SECURITIES AND EXCHANGE COMMISSION v. BINANCE HOLDINGS LIMITED et al Document 140: Redacted Document, Attachment 3

District Of Columbia District Court
Case No. 1:23-cv-01599-ABJ-ZMF
Filed October 3, 2023

REDACTED DOCUMENT- Exhibits of Matthew Beville Declaration to[124] Order on Sealed Motion for Leave to File Document Under Seal,,, Exhibit A (Redacted) by BAM MANAGEMENT US HOLDINGS INC., BAM TRADING SERVICES INC.. (Attachments: # (1) Exhibit B (Redacted), # (2) Exhibit C (Redacted), # (3) Exhibit D (Redacted), # (4) Exhibit E (Redacted), # (5) Exhibit F (Redacted))(McLucas, William)

BackBack to SECURITIES AND EXCHANGE COMMISSION v. BINANCE HOLDINGS LIMITED et al

Tags No tags have been applied so far. Sign in to add some.

Jump to Document 140 or Attachment 12345

  Formatted Text Tab Overlap Raw Text Right End
Page 1 Declaration of Matthew
Beville Ex. D
Page 2 EXHIBIT 7
Page 3
UNITED STATES DISTRICT COURT

FOR THE DISTRICT OF COLUMBIA

SECURITIES AND EXCHANGE
COMMISSION,
)
)
)
Plaintiff,
)
)
v.
)
) Case No.
BINANCE HOLDINGS LIMITED, BAM ) 1:23-cv-01599-ABJ
TRADING SERVICES INC., BAM
)
MANAGEMENT US HOLDINGS, INC., )
AND CHANGPENG ZHAO,
)
)
Defendants.
)
______________________________)

VIDEOTAPED DEPOSITION OF ERIK KELLOGG

THURSDAY, AUGUST 24,
9:50 A.M.

Washington, DC

REPORTED BY:
SHERRY L. BROOKS,
CERTIFIED LIVENOTE REPORTER
JOB NO. 230824SLB
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 4 11:
A.
No.
11:
Q.
What due diligence -- you mentioned the
11:
11:
11:
diligence you did on them.
What diligence did you do?
A.
So that would have been -- that would have

been the asking to see third-party -- any -- whatever

third-party reports they are willing to provide us,

which is when they provided the ISO and SOC 2 report.

On top of that, we asked them to fill out

our own security due diligence questionnaire and then

a little bit later on we created a custody

solution-specific security questionnaire, which was

given and asked to be filled out for any current and

future custody solution providers.
11:26
Q.
And it's your understanding that the SOC
report that you received covered the solution that

Binance provided to Binance.US -- that Binance

Holdings provided to Binance.US?
11:26
A.
Yes.
11:26
Q.
And what was the date of that SOC
report?
11:26
A.
11:26
That's my understanding.
I don't recall.
It was -- it was -- I
don't recall.
Q.
What else did you do when you first
started to get an understanding and comfort about the
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 5 11:
second.
THE VIDEOGRAPHER:
The time is 11:28 a.m.
We are now off the record.
11:
(Discussion held off the record.)
11:
THE VIDEOGRAPHER:
11:
The time is 11:30 a.m.
We are now on the record.
MS. FARER:
Mr. Beville is going to ask a

clarifying question so that we're all on the same

page as to the testimony that you just provided.
11:30
MR. BEVILLE:
So, Erik, were you
describing a network tab?
11:30
THE WITNESS:
Yes.
11:30
MR. BEVILLE:
So were you describing

testing of the messages communicated across the

cables connecting the machines in your AWS

environment with the machines in the BHL AWS

environment?
11:30
THE WITNESS:
Yes.
11:30
MR. BEVILLE:
And so when you were

referring to auditing those messages, you were

capturing the actual electronic zeros and 1s moving

between the machines, decoding them, and confirming

they were as expected?
11:30
THE WITNESS:
11:30
MS. FARER:
Correct.
Thank you.
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 6 11:
and his team decide what products or services we

built for customers.

Q.
is the only person that can

give you information about the changes in the key

shard protocol for Binance's cold wallets?
11:
A.
Yeah, at that time.
11:
Q.
Why was he the only person that had that

information?
11:37
A.
I don't know.
11:37
Q.
As the chief information security officer,

by that point you've been there almost -- you know,

at least six months.

your role that all of the assets and keys were secure

with so little insight about what was happening?
11:37
A.
How did you get comfortable in
I had no reason to believe otherwise at

that time.
And we have done -- we did do -- my team

did do some initial risk assessment on PNK being the

controlling factor, you know, the number of shards

needed to whitelist any wallet addresses to move

assets off of our platform.
11:38
Q.
What did you do to test that?
11:38
A.
I asked the clearing team to do a test for

me for the whitelisting just to see what that looked

like.
We did security testing for access controls
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 7 11:
11:
Q.
And when you said you asked the team to do

a test for whitelisting -- correct me if I'm wrong,

but -- are you asking -- are you saying to transfer

to a whitelisted wallet or are you saying to

establish a whitelisted wallet?

11:
around PNK itself.

A.
No, just to establish a new whitelisted
address.
Q.
Isn't it the case that to establish a

whitelisted address you need a full quorum of the key

shards, meaning all of the keys need to vote to

agree?
11:39
A.
Correct.
11:39
Q.
So how is it that you are asking your team

to implement this test if some of the key shards are

held by Binance.com?
11:39
A.
So I asked the clearing team to do this,

to test -- to make sure that if a whitelisted request

came through that all three of our shards were

activated or basically asked to approve of it because

our three shards were still part of that quorum at

the time.
11:39
11:39
Q.
Did you have any insight as to how the
other shards were being exercised?
A.
No.
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 8 11:
11:
Q.
So how were you able to get comfort with

that test if you didn't know what the other shards

were doing?

