In-depth interpretation of RWA DeFi protocol Tangible

Author: LLAMARISK

Compilation: Kxp, BlockBeats

overview

This report will investigate the risks posed by the USDR stablecoin issued by Tangible. The team submitted a proposal in March 2023 to add CRV incentives to the USDR/am3CRV pool on Polygon. The proposal successfully passed the DAO vote on March 30, 2023.

· Tangible is building an on-ramp and trading platform for Real World Assets (RWA). Physical objects such as gold bars, watches or real estate (RE) are tokenized (i.e. minted) into tangible NFTs (TNFTs).

· The protocol provides a market for issuing and trading TNFTs. The legal entity behind the project (Tangible Labs) facilitates real-world purchases and hosting of these items. It works with multiple service providers (vendors, hosting) in different jurisdictions. However, most of its operations are concentrated in the UK.

· In the case of real estate, Tangible creates SPVs to acquire and manage properties. These are legal entities established specifically for this purpose. They have listed over 14 properties in the UK.

· The protocol's Token TNGBL is used to incentivize the use of Tangible's products and provide income shares to those who lock the Token. In return, stakers will receive a so-called 3,3+ NFT representing their position. TNGBL is not currently a governance token (but may become a governance token).

· Tangible also issued a stablecoin - Real USD (USDR). It is anchored in USD and over-collateralized with RE TNFTs, DAI and TNGBL (its native token). USDR comes with intrinsic yield, generated by RE TNFTs, transferred to its holders through daily adjustments. Currently, the yield is about 8%, with an additional 10% subsidized through the TNGBL airdrop.

· Stablecoins are natively issued on Polygon and currently have 176 holders. USDR is not a trustless or decentralized stablecoin. It relies on the protocol's own RWA entry service and team management.

· Since it is backed by RWA collateral, USDR relies on a centralized process (RE entry) and real-world escrow. It also applies elements of a hybrid algorithmic stablecoin (automatic collateral management and TNGBL as collateral).

· There are some benefits to using RE as collateral, but there are also risks. While its yield and price stability are very attractive, its valuation and liquidation could be problematic. The current setup could also lead to a conflict of interest, as Tangible is the sole issuer of the collateral backing its stablecoin.

The project is quite ambitious, covering multiple aspects of DeFi and RWA tokenization to create a novel solution. However, on a technical level, it appears to be quite complex, introducing many centralized components and potential single points of failure. The protocol and its stability strategy have not been "battle-tested" and are entirely dependent on the founding team. Custody and management are still centralized on-chain and off-chain, the majority of backing collateral is illiquid (RWA) or endogenous (TNGBL), and the regulatory status of the product is unclear, Tangible therefore has a particularly high risks of.

Introduction

Tangible is a tokenized asset marketplace, stablecoin issuer, and import/export service for real-world assets (RWAs). Tangible's marketplace enables primary purchases and secondary transactions of tokenized physical objects such as wine, real estate, watches or gold bars. When purchasing an item on Tangible, the buyer will receive the product in the form of TNFT, a tangible NFT that is minted at the time of purchase. These TNFTs represent ownership of physical objects.

Physical objects can be obtained through one of Tangible's partner suppliers and stored in their storage facilities. Each product type requires a separate storage facility. Owners of TNFT need to pay storage fees. For example, the storage fee for gold bars is 1% per year.

At the time of redemption, Tangible works with logistics companies to ensure the safe transportation of physical objects. Shipping costs must be paid by the person redeeming TNFT and are calculated on a case-by-case basis.

In summary, Tangible allows the conversion of real-world assets into TNFTs, which can be redeemed for physical objects. Their documentation provides an overview of the process to explain how it works (see image below).

1. A user purchases an item on Tangible's marketplace. Smart contracts handle commodity prices and associated storage fees.

2. TNFT is minted and sent to the user's wallet.

3. At the same time, Tangible completes the purchase of physical goods through its partner suppliers.

4. Purchased items are shipped to Tangible's vault for storage.

In addition to minting new TNFT through the primary store, Tangible has also established a secondary market to facilitate the trading of existing TNFT. In this case, the buyer sends USDR in exchange for TNFT being transferred to their wallet. Tangible charges a market fee of 2.5% per trade. 33.3% of it is used to purchase and burn TNGBL, and the remaining 66.6% is allocated to TNGBL holders (3,3+ NFT holders).

However, secondary market sales can become a problem for sellers who need immediate access to liquidity. The current system requires users to wait for buyers to be willing to pay the price for the item. The team is working on a solution to enable faster liquidations (not live yet).

