table of contents - vera cruz coin · ruby on rails has a built-in xss protection mechanism which...
TRANSCRIPT
1
2
TABLE OF CONTENTS
COMPANY OVERVIEW 3
VERA CRUZ COIN (VCCO) 6
VERAEX EXCHANGE PLATFORM 10
VERA PAY 22
TOKENOMICS 23
ROADMAP 24
SOCIAL RESPONSIBILITY PROJECT 25
3
COMPANY OVERVIEW The Vera Cruz Group
Mainly focused on assets and e-commodities, Vera Cruz Group is a
leading company in the international Private Equity Market. In order to
handle investors’ shares and be a leader in the Equity market, Vera Cruz
Group is always ready to provide the best solutions to its investors, with a
profound sense of commitment imbued by its team of experts.
We develop world-class capabilities and solutions aimed at providing to
provide answers for each one of the key-decision points.
For over 10 years, Vera Cruz has been helping our clients achieve their
strategic and financial goals. Since 2010, we have invested more than 1
billion euros in share capital, assisting our partners to build and leverage
their businesses.
Our global portfolio also includes Assets Under Management. We now
want to take it a step further by entering the digital world of blockchain
technology through an ICO Launch.
The development of Vera Cruz Coin (VCCO) and our exchange platform
are two of our most ambitious projects so far. We have therefore set a
goal to innovate and facilitate payments worldwide, and we see VCCO as
the best way of achieving it.
4
International Presence
With its Headquarters based in Hong Kong, Vera Cruz Group is also
present around the world with offices in the United States, Portugal,
Brazil, Republic of Panama and the United Arab Emirates, Singapore.
- MAP OF THE WORLD AND VERA CRUZ OFFICES
Value Matters
Vera Cruz Group has established an international and global reputation
through its long-term relationships and lasting values based on its vision,
integrity, and innovation of business.
Since the beginning, we have held the firm conviction that there is a
different way of establishing values.
Our commitment of creating a lasting impact means that we have the
desire to work in a unique way and unearth the fundamentals that drive
businesses and markets over the long-term.
5
INFOGRAPHIC OF VALUESBy implanting and implementing our values, we can impact and expand
our team, business, and the communities we belong to. Below is a list of
values that we ensure to incorporate into our goals:
Results - We are driven by results and define our investment strategies
to maximize the results of our funds. We believe that by following such
an approach, the process will be fast and more efficient, thus helping
in defining goals and methods in a better way by being decisive and by
prioritizing the tasks which will, in turn, save time and effort. Furthermore,
having a contingency at hand means that we can deal with adversity and
change requirements more efficiently. Having an alternative is relatively
cheap and can actually be used as an option whenever needed.
Integrity - This is one of the fundamental principles that help in
strengthening relationships with investors. It includes meeting the quality
commitments we aim for and having a strong and consistent moral
code. Trust is another factor pivotal in integrity. In order to build trust,
personalizing the company is a necessary requirement. Hence, we make
sure that our relationship with investors is based on character, strength,
and ability.
Determination - Only with the determination to face obstacles firmly
and objectively can we persevere and thrive in the competitive world of
today. Determination will ensure that we stay ahead of our competition
as well.
Social Responsibility -We are committed in helping develop the
economy and also help people through other initiatives.
Experience - By experience, we understand that long-time expertise
and deep knowledge gives us the knowledge to come up with the best
solutions.
6
VERA CRUZ COIN (VCCO)Vera Cruz Coin (VCCO) is an innovative cryptocurrency that unites fast
and safety payments of both parties, optimizing companies’ financial
transactions.
Factors like security, transaction speed and high fees charged by the
banks as well as payment service providers have been a problem of the
financial world for a long time. Moreover, the need for a third-party to
mediate any type of transaction makes it expensive, bureaucratic and
brings no advantages to the customers or the business in itself.
With VCCO, transferring money worldwide within minutes and at low
cost is going to be a reality. We have been establishing numerous deals
with ecommerce and retail stores with our cryptocurrency, and thus
transactions will be more of a hassle-free process.