A.
This goes back to -- from the way this is

done the cold wallets can't transfer to any wallet

unless it is been whitelisted or it is whitelisted,

And so it was my understanding that the current

whitelisted addresses were all Bam wallets.

Q.
How did you develop that understanding?
11:40
A.
So I asked our data team to pull a report
11:
of all of our existing cold wallets and their

existing whitelisted addresses and then a step

further to ask for report of all on-chain

transactions out of our cold wallets to ensure that

they were only going to the whitelisted addresses.
11:40
So if we saw any transactions going from a

cold wallet to a non-whitelisted address, it would

have raised a flag for us in that report.
11:40
Q.
Could there have been an instance when

there could have been a cold wallet transfer within

the exchange that wouldn't have been documented

on-chain?
11:41
A.
Not that I'm -- no.
11:41
Q.
Okay.
11:41
A.
All cold wallet transfers are on-chain.
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 9 11:
11:
that the transfers from cold wallets can only go to

whitelisted wallets?

A.
So those controls sit in the back of the

BHL, which is why we did the -- the few times we ran

that report to see what transactions, if any, were

going to non-whitelisted wallets.

Q.
Okay.
So you -- sitting here today, do

you know whether there are controls in place that

require -- that transfer some cold wallets that can

only go to whitelisted wallets?
11:42
MR. CANELLOS:
11:42
MS. FARER:
11:42
BY MS. FARER:
11:42
11:42
Q.
Today now we're talking?
Or at any point in time.
It's our understanding -- correct me if
I'm wrong -- that has not changed?
A.
Right.
I have not seen any documentation
aside from what was covered in the SOC 2 or ISO.
11:43
MR. BEVILLE:
And are you asking about

documentation or are you asking about controls

including software controls?
11:43
MS. FARER:
parts.
11:43 11:43
I'm asking essentially two
BY MS. FARER:
Q.
Are there controls to ensure that that --
that it is the case that the cold wallet transfers
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 10
can only go to whitelisted wallets?

controls in place for that?
Are there
11:
A.
It's my understanding there are.
11:
Q.
And what is the basis for that
11:
11:
11:43
understanding?
A.
The conversations I've had with BHL and
the third-party assessments I've seen.
Q.
And then to the second part, is there
documentation of that control?
A.
Well, I don't know if it speaks

specifically to the whitelisting.

questionnaire we've provided to them, they have the

ability to answer about controls.

in there, but that would be the extent of any

documentation we have.
11:43
Q.
Okay.
That custody
It may have been
So aside from information provided

in a questionnaire potentially and speaking to

someone, you have no confirmation that there is this

control in place?
11:44 11:44
11:44
A.
Correct.
MR. CANELLOS:
interrupting.
Jennifer, forgive me for
Just one quick -- one thing.
Maybe you could ask a little bit more

about whitelisting because -- so, as I understand it,

whitelisted -- what whitelisting means Bam has to
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 11 13:
13:
understand it.

better understanding.

So I just want to -- I want to get a
So the root account is like the holder of

this environment.
So they have like overarching

rights.

server or software or something hosted or housed in

this environment that they wouldn't have rights or

access to it?

A.
So how is it the case that if there's a
So I'll give you two examples.
We'll do

the server example first.

server within AWS on their --

of it, to give you an example.

built by a local administrative account within the

server itself, and that is where the authentication

for access to that server lives.

the bigger AWS environment.

that server.
13:12
Q.
That server is being
It doesn't live in
It's local to that --
was granted by the root account, though, right?
A.
Correct.
13:12
Q.
Okay.
13:12
is the name
But for that administrative account, that
13:12
So if -- if I built a
So the root account still has
control over that administrative account?
A.
Right.
So that root account could delete

that administrator account, if you will, or change

its password or, you know, disable it.
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 12 13:
Q.
Or change its administrative rights?
13:
A.
It could change the administrative rights,
13:
but that still wouldn't change the local

authentication within the server itself.

So the most that you would be able to do

-- the most that the root account could do is -- to

that server would be to stop the server or delete it

altogether, delete the administrative role or user

that created the server itself, or just basically

disable the server for some time or move it -- you

know, make some external configurations.
13:13
But whatever is inside that server,

whatever data is inside that is going to be limited

to any user accounts set up within the server itself.

So it's own -- it's its own environment inside the

server.
13:13
Now, you could configure -- right, if the

administrator went as far as to configure the system

to allow authentication from AWS, but that's not

really common practice.
13:13
Q.
Just explain what you mean by that last

part, that it -- an administrator could allow

authentication by AWS.
13:14
A.
So you could say -- you could tell a
server -- and it would depend on the type of server
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 13 13:
13:
on the operating system.

local authentication for the system, but use an

external authentication like database, which users

and permissions are allowed.

You could say don't use my
You could set that up to another system or

service within AWS.

inherently give root any access to what's inside

those systems or servers.