Product Category

There are four tokenized product categories on the platform, including gold, wine, watches and real estate. For each category, Tangible works with the following international suppliers:

For the transaction and storage of gold bars, Tangible uses the services of PX Precinox in Switzerland. For wine, they partnered with London-based Bordeaux Index, and for watches, they partnered with UK-based BQ Watches.

On the real estate side, Tangible has created native special purpose vehicles (SPVs). These are the legal entities set up for each property. SPVs manage properties by finding tenants, collecting rent, or managing maintenance. All properties are rented out, and rental income is paid to TNFT holders in USDC.

Each UK-based property has its own UK SPV. This is because real estate cannot be tokenized directly. However, legal entities can. Real estate TNFT holders have beneficial ownership of the SPV, which gives them beneficial ownership of ownership of that real estate. However, legal ownership of both remains with Tangible's legal entity, BTS TNFT Ltd, registered in the UK. Tangible also has an entity of the same name registered in the British Virgin Islands.

Fragmented TNFT

Tangible Fractions are fragments of a complete TNFT. This allows large-dollar items, such as real estate, to be divided into more affordable parts. In this way, multiple owners can share the risks and rewards of the investment. To create fragmented TNFTs, the full TNFT is locked into a smart contract vault and then split into several fragmented TNFTs. The original TNFT can only be redeemed by collecting all individual shards.

TNGBL Token

Tangible's Token TNGBL has three main functions: as a reward Token (incentives to use the market and subsidize USDR earnings), with a sharing mechanism (incentives to lock TNGBL), and finally, as a support for USDR (that is, it can be used to mint USDR). As of now, it does not have any governance rights.

The maximum supply of TNGBL is limited to 33M. The initial distribution plan promises a majority distribution to the DAO and the community (70.8%). The rest is mostly reserved for the team, investors, advisors, and Tangible Labs. Another 1.25% will be sold via PeakDeFi's IDO in April 2022. However, there is no distribution schedule or any information on how "DAO shares" will enter circulation.

Although the official cap is 33M, it is theoretically possible to mint more TNGBL. The evaluation of the Token contract by GoPlusLabs shows that:

Change the balance - the contract owner has the right to modify the Token balance of other addresses, which may lead to asset loss.

· Minting function - the contract may contain additional issuance functions that can generate more Tokens.

· Unknown identity of owner - Token uses role-based access control, and it may be difficult to track the transfer of various roles.

As mentioned above, TNGBL holders can obtain a share of platform revenue by locking their Token. The longer the lockup period, the higher the reward multiplier. Multiplier rewards earn stakers additional TNGBL. When locking TNGBL, users receive a so-called 3,3+ NFT representing the locked position, with a maximum lock-up period of four years. However, unlike other mature veTokenomic designs, Tangible's 3,3+ NFT does not grant the locker any governance rights or influence over the reward meter.

Tangible has also built a marketplace for 3,3+ NFTs, allowing users to exit early without unlocking TNGBL. 33.3% of market fees are used to buy back and burn TNGBL. The remaining 66.6% can be claimed by 3,3+ NFT holders. Rewards are issued in USDR, depending on the amount of TNGBL locked and a multiplier. 3,3+ NFTs are also issued as rewards for early users of the platform. For example, by purchasing gold bars and minting a golden TNFT, users can get one 3,3+ NFT as a reward. This incentive is no longer in effect.

As of this writing, 99% of the TNGBL supply is held by Polygon's top five addresses. The largest holder is the PassiveIncomeNFT contract. It holds 81.7% of all TNGBLs. This means that the vast majority of circulating supply is locked in 3,3+ NFTs. There are currently 7,401 addresses holding these 3,3+ Passive Income (PI) NFTs. The largest of these is the Tangible:Deployer EOA with 10%. Because this address minted and distributed NFT to IDO participants.

Real USD（USDR）

USDR is a native redirectable, yield-generating, over-collateralized stablecoin pegged to the U.S. dollar. USDR is issued on Polygon and currently has 186 holders. The stable currency issued by Tangible is supported by a combination of ERC-20 Token, LP Token and tokenized real estate TNFT. Using real estate TNFTs as collateral enables two novel properties:

1. Intrinsic Yield – According to Tangible, their properties have a rental yield of 8% to 10% per annum. This reward is paid out to USDR holders in the form of daily rebalancing (ie the amount of USDR in the wallet is automatically increased). In order to increase the yield of early users, Tangible is currently funding USDR through daily airdrops of TNGBL, thereby increasing the yield by about 10%.

2. Exposure to new asset classes - Stablecoins are often backed by highly volatile Crypto assets or other stablecoins. Real estate, on the other hand, has relatively low volatility and a long track record of consistent appreciation. In other words, the value of the collateral backing USDR should grow steadily.