In fact, VCCO is a decentralized payment system that deviates from the
conventional approach of processing and clearing transactions through
Central Banks. This feature allows for direct transactions between parties,
thus optimizing the entire process.
As a payment coin, VCCO will be accepted in e-commerce as well as in
physical retail stores all around the world. Our coin will help in getting rid
of the problems that merchants face in their day-to-day trading activities
and credit or debit card payments. These issues affect them in a variety
of ways:
▶ Payment of high fees for the payment service provider.
▶ Long waiting time until credits are given by the payment
providers, thus punishing the earnings.
7
▶ Occasional loss of internet signals in the credit card payment
devices.
All of these problems are solved with the VCCO decentralized currency
platform using blockchain technology. In fact, VCCO will become a long-
term store of value and the projection of our digital assets is highly likely
to grow fast with the digital crypto ascension. Therefore, coin holders will
be able to profit with its success.
INFOGRAPHIC WITH VCCO BENEFITS
Low transaction
fees and taxes
Referral programs giving
reward points through wallets
Fast and secure
transactions
Online shopping
with affiliated stores
8
VCCO Technology
Blockchain technology has been present in the digital world for years.
However, traditional businesses are only now discovering the working
possibilities of the system. The technology is capable of not only
improving but also disrupting the way we can do all types of information
exchange.
This tamper-proof ledger works in a decentralized way, meaning that a
third-party that enables or approves a transaction does not exist. Instead
of it, several nodes spread all around the world verify and make sure that
the sharing of information between two parties is authentic.
Blockchain technology has proved to be the most secure way to do any
type of information exchange, from data to currencies. Vera Cruz believes
that this technology is the future and that is why we want to step in.
Proof of Work (Pow) - The based-consensus mechanism of blockchain is
the key for the decentralized system to approve transactions without the
need for any third-party.
For example, in order to store or share any data, the nodes distributed in a
network of computers all around the world have to find the right solution
to a very complicated mathematic problem.
Once one of the nodes find the answer, all the other ones play the part of
‘witness and judges’ to verify authenticate it. Upon reaching a consensus,
a new block is created for the chain and it cannot be modified.
Transparency - When working as a distributed ledger, the blockchain
network allows all participants to share the same documentation, making
them witnesses and validators of all the information shared.
9
This form of cooperative validation is called consensus and a transaction
can only be accepted when all the nodes in the chain agree on it. Seeing
as the records are public, anyone can check the veracity of the action,
thus ensuring more transparency.
Enhanced Security - In addition to the need for agreement from all parts to
record any type of data, every transaction in the blockchain is encrypted
and linked to the previous block of transactions.
This essentially means that all the information stored in the blockchain
network of computers is linked to each other and that in order to tamper
with any data, it would be necessary to change all the previous blocks.
This makes it very difficult to forge and compromise transactions data,
and therefore an invasion by a hacker is highly unlikely.
Reduced costs and speed increase - Without the need for third-party
mediation, the processes in the blockchain are automated. This aspect
also helps in reducing the need for manual intervention and is not prone
to human error.
The trustworthy network also enables less documentation reviewing to
complete trades as all data is stored in an immutable version to which
everyone can have access to. This increases transaction speed process
and makes it more efficient.
10
VERAEX EXCHANGE PLATFORMSimply put, an exchange platform is a trading software where investors
are able to place trades for different crypto currencies using fiat or digital
currency.
Vera Cruz Group has developed a centralized and groundbreaking
exchange platform that will provide the best advantages for coin holders.
As VERAEX was created to make transactions easier, our platform will
accept both types of currency. In a first stage, VERAEX will allow trading
between 6 types of cryptocurrencies for trading as well:
▶ Vera Cruz Coin (VCCO)
▶ Bitcoin (BTC)
▶ Ethereum (ETH)
▶ Ripple (XRP)
▶ Tether (USDT)
As an international company that has already made its name in the
market, Vera Cruz has a long list of financial clients who are supporting
the VERAEX platform. In addition to that, we believe that a well-built
project is key to have a coin with high liquidity power.