13:14
13:14
13:14
Q.
But, again, that still doesn't
So if it was set up to authenticate to
AWS, though, wouldn't the root have some kind of -A.
That would -- someone would have to go
through and actually configure that, though.
Q.
Okay.
What is the configuration for the
.US AWS?
A.
Our configuration is that the root account

was only set up to create the first couple of

administrative accounts within AWS and set, you know,

just kind of a global security policy requiring a
13:15
13:15
(Whereupon, Madam Reporter asked for
clarification from the witness.)
A.
13:15
BY MS. FARER:
13:15
Q.
13:15
A.
And what's that?
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 14 14:
Q.
-- for the license software for the

wallets.
How is it the case that Block Technologies

is providing the wallet software?
14:
A.
I wouldn't say that they are.
14:
Q.
So who do you think is providing the

wallet software?
14:
A.
Binance Holdings Limited, BHL.
14:
Q.
Have you heard of an entity called CEFFU?
14:
A.
Yes.
14:05
Q.
How does CEFFU relate to the wallet
14:06
software?
A.
So I was under the impression -- and

through conversations with

you know, in one of our conversations it came up that

they were going to -- when I say they, BHL was going

to sell their wallet services to the more general

public.
14:06
Q.
Okay.
14:06
A.
Probably right near the start of this year

of 2023.
and in no other way --
When did this conversation occur?
Maybe the end of 2022.
14:06
Q.
Okay.
14:06
A.
And so --
14:06
Q.
And so wait.
So by that point in time

it's your understanding that Binance Holdings was

providing the wallet software?
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 15 14:
14:
A.
Yes, and it's my understanding now that

that has never changed.
It's always been BHL

providing our software.
What I have been confused

about through conversations is, what's it called?

Like what is the name of it?

And so that is where some of these -- the

name CEFFU came out, Block, and just general

misunderstandings of conversations about the name of

the service and just some loose plans that -- what

Binance was planning to do as far as sell their

wallet services to the more general public.
14:07
So that's where the CEFFU name started

coming up in our -- you know, in our reports and in

our internal communications as the way I was

referring to it, because for a time I -- I hadn't

misunderstood this.
14:07
But I understood that basically BHL was

becoming CEFFU and they were going to, you know,

start offering wallet services to -- to, again, the

world, you know, to offer this as -- and have a

customer base and all of that --
14:07
14:07
(Whereupon, Madam Reporter asked for
clarification from the witness.)
A.
To the world, just as an offering for
custody services or wallet services -- wallet
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 16 14:
14:
14:
BY MS. FARER:
Q.
Okay.
We're going to break this down.

in early 2023 you have this conversation with

is the Binance

14:
technology services.

14:08
14:08
So
who
A.
For the wallet services, right.
For BHL,
Q.
And at that point in time Binance Holdings
yes.
was providing the wallet software?
A.
Yes.
And to clarify, they've always
provided it.
Q.
Right.
I'm just trying to see how this
evolves.
14:08
A.
Yeah.
14:08
Q.
And this is the wallet software that we

were talking about previously that sits in this

Binance environment, ties to the TSS, that software?
14:08
A.
Correct.
14:08
Q.
And so
14:08
A.
So he just mentioned, you know, we were
tells you in 2023 what again?

going to start selling wallet services as a service,

as a product.

I -- you know, is it CEFFU?

relating (sic) to our wallet services -- our wallet

solution as CEFFU?
And so I said great.
You know, so do
You know, do I start
And it was my understanding -GRADILLAS COURT REPORTERS
(424) 239-2800
Page 17 14:
Q.
How did the name CEFFU come about?
14:
A.
I don't know who -- I don't know who made

that name up.

Q.
14:
14:
No, but I mean in terms of like not how

they named it CEFFU, but like how does the

organization that is CEFFU come into the picture?

A.
So it was my understanding -- at that time

it was my understanding that BHL was going to spin

off a new business arm or branch based on their

wallet services technology and call it CEFFU.
14:09
Q.
Okay.
And so when we see references

throughout documents which we'll show you that say

CEFFU is the wallet -- the wallet software provider

for Binance.US, is that not accurate?
14:09
A.
It's not accurate.
14:09
Q.
And we just had a very extensive day
It should say BHL.

yesterday with an auditor where there was a

discussion about CEFFU being the wallet service

provider.
14:09
A.
Yeah, because that was around the time

that

know, and I clarified.

about this, you know -- because I was aware.
14:10
and I had -- we had this conversation.
You
I said, you know, as we talk
I mean, I -- you know, it's challenges of
information that I felt I needed, again, just as I
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 18 14:
matured in the role and us as a company having audits

and being able to answer questions and having

third-party reports.

Just being able to reference the wallet

software, it made it sound like -- I got the

impression that we should be calling it CEFFU.

you know,

know where he got the indication or inclination, but

I took that as a lead to just start calling it CEFFU
14:10
But,
I -- you know, I don't
from our perspective.
Q.
And you're saying that the offering that

was being discussed with
, that was going to be

Binance taking its product commercial?
14:10
A.
Right.
14:10
Q.
That was going to be CEFFU?
14:10
A.
Right, but it was also, again, within my

understanding that we would -- like our solution

would have also -- would have been under that CEFFU

business arm.
14:11
Q.
14:11
14:11
Such that this new entity, CEFFU -MR. CANELLOS:
Well, it could be a branch,
you said, right?
A.
Branch, yeah.
I mean, there was no --

there was very -- almost -- there was very little

discussion as to the business or the reasoning behind
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 19
any of this.

our custody software what -- you know, what's the

name of it?
14:
14:
14:
14:
BY MS. FARER:
Q.
A.
But I mean, new entity in the sense
No.
It was my understanding it was still
going to be a Binance entity -- sorry.