The downside of these TNFTs is the relative illiquidity associated with the real estate market. Unlike currency or securities, real estate cannot be sold in minutes. Plus, real estate can still depreciate in value. Therefore, a good liquidation mechanism is required, and precautionary measures are taken to keep USDR over-collateralized. Tangible has a few ways to keep Collateral Ratio (CR) above 100%:

· If USDR's CR drops below 100%, half of the rental income will be kept in the USDR collateral vault. Therefore, daily rebalancing will be reduced by 50%. In other words, USDR holders will earn less interest until CR returns to 100%.

· USDR-backed vaults always hold a diverse portfolio of liquid assets for fast liquidation (e.g. DAI, protocol-owned liquidity, and TNGBL).

· If all DAI and other reserves are depleted, real estate TNFTs will be liquidated. In this case, users will receive pDAI instead of real DAI. pDAI is an IOU Token that represents a claim on real DAI and can be cashed out once liquidation is performed.

· The benefit of RE yield is that it is less correlated with the price volatility of the asset. Even if property values fall, rents will not change in the short to medium term.

Minting USDR

USDR can be minted with TNGBL or DAI at a 1:1 ratio. To access the minting functionality, users can visit Tangible's website. The USDR contract is deployed on Polygon and is based on the Open Zeppelin smart contract.

When USDR is minted, DAI or TNGBL is sent to the USDRTreasury vault as collateral backing the USDR. However, there is a limit to the amount of USDR that can be minted using TNGBL. According to the docs, this cannot exceed 10% of the total USDR volume minted, minus the USDR volume redeemed. This reduces the risks associated with TNGBL volatility and prevents potential death spiral events.

Tangible also plans to mint USDR from system earnings. This happens when the assets in the USDR vault exceed the 100% collateralization rate. In this case, the system uses the proceeds to buy more real estate TNFT by minting new USDR. For example, if the price of TNGBL increases, new USDR is minted against this appreciation and used to purchase TNFT. This facilitates the transfer of collateral from TNGBL to the yield-generating real estate.

The team has also expressed interest in fully automating the process in the future. While the process demonstrated a willingness to maximize capital efficiency, the team left a collateral buffer to mitigate risk (more on that later).

Redeem USDR

USDR can be exchanged for DAI 1:1 at any time. Using the redeem feature will incur a 0.25% fee. According to Tangible, this fee is configurable and will be slightly higher than Curve's fee, thus encouraging swaps rather than redemptions.

If all the DAI in the vault is redeemed, users wishing to redeem USDR will receive pDAI (Promised DAI) - a synthetic IOU token representing a claim on real DAI. The vault will then begin the liquidation process for its TNFT. Users will be able to swap pDAI 1:1 for DAI once real estate TNFTs are sold for more DAI.

After all real estate is liquidated, users can eventually redeem TNGBL. As a precaution against 100% redemption requirements, there is an insurance fund comprised of diversified vaults ensuring that 1 USDR is always redeemable for 1 USD worth of DAI.

Tangible also plans to leverage protocol-owned liquidity (POL). The protocol currently owns the majority of the Curve metapool (USDR-am3CRV). Therefore, setting a redemption fee higher than the Curve swap fee makes sense, as this incentivizes users to use the Curve metapool to swap USDR instead of emptying their vaults.

In general, the amount of USDR redeemable is limited by the amount of DAI in its treasury (and indirectly by the amount of other stablecoins in the Curve pool). However, this only applies to instant redemptions. Users who are willing to wait can rely on the TNFT liquidation mechanism to obtain pDAI instead of DAI.

USDR Collateral Structure

As mentioned above, USDR is backed by different types of collateral. There are currently five classes, each with a flexible share structure.

According to their documentation, the collateral structure looks like this:

The actual collateral structure is currently far from the above goals.

The diagram below shows the current collateral structure. The real estate share is only 43.24%, this segment needs more growth to reach 50-80%. TNGBL, on the other hand, has a share of more than 15%, which is a difference of 5% from the proposed allocation. According to the team, this is due to the recent price appreciation of TNGBL.

[Note: Shares reported in graph correspond to outstanding USDR ($21.1M). Compared to the overall collateral price ($24.1M), real estate accounts for only 37.8%].

The support system can be verified at the following address:

· USDRTreasury - Contains DAI, TNGBL, RE NFT and USDR. USDR is minted against earnings and temporarily stored until new real estate is listed on the market. Then convert it into real estate.

· LiquidityManager - Convex stake containing cvxUSDR3CRV-f, USDR / am3CRV Curve LPs.