In light of this, VERAEX software was also developed with the goal
of receiving a high volume of transactions, thus avoiding network
congestion. This way, coin holders need not have to worry about being
stranded during trading.
A crucial concern we as a company had while designing the platform was
to ensure that all aspects are within the laws and regulations.
11
VERAEX will also Feature:
▶ Discounts for high volume trading
▶ Institutional trading tools
▶ Forex currency pair trading and lending (Second stage)
▶ Display extensive and in-depth financial data in the form of charts
and graphs
BLOCKCHAIN SOLUTION
● SECURE STORAGE
▶ With our High-Security software, it is possible to store and make
secure transactions in a faster and easier way.
● EXCHANGE SERVICE
▶ Exchange with BTC, ETH, LTC, USDT in our exchange platform
VERAEX.
● INVESTMENT PROJECTS
▶ Buy and Sell Vera Cruz Coin and profit from the coin ascension.
▶ With the VCCO high usage in all kinds of commerce, the appreciation
of the coin is a result of its success.
12
GLOBAL ECOSYSTEM
▶ Trade securely, quickly and privately around the world.
▶ Acceptance in global commerce companies as a blockchain
payment service provider.
ANALYSIS & PLANNING
▶ You will have a monthly report about our project, news about
blockchain and our coin.
13
Security Features of Platform
Network and Security aspects in Detail
SQL injection (Advanced SQL injection):
The Ruby on Rails web framework provides a library called Active Record
which enables an abstraction for accessing databases. It helps developers
interact with databases without actually writing any SQL queries. It also
provides an ORM layer which maps objects to the tables of the database
system. There are several methods available to read and manipulate
the data, even though most of those Active Record methods are already
using parameterized queries and can be used without worrying about
SQL injection.
Cross Site Scripting - 3 types (Reflected/Persistent/DOM):
Ruby on Rails has a built-in XSS protection mechanism which automatically
HTML escapes all the data being transferred from Rails to HTML. While this
is a big plus for Rails framework security, it is not enough to solve all XSS
problems, which is why, every day, new cross-site scripting vulnerabilities
are still being discovered on Ruby on Rails web applications.
Command line injection:
We will not use shell command in our Ruby on Rails application. If it is
proven necessary, we can call system command by breaking each piece
into a separate string.
Directory Traversal:
We are using RoR’s sprockets to amend for this vulnerability.
Sprockets are Ruby libraries for compiling and serving web
assets. Sprockets allow for organizing an application’s
JavaScript files into smaller and more manageable chunks
14
that can be distributed over a number of directories and files. It provides
structure and practices on how to include assets in our projects.
Cross-site request forgery attack:
Cross-Site Request Forgery (CSRF) is an attack that allows a malicious
user to spoof legitimate requests to your server, masquerading as an
authenticated user. Rails protects against this kind of attack by generating
unique tokens and validating their authenticity with each submission.
HTML Injection:
This is part XSS attack, and can be avoided the same way as an XSS
Other functions that are not built-in functions include:
▶ Server Side Request Forgery (SSRF)
▶ File Inclusion (LFI/RFI)
▶ Script Source Code Disclosure
▶ HTTP Parameter Pollution attack
▶ Hostile subdomain takeover
▶ CRLF injection
▶ Host Header Attack
▶ URL Redirection / Open Redirection
▶ File uploading
▶ WAF Bypassing
▶ Client-side template injection
▶ LDAP Injection
15
Features of BAF Centralized Exchanges
Types of Orders
▶ A Market Order will allow users to trade cryptocurrencies at the current
market price. Users can also set a market buy or market sell price to
protect protecting themselves from shocks in a volatile market.
▶ A Limit Order will allow users to trade cryptocurrencies by placing an
order in the hopes that it will be fulfilled by a market order of another
user. Moreover, orders are not confined to slippage owing to the
volatility in the market. Additionally, a user can set a Limit Buy or Limit
Sell order as well.