Q.
14:11
Okay.
of this is not Binance Holdings?

It was more of like as we referred to
Right.
(Simultaneously speaking addressed by
Madam Reporter.
14:11
BY MS. FARER:
14:11
Q.
So let me ask:
So Binance Holdings is a

company, and so I'm saying a separate entity in that

CEFFU is a separate company from Binance Holdings.
14:11
MR. CANELLOS:
14:11
MS. FARER:
14:11
MR. CANELLOS:

A.
14:12
That's my question.
Is CEFFU a separate company
I don't know.
BY MS. FARER:
14:12
14:12
Yes.
from Binance Holdings?
14:12
Are you asking that?
Q.
What is your understanding of what CEFFU
A.
Right now, I don't know what it is
is?
anymore.
It was my -- at that time it was my
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 20
understanding that it may become a branch of BHL

where they commercially sell their services, was my

understanding at that time.

CEFFU is.
Now I'm not sure what

Q.

referring to?
14:
A.
So early 20 -- earlier this year.
14:
Q.
And so why has your view changed that you
14:
14:12
And at that time what time were you
don't think you know what CEFFU is?
A.
Because I've since then directly asked

are we -- do we have a relationship with CEFFU, and

he said no.
14:12
Q.
So all of the materials including that

which was provided to auditors referencing CEFFU

being the wallet software provider is -- they are

inaccurate?
14:12
A.
14:13
14:13
The name is inaccurate.
MR. CANELLOS:
Well, how is the name
inaccurate?
A.
Instead of CEFFU, it should say BHL.

Nothing is -- the fundamental technology, people,

processes, everything that makes up the BHL wallet

services that we use has never change.

ever changed on that.
14:13
Nothing has
It was simply referring to it -- when I
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 21
talked to it (sic) with auditors or external parties

or even internally with folks, what do we call this

besides wallet software?
And that's where, you know,

was -- he said, well, we may be selling this

under -- we may be selling our wallet services under

the name CEFFU.
14:
14:
Q.

scratch that.
BY MS. FARER:
14:13
14:13
And so -- but at what point -- well,
Why did you then adopt that name in
describing Binance's -- Binance.US's wallet software?
A.
To me, it sounded like that's the way that

they were going to be branding their wallet software,

so I didn't see any reason why I don't start calling

it that.
14:14
Q.
So you understood it to be all one and the
same?
14:14
A.
Yes.
14:14
Q.
And are you now saying that that's not the
14:14
case?
A.
Yes -- well, no.
No.
I'm still saying I

believe -- I believe it's still all one and the same.

There was just a miscommunication about what they're

calling -- like that they're not -- CEFFU may very

well still go be a business line, for all I know.
I
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 22 14:
14:
don't know.
(Whereupon, Madam Reporter asked for
clarification from the witness.)

A.

new company.

we should have just always referenced it as the BHL

software, custody software.
14:
14:
Like a business branch.
I don't know.
BHL may start a
What I know now is that
BY MS. FARER:
Q.
And how did you develop this understanding

that you should have continued to just call it the

Binance software?
14:14
A.
After our discussion with
after this
came up recently.
14:14
Q.
So a subsequent conversation with
14:14
A.
Yes.
14:14
Q.
When was this?
14:15
A.
Two weeks ago.
14:15
Q.
Tell me about that conversation.
14:15
A.
I just -- I literally asked
and said

do we have a relationship with CEFFU?

who is our wallet security -- our wallet service

provider?

look at the name on the licensing agreement.
14:15
Q.
He says no, it's not CEFFU.
Who is our --
And he said
Have you informed your auditors that the
wallet service provider -- wallet license -- or
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 23 14:
14:
MR. BEVILLE:
MS. FARER:
Can we go off the record,
please?

I think that we could
clarify this very quickly with one or two questions.

14:
not ask questions while we're working through this.
THE VIDEOGRAPHER:
The time is 2:19.
are now off the record.
14:
(A break was taken.)
14:
THE VIDEOGRAPHER:

The time is 2:40 p.m.
We are now on the record.
14:40 14:40
We
BY MS. FARER:
Q.
Okay.
Thank you for your patience and
letting the lawyers do their thing.
14:40
Just so the record is clear because I know

there was a little bit of back-and-forth.
And so

your understanding is that the wallet custody

solution that .Binance.US uses is that which is

licensed by Binance.com; is that right?
14:41
A.
So Binance.US licenses BHL's software.
14:41
Q.
Okay.
14:41
A.
I thought you said -- it sounded like you
14:41
14:41
Is that different than what I said?
said we use software that's licensed by .com.
Q.
Okay.
So -- thank you for clarifying if
that's what I said.
So Binance.US licenses the software from
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 24
Binance.com, and it's your understanding that that

relationship has not changed?
14:
A.
Correct.
14:
Q.
Is there anything about the technology and

services relating to the wallet custody software

provided by .com that has changed during your tenure

at Binance.US?
14:
A.
No.
14:
Q.
I'm going to -- let's turn to some

documents.
14:42
MS. FARER:
I am going to show you what
was premarked yesterday as Exhibit 61.
14:42
BY MS. FARER:
14:43
Q.
Do you recognize this document?
14:43
A.
Yes.
14:43
Q.
Is this the declaration that you submitted

in support of the Bam entities opposition to the

SEC's motion for a temporary restraining order?
14:43
A.
Yes.
14:43
Q.
So I think what I want to do with this

document just to ground you is -- I think this will

help ground our conversation about some of the

software and wallets that we've been talking about

just so we can get to some of the details and with a

little bit more specificity -GRADILLAS COURT REPORTERS
(424) 239-2800
Page 25 14:
programs -- those -- those -- those front ends and

controlling basically the keys to the keys would fall

-- yeah, that's part of us -- us securing the assets.