Insurance Fund-Polygon - Insurance Fund on Polygon

Insurance Fund-Optimism - Insurance Fund on Optimism

Insurance Fund-Ethereum - Insurance Fund on Ethereum

Most of the insurance funds are stored on Polygon. Assets include USDC20/TNGBL80 balancer LP, locked USDC/TETU LP, locked CVX, USDC, locked VELO and OP. Although the insurance fund is designed to protect users from TNGBL's death spiral (i.e. ensure users are fully compensated in the event of 100% redemption demand), almost half of the value of the insurance fund comes from TNGBL. ~$420,000 of value is locked assets and only ~$27,000 is liquid and external (not exposed to TNGBL).

It is worth noting that the protocol owns a considerable percentage of liquidity. Having liquidity on the protocol has benefits in increasing liquidity, creating an income stream for treasuries, and providing another avenue (besides redemption) to exchange USDR. However, it is recommended to differentiate protocol-owned liquidity from user-minted collateral (such as DAI or TNFT). USDR minted through an automated POL strategy is more akin to available reserves than circulating supply. Reserves rely on LPs in curve pools to fund counterparty assets, and over-reliance on POL strategies indicates low organic demand for core products. Tangible currently owns ~42% of the Curve pool, indicating relatively low organic demand to provide liquidity (although the new Curve meter is likely to attract more external LPs).

Tokenized real estate as collateral

Real estate is the main collateral type for USDR. As mentioned before, there are several advantages to using real estate. It inherently carries yield, has low price volatility, yields that are independent of price, and has a strong history of appreciation.

Tangible plans to use real estate as the main collateral, and 80% of USDR will be backed by real estate. This raises some key questions:

· How to define the real value of real estate (market price)?

· What method is used to value real estate?

· Is 100% CR the best parameter for USDR considering the risk of using real estate as the main collateral?

· Should USDR have a built-in risk management and liquidation system?

· How credible is the inflow and liquidation process of the property?

· How does the regulatory situation affect Tokenized real estate?

This article cannot answer all of these questions. However, there are clearly certain disadvantages to using real estate as collateral. First, it complicates the calculation of collateral value. Determining the true value of these properties is not an easy task. Some websites offer services for estimating market prices. For example, zoopla.co.uk is one of them. Tangible recommends using hometrack.com to find rates. However, these are only estimates as the true price can only be determined once the property is sold.

The second hurdle is verifying that TNFT represents the committed SPV and that the SPV owns the property. Minting TNFT is not important without actually buying a house. Therefore, Tangible provides access to all official documents of each property (example property).

Tangible implemented a fingerprint oracle scheme to price its RWAs TNFT. The fingerprint oracle uses a unique ID assigned to each product (product_id = string representing a unique item). This way, Tangible can map each item to the market price offered by its suppliers. Before casting TNFT, assign a fingerprint to the product, and map the Token ID to the fingerprint after casting. This solution was chosen because it fits within the limited block size of the Polygon sidechain.

The team claims to be working with Chainlink and third-party auditors to integrate Proof of Reserve (independent verification of property ownership and proper documentation to support NFTs) and price feeds from hometrack.com (later expanded to aggregation of pricing data providers). The team believes the integration will be complete by mid-May.

Currently, Tangible is trusted to estimate the value of collateral. While Tangible has expressed interest in bringing independent third parties into the mix and reducing its central reliance on the team, that remains to be seen.

Proof of Ownership and Purchase - Examples

Tangible provides a list of 14 properties that support USDR. Let's look at an example of an apartment in Gillingham (see image below). This is one of the properties backing USDR. All related files are accessible via Dropbox file sharing.

According to listings on the website and on-chain records, the corresponding TNFT is owned by the USDR Treasury. This item is listed on Polygon. It can be identified by its ID number (340282366920938463463374607431768211474).

However, this is only part of completing the on-chain proof that the USDR treasury owns the corresponding TNFT. Tangible also attached eight documents for proof of purchase, including an appraisal report certifying that the apartment has a market value of £470,000 (approximately $580,000). In addition, there is an agreement of sale providing the agreed sale price, a statement of completion confirming the purchase of the property for £413,000 (including stamp duty and other charges), a property management agreement (PMA) and an insurance policy.

In addition, the document sharing includes a certificate of incorporation for the establishment of a SPV named TNFT PROP 12 LTD. This can also be confirmed by checking the UK's official Companies Register. A transfer document confirms that the Chatham Waters property in Gillingham has been transferred to the respective LTD (SPV).

Apparently, according to the legal documents provided by Tangible for each property listed on the RE section of the platform, the SPV established in the UK by Tangible's subsidiary has executed the sale and purchase agreement. Consistent with Tangible's business model and LO representations, each SPV is expected to acquire and own legal and actual title to the property.

Assuming all documents are correct, this completes the proof of ownership. According to Tangible's documentation, legal ownership remains with Token issuer Tangible. However, the actual ownership belongs to the Token holder. This setup is similar to Circle's USDC.