▶ A Stop Order is a conditional market order where users sell th eir
orders after reaching a specific price. A user can set a ‘Stop Buy’ or
‘Stop Sell/Loss’ for his order.
▶ A Buy Stop order or Stop Loss order is placed when the price of the
stop order is above or below the market price. This is used either for
limiting a loss or protecting the profit on a cryptocurrency.
Leverage Trading is a tool for the users to effectively manage risks with
the purpose of reducing stop loss, thereby increasing the number of
trades.
Margin Trading is a simple trading process that consists in borrowing
coins for trading in the platform in order to make a profit. Borrowers
need a secured fund for reverting the borrowed amount to the lender at a
predefined interest rate.
Integrated Referral Programs allow users to get direct commissions and
referral commissions after completion of a trade.
16
Liquidity is maintained on the exchange platform by using a third party
exchange order book, and it will actually be used to boost initial trading.
Liquidity will increase the flow of cryptocurrency trade in the exchange
and build the number of users in the trading platform.
Exchange Security
HTTP Authentication
HTTP authentication needs users to submit credentials in the encrypted
form of HTTP fields. We use the most secure HTTPS authentication
tokens, like OAuth.
Jail Login
The authentication limit is set to maximum retries for credential
combination and all the users who exceed the number of tries are placed
in ‘jail’. This jail will prevent users from further login attempts for a fixed
amount of time.
Encrypted Data
All the data in transmission and at rest is encrypted. This makes
it exponentially harder for credentials and other information to be
compromised.
SQL Injections, Remote Code Execution, Cross-Site Scripting
The malformed user input vulnerabilities are avoided by preventing SQL
Injection, Remote Code Execution, and Cross-Site Scripting (XSS).
17
Wallet
Wallet Security
Secured Wallets
The coins or tokens can be stored in secure e-wallets which are built using
blockchain technology. Such wallets enable safe and secure trading too.
Two Factor Authentication (2FA)
Two-factor authentication, also known as 2FA is a method for confirming
a user’s identity utilizing two different factors including Private Keys & QR
Scanner.
Elliptic-curve cryptography (ECC)
Public-key cryptography is used in wallet addresses and it is based on
the algebraic structure of elliptic curves spanning over finite fields. The
addresses will have the form of an alpha-numeric structure, which is why
it will be difficult to “brute-force” the exchange wallet.
18
Defense Shield from Attacks
Our exchanges are secured with defense-grade security by thwarting
attacks from different sources mentioned below:
Cross-Site Request Forgery(CSRF)
The CSRF is a type of attack that forces the end users to perform
unwanted actions on the exchange platform in which they are currently
authenticated. The attack includes targeting state-changing requests
and not the theft of data itself.
Denial of Service (DoS) Attack
Denial of Service (DoS) is one of the most common attacks, which
consists in sending a large number of requests to the server. In order
to prevent DoS attacks, the IP addresses are throttled or blocked even
before reaching the servers, through Rate Limits.
Distributed Denial of Service (DDoS)
A Distributed Denial of Service (DDoS) attack will disable the exchange by
overwhelming it with traffic from multiple sources. These actually target
a wide variety of important resources, like Banks & exchanges through
accessing important information.
Server-Side Request Forgery(SSRF)
The Server-Side Request Forgery (SSRF) is an attack where a crafted
request is sent from a vulnerable web application. This type of attack
targets the internal systems behind firewalls that are inaccessible to
attackers on the external network.
19
HTTP Parameter Pollution
The HTTP Parameter Pollution (HPP) is an evasion of web attack where
an HTTP request is sent to manipulate or retrieve hidden information in
the exchange.
20
Network flow with Security aspects
API Integration
▶ The coins can be integrated into the exchange seamlessly. The
centralized node will be integrated securely with wallets.
▶ Coin nodes are run on a port specific to a coin and the user’s wallet
is monitored for deposits from users. These are correspondingly
reflected in the user’s wallet.
▶ The API will be integrated with mail service providers and SMS service
providers.