Q.
Okay.
But let's break that down.
So what

is Binance's role then with respect to security of

the keys?
14:
A.
BHL.
14:
Q.
Binance.com, BHL, yes.
14:
A.
So their aspect is to securely store and
14:48
14:48
14:48
safeguard our private keys.
Q.
And what involvement do you have in that
process?
A.
I am not involved in how they build their
infrastructure and manage their infrastructure.
Q.
And when you say "not involved," to what

extent do you have any insight into how Binance

securely stores and safeguards Binance.US's private

keys?
14:49
A.
This would go back to our third-party

diligence processes.
So, again, the security

questionnaires, the relationship -- building

relationship with the security folks, asking for the

third-party audits, but doing that on an annual basis

or some periodic basis.

one-time thing.
It's not a one and --
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 26 14:
14:
Q.
Okay.
But I think as we talked about

earlier you don't have a means to verify the

information provided by Binance.com with respect to

storing and safeguarding the private keys?

A.
To an extent, right, that is part of our

job is to test to make sure that the solution is

acting or behaving as we're told.

mentioned the internal testing we were doing.

there's wallet-based controls we could test, we would
I think I
If

test those as well.

no way for me to verify what they're telling me.
14:50
Q.
But outside of that, no, there's
All right.

the declaration.

background on crypto.
14:50
So let's start walking through
We can skip over sort of the
I'd like to start at Section 2 where it
says the Bam Trading on page 9 with 26b.
14:50
A.
Okay.
14:50
Q.
And so it says:
"Because Bam Trading

holds customer assets on an omnibus basis,

transactions on the platform are recorded on" --
14:50
14:50
(Whereupon, Madam Reporter asked for
clarification from Counsel.)
A.
14:50 14:50
I'm sorry.
You said 27 on page 9?
BY MS. FARER:
Q.
26b.
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 27 15:
specifics at all.
Q.
So help me understand then -- so PNK has a

number of controls -- which, again, I know are listed

here and we'll get through it -- that Binance.US has

implemented through the PNK software to coordinate

certain transfers of funds through the hot wallets;

is that right?
15:
A.
Can you repeat the question?
15:
Q.
Binance.US -- well, there are controls in

the PNK system that manage the movement of funds

through the hot wallets; is that right?

example, like there's like a threshold by which if

that threshold is reached the way it's described, is

there like an automatic transfer to the cold wallets?
So, for
15:08
A.
Right.
15:08
Q.
And that's something that's built into the

PNK system?
15:08
A.
Correct.
15:08
Q.
And so how is it that the -- I'm just

trying to understand the technology.
How is it that

these -- you know, these wallets are sitting in this

environment AWS that -- there are keys that govern

these wallets, but then there's like an overlaying

software that manages transfers.

work?
Like, how does this
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 28 15:
15:
A.
Yeah.
I don't -- so -- so it's my

understanding that PNK -- I talked about doing that

network capture where we look at the traffic on the

-- right.

15:10
And so PNK I guess is just kind of -- I

look at it as the front end of the wallet service --

the wallet software.

end works and exactly what services are talking to

which, I just don't know.
15:10
And, again, asking how the back
But this is why our testing -- internal

testing was done quite a bit around trying to abuse

PNK, trying to find vulnerabilities within the -- you

know, the code, doing these network captures just to

see is the traffic as expected.

knowledge would fall short.
15:10
But that's where our
And then these are why I was having

conversations, again, to get more comfortable or just

get familiarity.

-- of proprietary knowledge of those systems that I

shouldn't know as a customer and, you know, I respect
But, again, there is a level that
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 29 15:
15:
that of any custodial solution.

works on the back end, I just couldn't tell you.

So your view is that this wallet software

license that you have is a custody solution similar

to BitGo and Aegis?

15:
Q.
So, again, how it

A.
Yeah.
I look at those as -- yes, tools to
control the assets -- control our assets.
Q.
Okay.
And so similar to a third-party
custodian like BitGo and Aegis that has -- you know,

manages and secures the keys, your view is that

Binance.com does that for Binance.US?
15:11
MR. BEVILLE:
Objection to the extent it

characterizes BitGo and Aegis differently than what

Erik has done.
15:11
BY MS. FARER:
15:11
Q.
You can answer.
15:12
A.
So -- so yes.
So BitGo, Aegis, and BHL

are all just tools for us to custody our assets.

looked at them as tools and how we do that.

each one does it a little differently based on their

technology and their methods.
15:12
I
Now,
But the way we approach the risks and how

we approach securing those is, again, looking at them

in the same lens of, is this a tool?

all through the same diligence for that reason, so
And we put them
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 30 16:
16:
regrouping is complete to make sure that that shard

is not showing up on the other shards as a -- as a --

you know, an approved voting shard, right.

just be removed from that group all together.

Q.
It would
And who ensures that that is the case?

in the example you gave, right, if somebody lost

their shard and -- like, let's walk through that

hypothetical.

So
For example, somebody loses their shard.

What is the protocol for what occurs when a shard is

lost?
16:17
A.
So to clarify, this is something we're

building out currently with the custody oversight

team.

the TSS portal and that control, our proposed process

will be to run through that exercise of

decommissioning through the current shards and then

readding a new shard, if needed, and depending on the

situation.
16:18
As now that we now -- recently have access to
But then we would conduct all of our

normal functions.

whitelist and see what happens in the voting, right?