In summary, the process of verifying real estate prices and ownership is rather cumbersome and not scalable. Users of Tangible or USDR must trust the project or go through the verification process for each TNFT backing USDR. The process needs to be improved and better ways to increase transparency need to be found. Tangible mentioned partnering with Chainlink to provide market prices for its properties directly from independent sources. However, this has not been implemented and raises other issues (discussed in more detail in the next section).

Risk vector

Smart Contract Risk

The protocol has deployed more than 60 unique smart contracts (List1 and List2), with cross-chain implementations and many important off-chain components. Smart contracts related to USDR have passed CyberScope audits in three stages:

1. Preliminary Audit (November 24, 2022)

2. Amendment Phase 1 (December 15, 2022)

3. Amendment Phase 2 (January 17, 2023)

[Side note: CyberScope's audit report incorrectly puts the release date as January 2022 instead of 2023. The team has been notified and acknowledged the error]

The audit did not identify any major vulnerabilities or high-risk issues. A total of 19 problems were found (2 moderate, 17 minor and 0 critical). However, it makes several suggestions to improve the code or architecture. Here are some examples:

1. Administrator Configuration - Many contracts rely on administrator configuration, e.g. for fund allocation (e.g. bond schemes, affiliate and incentive functions) and direct state manipulation. In other words, the protocol relies on human interaction with its contracts. Tangible: Deployer EOA can set a privileged role within the system, which has the ability to affect user funds.

2. Decimal structure - the contract does not have a decimal specification mechanism. This resulted in excessive decimal specifications within contracts, created unnecessary dependencies between contracts, and hardcoded values that could change. An example from the audit looks like this:

3. Contract role architecture - each contract contains its own access layer. The contract uses several roles, such as BURNER, MINTER, CONTROLLER, TRACKER, ROUTER_POLICY, etc. DEFAULT_ADMIN_ROLE controls some of the most critical functions and has granted Tangible DAO 4-of-5 multi-signature.

Auditors pointed to possible conflicts between admin roles and general architecture (addresses, contracts). They recommend using multi-signature wallets as an extra layer of security.

Building on the previous point, there is a general concern about access rights. Our research found that nearly every contract has some form of administrator access, and therefore, none of these contracts are immutable. Although most contracts use multisig, this also opens up potential attack vectors due to the large number of contracts. Especially the deployment account (Deployer EOA) of Tangible has huge power in the system. It is DEFAULT_ADMIN_ROLE, which can set the role for any address. While teams often transfer admin control to 4-of-5 multisig, it is important to note that the new admin must remove the Deployer's admin role from each deployed contract. This manual process increases the risk of human error which may compromise the safety of user funds.

Overall, the audit did not reveal any serious issues. However, despite the audit findings, the current setup needs to be treated with caution. None of Tangible's 60+ contracts are immutable, and many rely on manual interaction (admin roles). These roles are difficult to track and are not implemented in a uniform way. The number of contracts and the current setup add additional complexity, essentially opening up unnecessary risk vectors and being prone to human error. Additionally, these contracts are vulnerable to compromised access rights. These issues are exacerbated by the project’s absence of decentralized components (such as a governance module) and lack of a bug bounty program.

On-chain custody risk

As mentioned above, the Tangible platform and USDR smart contracts involve a role-based access control system owned by a handful of multi-signature wallets (granted by the Deployer EOA). Therefore, the escrow risk is in the hands of Tangible:Deployer and these signers. They basically control the entire project, making it a fully centralized project.

Looking at the signers of the most relevant wallets, all wallets contain the same three EOAs. A summary of all signers is listed below:

· Tangible Labs multi-signature (2-of-3). This wallet controls the USDR collateral vault and the minting of all TNFT (including real estate):

• Signer 1 (460 days - high activity; ENS token -> tangiblelabs.eth)

• Signer 2 (558 days - medium activity)

• Signer 3 (428 days - low activity)

Tangible DAO multi-signature (4-of-5) This wallet has administrative rights in most system contracts:

• Signer 1 (460 days - high activity; ENS token -> tangiblelabs.eth)

• Signer 2 (558 days - medium activity)

• Signer 3 (428 days - low activity)

• Signer 4 (306 days - no activity)

• Signer 5 (306 days - no activity)

USDR treasury manager multi-signature (2-of-5). The wallet manages assets in USDRTreasury:

• Same five signers as above wallet (Tangible DAO Msg)

The first three signers are the same in all three wallets. The other two signers who completed the 4-of-5 and 2-of-5 multisigs had no activity, suggesting that all multisigs are likely controlled by three addresses.

