume split 20% • The top 31-40 traders by volume split 15% • The top 41-50 traders by volume split 10% COSS is open to suggestions for alternative trading promotions, pending approval. 5.TECHNOLOGY COSS’ technical department will list the token or ICO dependent on the technical team’s availability and client timelines. COSS TOKEN COSS was a 100% self-funded project that did not receive any external investments before its April 2017 beta launch. It remained privately funded during its first months in operation until the COSS token presale for early investors took place in July 2017. This step was essential for the future development of the project, its expansion, and the implementation of the new functions and features. A presale was followed by a month- long token swap (ICO) for the COSS token providing opportunities to people who share the COSS vision and believe in the project's potential. The name of the cryptocurrency, as well as its ticker, is COSS. The COSS token generates an entire cryptocurrency portfolio to its holders derived from cryptocurrency transaction fees within the COSS platform. This process is called the COSS TOKEN-BASED FEE SPLIT ALLOCATION (FSA), in which transaction fees are split in half by the COSS DAO and distributed equally between COSS and COSS token holders. Through this process, 50% of all transaction fees generated by the platform are shared among COSS token holders.
The COSS token generates FSA in all cryptocurrencies traded on the platform. The amount of the split allocation received by the user is defined by a smart contract based on the amount of COSS tokens held. The fee split is allocated to COSS token holders' dashboard on a weekly basis. Users can choose to distribute to their personal wallets at will or allow it to accumulate on the exchange. Funds are generated by exchange transaction fees. The platform generates the fee split from the following sources:
COSS DAO A DAO is a computer program, run by a peer-to-peer network, in which the governance and decision-making are prescribed by the code or the pre-programmed set of smart contracts. DAOs operate autonomously, without human involvement, meaning that the code can provide direct, real-time control of the DAO and the funds stored on it. Due to its decentralized governance, DAOs have no central point of failure, representing a new generation of organizations and businesses that will evolve into Decentralized Autonomous Corporations or Companies (DAC). COSS DAO enables token holders to receive FSA from the COSS system on a weekly basis due to a smart contract governing the process.
ARCHITECTURE The technologies underlying the COSS system comply with the latest software development requirements. With a combination of the best frameworks at hand, COSS aligns with the most recent technology standards. To manage client communications, we use the NGINX application to create the web proxy server. The advantages of NGINX, such as managing multiple connections, compatibility with a diverse range of protocols, and advanced load-balancing underlie our choice to use the application. The web proxy server communicates with front-end applications based on Angular2, VueJS, and NodeJS. The communication is carried out via the HTTP2 protocol and WebSockets. The Service Layer manages the SSO (Single-Sign-On), 2FA (2-Factor-Authentication), the messaging system (email service), user proﬁles, merchant proﬁles, wallets, and the exchange. This layer communicates with a back oﬃce web application (through HTTP2 and WebSockets), the wallets (through Remote Procedure Calls), and the exchange engine (via TCP and a Message Bus). The exchange engine powered by Node.js is a fast, single-threaded application. The back-oﬃce management applications are built using the Bootstrap framework and Node.js, as they correspond to the latest technology standards and are widely adopted. The communication layer between Geth and the front-end application is implemented using Node.js, which uses an event-driven, non-blocking I/O model allowing it to manage communications between the users and the COSS system. The Node.js application communicates with Geth through IPC (Inter-process Communication), memory/pipe- based communication between processes on the same machine. The Node.js application shares the same server with Geth.
DEVELOPMENT At COSS we aim to implement new features regularly while we pursue both our long- and short-term goals for massive cryptocurrency adoption and the overall improvement of the exchange and its functions. Our goal for 2018 is to finish building a state-of-the-art cryptocurrency exchange, implement FIAT functionality and become fully compliant applicable Singapore government regulations. Once the above is achieved, we will be focusing on the Payment Gateway/POS-system implementation that will take us a step closer to the goal of bringing crypto to the masses. That will go hand-in-hand with reviewing the current Merchant list, reopening the merchant application process, and building a viable digital marketplace equipped with effective cryptocurrency-friendly e-commerce tools.
FUTURE PROJECTIONS In a fast-evolving industry such as fintech, early adoption of innovation is essential. That is the main focus of COSS. Our short-term strategy (2018 roadmap) in sum lists the following steps: ● upgrading the existing exchange ● enhancing the security of the system ● expanding the team ● being 100% compliant with government regulations ● continuously featuring tokens that will add value to the ecosystem ● expanding our network and customer base ● introducing FIAT deposits, withdrawals, and trading Cryptocurrencies have all of the prerequisites to becoming a viable extension for FIAT money over the internet, allowing millions of customers, including merchants, startups, businesses, charities, as well as unbanked individuals to gain access to the most technologically-advanced payment methods. For this reason, we at COSS focus on the entire eco-system around cryptocurrencies, a borderless digital economic system suitable for cryptocurrency users. In the long-term, the eco-system aims to eliminate the challenges faced by the online payment industry via: ● offering competitive payment solutions to technology-oriented businesses and startups in fintech and related industries ● providing all cryptocurrency-related needs in one place ● laying the foundation for a cryptocurrency-fueled marketplace The list of potential industries which can beneﬁt from using COSS is inﬁnite. Just like the internet, which is impossible to shut down, the COSS platform represents a ‘living’ project, or ‘a smart contract with no expiration date’ that can endure many technological and social changes driven and inspired by disruptive innovations.