That's how we would confirm and do some control

testing within our environment.
16:18
We would -- we would try to
At the same time, we would be working and
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 31 16:
16:
asking BHL for any validation they could provide us,

whether they can just give us some verbal or written

validation that, yes, we see that you have X amount

of shards now; we see the activity of you dropping

the shards.

We would ask them maybe not for the logs

themselves, but for some sort of validating that they

see on the back end that that happened.

Q.
And if that wasn't occurring, could you

say to BHL decommission the shard?

on the back end?
16:18
A.
Could they do it
As far as I understand, no.
I was told

that only our shards can do that, only the actual

shards can do that.

would help support us through and we would work

together to figure out what the problem was.
16:19
Q.
Okay.
So I'm sure we would -- they
So you said that that's currently

in process of development.

of what occurs when you need to decommission a shard?
16:19
A.
What is the current state
So right now we would follow that exact

process.

haven't run -- been able to run through any kind of

testing yet.
16:19
Q.
We just don't have it formalized and
Okay.
So just so I understand, so when it
went from nine to seven, did this process that you
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 32 16:
16:
16:
just described occur to decommission the shards?
A.
I could -- I would -- I have -- I did not

see it, but I -- I -- I don't know.

understanding, is that this is -- this is the only

way that this TSS implementation works.

Q.
But that's my
So how do you have comfort that one of the

decommissioned shards can no longer -- it have like a

voting right or be signing on the transactions?

A.
So, again, we would go off of what we're

seeing on every shard, like making sure that only the

shards that we think are in existence are existence

(sic).
16:20
We've done personal validation

verification, and without any reason to believe that

what we're -- without any reason to believe that

something else is going on and that we're not seeing

something -- you know, we're going off of what we've

seen on -- on those actual devices -- on the actual

shards themselves.
16:20
Q.

device.

needs to happen with a TSS protocol there has to be

some voting that occurs among the shard holders,
So your confirmation is that you have the
When there is any type of activity that
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 33
whether it be the full quorum, the four, like

whatever the case may be, depending on the activity.
16:
16:
Q.
So there's no way that unless it's shown

on the screen that anyone else who may have had a

prior shard, copy of a shard -- well, strike that.
16:21 16:21
16:21
16:21
Can someone make a copy of a shard?
A.
To my understanding, no.
It's not
possible.
Q.
And what's the basis of that
understanding?
A.
Part of that is the TSS fundamental --

there's no copy of a shard.
If the shard is part of

the group, then it's got its -- then it's -- it

becomes part of the pool.
16:22
The system -- TSS functionality wouldn't

know what to do if it saw a duplicate -- like if it

saw the encryption algorithm for shard A.

if that exact copy came across, TSS wouldn't know

what to do with it.

properties.

said --
And then
So there's the fundamental TSS
But outside of that -- I mean, like I
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 34 16:
Q.
Well, would it --
16:
A.
-- we're going off of what we see in the
16:
shard -- what we have in the actual -- at the shard

level and then, again, back tested.

monthly or periodically reports for ensuring all

TSS-related activity is -- is as expected on-chain.

Q.
Okay.
You know, we do
I'm going back to the copies.
So

if somebody was able to make a copy, if the original

shard just didn't participate in whatever the

requested activity was, couldn't it be the case that

you would just see the copy and nobody would know

that that was a copy?
16:23
A.
So now you're getting into theoreticals, I

think.
As a security professional, I can never say

that the risk of something happening is zero.

been around in this space too long to -- to say that.
16:23
I've
But, in my opinion, the amount of -- it's

just not plausible or realistic to think that that --

that that could be done, given what I know about TSS

and just PKI for -- private key infrastructure in

general.
16:23
Q.
And what about your knowledge gives you
that comfort?
16:23
A.
I mean, are you asking like --
16:23
Q.
Like break it down for us to why you think
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 35 16:
16:
implementation of the whitelisting system?

your understanding about how that configuration is

established?

A.
Are we talking about the shards or PN- --

the hot wallets?

or hot wallets?

Q.
What is
Are we talking about cold wallets
Any type of transfer that requires solely

going to a whitelisted wallet.
Like it was

represented to us that one of the controls in place

to protect against unauthorized transfers is that

certain wallets can only transfer to whitelisted

wallets.
16:52
16:52
So explain to us how that configuration is
built in to ensure that that is what occurs.
A.
So I can't speak to like the -- what --

how that functions on the back end, but when -- you

know, I've asked the -- previously we were doing some

of this assessment work.
16:52
And I've asked the clearing team to

purposely put in the wrong -- like a non-whitelisted

wallet address, and it just fails within the app.

doesn't go any further.

address.
16:52
Q.
Okay.
It
It just says not a valid
So you tested to ensure that the
transfer could only be made to a whitelisted wallet?
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 36 16:
A.
Yes.
16:
Q.
And for the BitGo wallets, do the
16:
transfers only have to go to whitelisted wallets as

well?

A.
Yes.
Yes.
We treat all assets if it goes

cold, so the same principles apply.

we don't -- aside from maybe some testing wallets for

testing connectivity or some new network or token,

all wallets in BitGo need to have a whitelisting on
16:53
16:53
You have to --
them enabled.
Q.
And have you coordinated with BitGo to
ensure that that configuration is in place?
A.
I haven't felt the need that we needed to

coordinate with BitGo because we are the ones that

set those policies.

treasury folks will go in there and add the

whitelisting as needed.

actually hands-on pushing the buttons to whitelist

the addresses.
16:53
16:53
So, typically, the clearing or
So we are the ones that are
There's no need for BitGo to be involved
with that process.
Q.
But how then -- like what's the

enforceability of that mechanism for transfers from

BitGo wallets?
16:54
A.
So the same.
So they have two controls
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 37 17:
wallet is C3.
And then the next vertical line at the

bottom is C4.
Above that is C5.