Another example is a marketplace fee allocator. This contract is used to distribute 66.6% of the fees and exchange the remaining 33.3% on Uniswap to buy and burn TNGBL. The contract is controlled by a single EOA. Same for 3,3+ NFTs: Tangible: Deployer controls 78% of them. Also, the bribery manager is the same EOA on all chains.

In other words, there is a high trust factor in all assets hosted by Tangible's smart contracts. One person controls a sizable amount of money flow in the system, which is supposed to be an automatable/callable public function. Collateral in USDR vaults is also accessible by Tangible Labs multi-signature wallets, as are almost all smart contracts. We concluded that the current hosting setup is highly risky, highly trustworthy and prone to errors.

Off-chain (RWA) custody risk

As previously stated, using real estate as stablecoin collateral has some advantages, but also some risks. The main risks are as follows:

Off-Chain Custody - Placing real estate as collateral requires trust in escrow legal title within the SPV, the SPV and blockchain equivalent being controlled by Tangible Custody LTD.

Legality and Regulatory Compliance – Given the lack of regulatory guidance, it is unclear whether the current setup is compliant with regulatory requirements. This can apply to most Crypto projects, but this case is even more important because it has real-world implications, including tenants and local communities.

· Conflict of interest - the same company that issues the USDR stablecoin and simultaneously controls the import and export of RWA that supports the stablecoin may lead to a conflict of interest. It also adds a single point of failure and raises scalability issues.

· Real Estate Appraisals – Assessing the mortgage value of REs is a complex process. Support from sites like Hometrack or Zoopla is a good start, but these are only estimates. They cannot predict liquidation value. Furthermore, Hometrack is paid to use and therefore has limited accessibility (£20 per appraisal). Zoopla, on the other hand, is free to use.

Oracle risk

The risks associated with the first two points become apparent when looking at an example. Using the same properties as in the previous section, Zoopla estimates prices in the range of £370k-390k ($457k-$482k). This is a valuation for a property similar to the Gillingham apartment above. In comparison, Tangible values the Gillingham property at $529k. A difference of 9-15%. This allows for more USDR to be issued that were not fully backed in the stress test. According to the team, their valuation also includes other funds held in the RE reserve (e.g. 5% maintenance fee, 2% vacancy fee, 2% management fee, etc.). Nonetheless, this example highlights the conflict of interest that arises when the same protocol issues a stablecoin and the collateral backing it. Naturally, Tangible would have an incentive to overestimate.

Additionally, there is a TNGBL price feed that limits the amount of USDR that can be minted from TNGBL. The USDRExchanger contract enforces the USD value of TNGBL that can be deposited by querying the TNGBLPriceOracle. The TNGBL price oracle is updated via multi-signature transactions, using the TNGBL/DAI pool on UniV3 as a secondary price feed that is only accepted when it is below the team's primary value. This prevents market manipulation by setting a cap on the TNGBL price at settlement, but further highlights the system's reliance on active management by the Tangible team.

In summary, Tangible uses a custom Oracle solution. This enables them to know the price of the goods they trade. Some details are also provided in the Curve Gauge Proposal: "We currently have our own real estate oracle, but we are working with Chainlink to integrate it, and then we can reflect the real property valuation of the third party Hometrack.com on the real-time chain, so that the library value And the collateralization ratio is up to date, which also allows us to make profits and mint in time.”

Working with Chainlink and independent auditors would be a major improvement. This would dispel concerns about Tangible's conflict of interest. However, using only Hometrack as the sole price authority shifts the question of reliability to another single entity. While this is certainly an improvement, it does not guarantee that the oracle quotes a reliable liquidation price.

Regulatory Risk

Real estate NFTs may be classified as securities tokens and may need to be registered with the UK Financial Conduct Authority (FCA). In the absence of clear regulatory guidelines, the official legal opinion (LO) on the business model will serve as proof of tokenization compliance. We have requested access to the LO statement from the team and they have shared this file with us. The document was audited by Llama Risk Legal Counsel, following its regulations and confirmed by Tangible, we were assured that its operations were exempt from FCA registration.

As regulatory clarity remains a challenge for projects offering actual property-backed securities such as real estate NFTs, ensuring access to quality legal guidance is critical. The Tangible team is currently seeking legal advice on a weekly basis and said they will have an in-house legal and compliance team starting in June.

Users should note that under the Tangible Terms of Service, TNFT Ltd excludes the company's liability for damages and limits the amount in contract, tort, misrepresentation or restitution to £1,000.

Llama Risk’s legal counsel believes that since Tangible acts as a bridge between RWA and on-chain transactions when digitizing real estate and selling it to retail investors, an honest and trustworthy merchant should ensure an adequate level of customer protection. The terms of service here provide a minimum protection.