▶ The API will also be integrated with all the blockchains requested,
such as Ethereum, Litecoin, Tether, and so on.
TechnicalSpecifications
▶ The websites, dashboards, and applications are powered by Ruby on
Rails, thus increasing the site’s responsiveness and speed.
▶ MySQL is a client/server system more reliable and faster than other
database systems. The database system will ensure that all the
operations are executed or not.
▶ Redis helps with in-memory data structure store for databases, cache
and message broker supporting strings, hashes, sets, and many other
data structures.
▶ RabbitMQ is message queueing software that is used to exchange
data between processes, applications and servers, especially emails.
21
The Centralized Exchange developed by the Blockchain App Factory is
highly secure and can support multiple blockchains. The architecture
has a highly secure exchange and a wallet built on the blockchain.
Security, Speed and API integration remain our top priorities and we are
compromised on building an exchange matching the industry standards
following the above-mentioned parameters.
22
VERA PAY Transferring money abroad has always been a problem, mainly due to the
high fees charged by the banks. Some platforms have appeared in the
last few years, aimed at making transactions easier, but none of them has
been effective as it was supposed to be.
We have come up with the solution to this problem. Vera Pay Money
transfer is a fast and secure way to perform international transfers with
low fees and taxes. As an open protocol tool, Vera Pay enables a peer-
to-peer server design to facilitate the movement of values among both
commercial and non-institutions.
This feature allows companies as well as private users to make payments
directly to each other, whether it being across different networks, countries
or currencies. In this open architecture, the only currency needed is VCCO.
But that is not the only envision we have for the Vera Pay system. Our
goal is to use it as a payment provider in developing countries with the
goal of, for instance, facilitating peoples’ access to food and medication.
Merchants will be able to purchase goods without the high exchange
currency fees normally charged, thus reducing both the primary and the
final price. Our system will facilitate access to food and medication for
those in need, not only saving money but most importantly saving lives.
23
TOKENOMICSTotal tokens - 98,000,000
Token sale - 40,000,000
Founding team - 18,000,000
Reward System - 15,000,000
Marketing Team - 8,333,333
Advisors & legal - 8,333,333
Social responsibility (Super Hero Foundation) - 8,333,333
TOTAL TOKENS - 98,000,000
Founding Team
40,000,000
15,000,000
8,333,333
8,333,333
8,333,333
18,000,000
Token Sale
Reward System
Marketing Team
Advisors & Legal
Social responsibility (Super Hero Foundation)
24
ROADMAP
January 2018 Start of coin development using Script/PoW as algorithms
May 2018 Initial development of a product for international payment using blockchain technology VERA PAY
September 2018 End of pre-ICO
December 2018 End of Vera Cruz Coin ICO and integration of VCCO in exchanges
*December 2020 Official Launch of Vera Pay
March 2018 Development of a
Business Plan
August 2018 Start of pre-ICO
October 2018 Launch of VCCO and
start of ICO
*July 2020 Launch of VERAEX
January 2018
March 2018
August 2018
October 2018
*July 2020
May 2018
September 2018
December 2018
*December 2020
*Date Estimated.
25
SOCIAL RESPONSIBILITY PROJECTVera Cruz Group has a strong feeling of belonging. We know and
understand that the world is a global community.
For that reason, we believe it is our duty to help others and have decided
to donate part of the funds raised on the ICO of Vera Cruz Coin to a
foundation that makes the lives of hundreds of people better.
Located in Piracicaba, Brazil, Fundação Super Herói (Super Hero
Foundation) in the implementation phase offers support to people
with intellectual and physical disabilities, according to their needs.
The organization helps with the education, health, and leisure of their
members, and also provides comfort for their families.
The foundation offers five main services:
▶ Therapeutic attention
▶ Eco-therapy
▶ Special education
▶ Special kindergarten
▶ Training and inclusion in the employment market
We plan to give 8.33% of the funds raised to the Super Hero Foundation.
WHITEPAPER
VCCOIN
www.veracruzcoin.io