And then if you go -- continue going up

and to the right it's 6, 7, 8, with C8 being the

farthest to the right.
Can you read that?
17:
A.
I think so, yeah.
17:
Q.
I can walk through it again.
17:
A.
Okay.
17:
Q.
That's no problem.
So for the C2 circles

that corresponds with the CUS-2 in the chart below.

And so where it says:

configured each asset listed on the Binance.US

platform to be held in each customers' deposit wallet

until a threshold is met," do you have any

documentation of that configuration?
17:48
17:48
A.
"Management has approved and
That should be in the digital asset
custody policy.
Q.
Okay.
So it's -- the policy is sort of

what it's supposed to be.

technical configuration I just want to confirm,

circling back to what we talked about earlier, that

-- if there would be any way to validate that

configuration technically?
17:48
A.
I mean, yeah.
But in terms of like
I mean, we could change the
value and then run the test to make sure that that is
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 38
automatically overflowing.
17:
Q.
It would be by testing to verify that?
17:
A.
Yes.
17:
Q.
Okay.
And so in the CUS -- the C4 four

lines down about unauthorized movement of customer

funds being the risk address and the control

describes the TSS configuration and at the end where

it says "approvers approve the transaction on a

timely basis," is that referring to the 30 minutes

that you talked about earlier?
17:49
A.
17:49
Q.
17:49 17:49
That's how I understand it, yes.
What is that?
A.
The private key authorization methodology
procedure?
17:50
Q.
Yes.
17:50
A.
And is that -- C7 as in -- where does that
17:50
fall on this diagram?
Q.
So that goes -- do you see the two green
circles at the top?
17:50
A.
The top, yes.
17:50
Q.
It's the one to the left.
17:50
A.
It's used for determining access to the

private keys to whitelist hot wallets.
I don't know
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 39 18:
-- they were just going to rebrand.
Q.
Okay.
And so the time period for that SOC

report as noted in the first bullet was August 1st,

2022 to October 30th, 2022.
18:
A.
Okay.
18:
Q.
Did you receive any other report for a

larger time period, a SOC 2 report for the CEFFU?
18:
A.
No.
18:
Q.
So how did you get comfort that the
This was the only SOC 2 report I saw.

controls in that report were sufficient given that it

was for such a short period of time?
18:30
A.
In my experience and in my opinion I don't

see anything wrong with the time given.

more important factor is that they did have an

external party come in and assess.

-- yeah.
18:30
I think the
There are types
I mean, just for the fact that they did

actually get a SOC 2 which is actually a snapshot

over a period of time, rather than a type 1 which is

a singular snapshot as of a certain date.
18:31
And so, you know, when I talked to

about that SOC 2 report, my -- I asked have there

been any significant changes from when the report was

-- or the assessment was conducted, and he said no.

So I left it at that.
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 40 18:
18:
18:
Q.
So as it (sic) sits here today, you have

-- you don't have insight into the environment that

hosts the technology for the security of the

background -- of the back end.

You don't have a third-party assessment

that evaluates the security of CEFFU, and you've

replied upon a questionnaire prepared by Binance

regarding the information of security?

I'm just trying to get an understanding of

the different pieces of information that you're

looking at.
18:51
MR. BEVILLE:
So I'm going to object to

the extent that mischaracterizes some of what Erik

says.
18:51 18:51
But please answer.
A.
So Binance did not create our security

questionnaire.
Me and my team created the

questionnaire.
We took input from various custodial

solution partners as well -- Binance, you know, had

some chance to -- to overview that with us, but they

did not create that.

questionnaires.
18:51 18:51
That was ours.
That was Bam's
BY MS. FARER:
Q.
Sorry.
To clarify, their response to your
questionnaire?
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 41 18:
18:
A.
Right.
So, yes.
So, additionally,

conversations that, you know -- again, once I was --

it was made clear that that was not our instance

(sic) of the technology, conversations led to, well,

what is different between what I see in the SOC

report and our -- and our implementation.

The answer was nothing is different.
So

we're taking that -- those conversations.

course, the subsequent conversations dive into more

detail specifics about that.

their word for it.
And of
It's not just take
18:52
As a security professional, I feel like I

know where certain topics need to be dug into versus

what -- what's -- what's realistic versus what's not.
18:52
And then, again, our internal control

systems and testing that we've done that we're able

to do, as well as the fact that we haven't found any

historical evidence of anything not functioning as we

were told, as we were presented.
18:52
Q.
Okay.
And who did you have those

conversations with about the difference between the

SOC 2 report and the solution you all have from

Binance.com?
18:53
A.
Again, that was
18:53
Q.
Okay.
I'm going to show you -GRADILLAS COURT REPORTERS
(424) 239-2800
Page 42
time in taking it any further.
19:
19:
Q.
And why didn't you keep it?
19:
A.
I don't know.
19:
Q.
Who told you that the decision was not to
19:
BY MS. FARER:
That wasn't my decision.
keeps it?
A.
I don't remember who exactly.
It may have

been someone on our business development team when I

started asking to get a SOC report so I could start

diving in more to their -- to the setup and, you

know, doing our security diligence.
19:07
That's when I was told like they're not

really responsive and we're going to probably kill

the relationship with them anyways.

last we really dealt with Anchorage, that my security

team dealt with Anchorage.
And that was the
19:07
Q.
Did you ever receive the SOC report?
19:07
A.
No, that I remember.
19:07
Q.
Was the reason that you didn't go forward
19:07
because they wouldn't provide a SOC report?
A.
No, not to my knowledge.
My -- like I

said, by the time I was asking for the SOC report I

was told that we're not going to move forward with --

like keeping that relationship and the technology.
19:07
Q.
Okay.
Going down to BitGo, the last two
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 43 19:
19:
A.
That I -- I have no clue what they're
referring to there.