Risk of decoupling

USDR has been relatively stable since its inception. The only unanchoring worth mentioning happens on the weekend of March 11/12, 2023. The same weekend that USDC lost its peg. USDR is partially backed by DAI (~25%), while DAI itself is mostly backed by USDC (~63%). Tangible described the event in its measurement proposal. “On Saturday morning UTC, the DAI reserve was down because people started panicking. We expected people to start redeeming pDAI, and on Monday morning UTC, we would need to create DAI for those who wanted to exit their positions quickly- A liquidity pool for pDAI. However, this is not required as we restored the peg without requiring the protocol to issue pDAI. However, this risk still exists and is backed by tokenized real estate single greatest shortcoming.”

However, regarding the stability of USDR, the price mostly revolves around the $1 standard. It also quickly recovered from its break from anchorage in mid-March (see chart below).

The following stabilization mechanisms are used to keep USDR pegged:

First, to prevent unpegging, USDR can be exchanged for the DAI that backs it. Currently, about 25% of collateral is denominated in DAI.

· Secondly, USDR is supported by the liquidity owned by the protocol, which is composed of USDR Curve pool. The combination of the two measures provides a certain amount of liquidity for trading or exchanging USDR.

· Tangible then set up an insurance fund. As of this writing, the insurance fund totals approximately $1,100,000 (9.2% of USDR collateral). However, Polygon-based multi-signature mainly contains 20/80 USDC/TNGBL LP Token. In other words, the insurance fund consists mainly of more TNGBLs.

· As mentioned earlier, Tangible also plans to implement pDAI (i.e. Promised Dai). In the case of a bank run, where Tangible has to sell its RE TNFTs in order for USDR holders to be compensated, pDAI is required. In this case, pDAI can be redeemed instead of DAI. Once enough real estate is liquidated, pDAI holders can exchange it for real DAI.

TNGBL as collateral

Tangible aims to make up 5-10% of the collateral backed by its own TNGBL Token, which can be minted into $1 worth of TNGBL. This makes USDR a partial algorithmic stablecoin and raises concerns about its reliability in adverse market conditions. While Tangible has limited the amount of USDR that can be minted from TNGBL, it now accounts for 14% of total support.

Worrying and potentially unsustainable strategies can emerge using some endogenous collateral types. For example, bribing managers to make regular deposits into TNGBL to mint USDR for their incentive programs. This gave Tangible akin to minting unsecured stablecoins, which prompted urgent action against Mochi's USDM. Tangible may mint USDR through TNGBL and convert it to DAI or sell it to its Curve pool to obtain USDC/USDT/DAI. The team recently started offering incentives for its USDR/am3CRV pool on Warden Quest, totaling $225,000 in deposits. Most of the funds come from Binance wallets, some from liquidity from TNGBL -> USDR -> DAI (Curve pool).

Analysis of TNGBL's deposits in USDRTreasury shows that most of the USDR minting comes from team deposits, mainly from their bribery wallets (used to motivate bribes to increase USDR liquidity) and government wallets (purchasing government Tokens, including CVX and VELO to increase incentives for the USDR pool). The vault transfers shown below include the majority of deposits from these two team wallets. In total, 1,023,854 (>92%) of the 1,106,514 TNGBL in the vault contract were confirmed as team deposits.

This strategy allows Tangible to aggressively expand by providing incentives for the USDR/am3CRV pool (and other liquidity venues), but only if the price of TNGBL remains stable. If the price of TNGBL drops significantly, USDR may become undercollateralized. As mentioned in the previous sections, TNGBL is the last treasury asset that can be redeemed, and cannot be redeemed until all DAI and RE have been redeemed. The insurance fund consists primarily of USDC/TNGBL Balancer pools, but in emergency situations this will mostly be ineffective. TNGBL poses a significant risk to USDR's solvency.

wUSDR

USDR can be used on different blockchains, which also needs to take exchange rate stability into consideration. To use its stablecoin outside of Polygon, Tangible created wrapped USDR (wUSDR).

Real USD can be wrapped into wUSDR through Tangible's website. The packaging process is done on Polygon. It can then be transferred to BSC, Optimism, Ethereum, and Arbitrum using Multichain's routers. wUSDR holders can then provide liquidity and farm on different DEXs and yield aggregators in these ecosystems. Examples include Beefy and Velodrome on Optimism, Thena on BSC, and Balancer and Aura on Ethereum. There are currently no farms available on Arbitrum.

In order to be compatible with Multichain's router as a "cross-chain asset", wUSDR has implemented Multichain's extended smart contract Anyswapv6ERC20.sol. This creates a better user experience when transferring wUSDR to the aforementioned chain. However, as highlighted in our previous report on Multichain, this delegates wUSDR's minting and burning functions to Multichain's MPC control. Therefore, this adds an additional element of dependency and risk to USDR and wUSDR.

Also, there is a big difference between wUSDR and USDR. The encapsulated version of this token will not undergo a rebase operation, but the price will increase when the rent distribution occurs. Therefore, there is a price difference between wUSDR and USDR (see chart below).

Due to rising prices, these liquidity pools are not "pure stable pools" and cannot be considered contributions that meaningfully facilitate the USDR peg mechanism. Instead, this adds complexity to an already rather complex project. It is worth pointing out that wUSDR Token holders are highly concentrated. On all chains other than Polygon, almost all wUSDR Tokens are stored in the above-mentioned DEXs (see the figure below).

In summary, Tangible has established several mechanisms to support USDR pegs. They conceived a promising method (pDAI) to ensure that USDR holders can redeem USDR for equivalent items at any time. However, most measures are still new and not battle-tested, and some are fully centralized (e.g. estate liquidation). Especially in the event of a bank run, it is questionable whether USDR will be able to maintain its peg. Additionally, the project introduces multiple dimensions of additional complexity and potential weaknesses through its wUSDR Token and multi-chain integration. These factors are not conducive to the security of USDR exchange rate stability. Nonetheless, USDR has proven to be fairly stable so far (since October 2022) and has successfully weathered its first depeg.

Llama Risk Assessment Criteria

1. Is it possible for a single entity to deceive its users?

Yes, it is possible for Tangible to neglect asset liquidation or default on redemption obligations. It also acts as an oracle for pricing RWA itself. Funds for most protocols, including their treasuries, insurance funds, and collateral escrowed by smart contracts, are accessible through team-controlled multisigs. Also, there is no time lock.

The team is publicly identified and has experience building Web3 startups, which adds some credibility. However, high system complexity and centralized access control can cause concerns.

2. Can the project continue if the team disappears?

No, the team controls all contracts, assets, and governance of all RWAs. If the team disappears, the DAO cannot exercise its RWA liquidation rights. Additionally, no one can update contracts, assign fees, or access any other assets held in the vault. Therefore, it is very unlikely that Tangible-custodial real estate, or any other RWA, will be accessed by anyone outside the team.

The team mentioned a plan to work with other RE issuers to reduce their reliance on their own LLC. That remains to be seen.

3. Does the protocol rely on CRV or other incentives to maintain its peg?

USDR has a market capitalization of $11.5 million after the Curve standard. USDR has also been relatively stable. The unlocking only happened during the USDC unlocking period, while most stablecoins have some issues over the course of a weekend. USDR quickly recovered and remained stable.

However, USDR relies on POL in the Curve pool to provide sufficient liquidity and minimize redemptions directly through the protocol. This could create a reliance on Curve pool incentives to avoid a liquidity crisis, which could become a crutch for the system when it is at risk of bankruptcy.

4. Did the audit reveal any signs of concern?

No, the first audit did not reveal any serious issues. However, there has been only one audit to date. The second audit is in progress and this report is being written. It's worth noting that there is currently no active bounty program, and Tangible is generally a young project.

There are some architectural inconsistencies and too much manual, privileged functionality. Right now, Tangible is more of a company than a protocol, with the possibility of human error or poor system administration. Given the complexity of the system, a single audit and lack of a bug bounty program is not enough to provide strong security.

in conclusion

Tangible is a very ambitious, fast-growing project. It introduces novel RWA use cases and an innovative stablecoin with built-in yield and rebalancing mechanisms. The concept of RWA transactions and real estate collateral is novel and well thought out. However, there is a conflict of interest in the degree of centralized control the team has, as the team is both the RE TNFT issuer and the custodian of the underlying assets. Also, the actual implementation of the project leaves a lot of room for improvement. Tangible prioritizes growth and the rapid introduction of new features over decentralization and sustainability of existing infrastructure.

The entire setup of smart contract access control, RWA custody, governance and collateral structure is insufficient for security and requires complete trust in the entities behind the platform. Furthermore, it is very complex on both technical and conceptual levels, requiring improved transparency of the project (e.g. ownership and custody of RWA, pricing of RWA, cross-chain wUSDR implementation, roadmap, access rights, admin roles and hidden owners, etc. wait).

While we applaud the project's ambition, we feel it relies too much on the core team. Users are fully dependent on the honest and responsible management of the team. To meet the requirements of the Curve rules, Tangible should implement plans to move its RWA price oracles and proofs of reserves to independent auditors and oracle providers. TNGBL should also be removed as a collateral asset because it increases the risk of USDR. Until these changes happen, we don't think Curve should incentivize the USDR/am3CRV pool.