19:
infrastructure of the service"?
Q.
Okay.
Has anything been done to address
these deficiencies?

A.
So as I mentioned, you know, trying to

work with BHL to get a -- a -- some sort of security

assessment, SOC 2 would be ideal for our instance

specifically.

referring to.
19:21
Q.
Again, that's if that's what they're
Okay.
You can put that one to the side.

I'm going to show you what is being marked Exhibit

71.
19:21
(Exhibit Number 71 was marked for
identification and was attached to the deposition.)
19:21 19:21
BY MS. FARER:
Q.
And given the strange -- well, not

strange.

with the printing, this is a document that was

produced by either your counsel that was

characterized as a spreadsheet showing CEFFU's

answers to the custody solution provider security

questionnaire provided to CEFFU by Bam.
19:22
A.
But the way that the formatting came out
Got you.
This is a much better export
than what our third-party platform prints out, so
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 44
yeah.
19:
Q.
So this looks familiar to you?
19:
A.
Yes.
19:
This is the custodial security
questionnaire.
Q.
Okay.
So I just want to walk through some

of the points in this questionnaire.
So this is the

questionnaire that you referenced a couple of times

today?

A.
One of the questionnaires.
19:22
Q.
Oh, is there a different questionnaire?
19:22
A.
So there's also -- so for -- depending on
19:
Correct, yes.

-- you know, we assess -- when a new third party --

you know, I know we focused on our custodial partner.

But any third party that comes -- that we come in

contact with we do an initial assessment of, you

know, do they need connectivity.
19:23
It's up to the security team and first

response of our third-party risk manager to decide if

we need to send out a security -- we have a general

security -- cybersecurity due diligence questionnaire

regard- -- you know, that's, you know, just kind of a

standard almost if there's ever going to be any kind

of pertinent or sensitive data being shared or

information being shared.
19:23
And then this questionnaire was in
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 45 19:
19:
19:
addition to that, which is specific to custodial

standards and technology.

Q.
So -- but is there a -- that second

questionnaire that you're talking about, is there a

completed questionnaire by Binance.com?

A.
I would like to say yes, but I'd have to

go back to our -- I'll look at our third-party

management program if there is --

MS. FARER:

And, Counsel, for the
record, we would like that produced.
19:23
BY MS. FARER:
19:23
Okay.
Q.
Who completed Binance.com's response to
this questionnaire?
19:24
A.
I was given --
gave -- I said,
we

need this questionnaire for our third-party

diligence, and he gave me a name or an email.

would be in our third-party platform who did it.

don't have the name off the top of my head, though.

It was not

think, or someone else within BHL who had filled this

out.
19:24
19:24
Q.
It was someone on
It
I
team, I
When you said your third-party platform,
what are you talking about?
A.
So for third-party risk management we use
a platform called Whistic, W-H-I-S-T-I-C.
And it's
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 46
about?
19:
MR. BEVILLE:
19:
MS. FARER:
19:
MR. BEVILLE:
19:
BY MR. BEVILLE:
19:
Q.
The bottom of page 2.
Please note?
Please note.
And this reads:
"It should be noted that

while Binance.com changed the name of the services

for which they're (sic) offered, there is no change

to any of the service functionality and no material

impact to the services licensed by Binance.US.
19:50
A.
That's right.
19:50
Q.
Does this reflect that you informed the

auditors at FGMK that the change to CEFFU was a name

change?
19:50
A.
Yes.
19:50
Q.
And there was no material change to the

services received?
19:50
A.
Correct.
19:50
Q.
Okay.

There was also some discussion of
the BHL SOC 2 report?
19:51
A.
Yes.
19:51
Q.
I believe you testified that it was not

specific to your AWS environment?
19:51
A.
That's right.
19:51
Q.
But it was specific to the software used
GRADILLAS COURT REPORTERS
(424) 239-2800
Page 47
in that environment?
19:
A.
Correct.
19:
Q.
Was that still valuable, from your

perspective, in assessing the security of the

product?
19:
19:
MR. BEVILLE:
19:
MR. BAKER:
No questions.
19:
MS. FARER:
I think as noted earlier we're
A.
Yes.
No further questions.

going to leave this open, and we note your objection

on the record to us leaving it open.
19:51
But for the reasons we've discussed that

we -- there's a number of outstanding requests both

before today but also that occurred during today with

outstanding information that was not produced to us

by the company, and that this witness would be the

person that would be able to provide us a significant

amount of additional information.
19:51
We didn't get to test him on these
documents.
19:51
We're going to leave it open.
MR. BEVILLE:
Again, we object.
We object

to that.
We don't think you have the right to keep

this open under the consent order or the Federal

Rules.

We will be getting you and meeting and conferring
You had quite a long time with Erik today.
GRADILLAS COURT REPORTERS
(424) 239-2800
Space
Issues Laws Cases Pro Articles Firms Entities
Issues Laws Cases Pro Articles Firms Entities
 
PlainSite
Sign Up
Need Password Help?