D23E Terms of Service and Privacy Policy ("Agreement") between Decentralized Intelligence AG Baarerstrasse 10 6300 Zug Switzerland (the "Service Provider" or "Company") and the online user visiting and using the d23e.ch website. (the "Service Recipient") (Service Provider and Service Recipient together the "Parties", each a "Party") concerning The use of the Service Provider’s website (https://d23e.ch) Recitals A. The Service Provider is an expert in producing tooling to assess the security of smart contracts. B. The Service Provider intends to provide its services to the Service Recipient for the purpose of analysing smart contracts. Based on the above premises, which form an integral part hereof, the Parties agree as follows: 1 Scope of work The Service Provider shall execute its proprietary smart contract tools plus any other third-party tools on the Smart Contracts (shared by the website user in the corresponding fields), evaluating its code security. The Company shall use its tools and/or third-party tools to carry out this assessment. While unlikely, manual assessment may be added. The result shall be a (possibly ongoing) report with the outcome of the tools, possibly containing findings, recommendations, and any identified vulnerabilities or potential risks associated with the Smart Contracts (as defined below). The analysis shall be performed on the smart contracts (the “Smart Contracts”) contained in the code files, or contract addresses shared by the Service Recipient through the web interface. The smart contract source code may be loaded through third-party services, such as Etherscan. The Service Recipient is then supposed to receive a report within the Service’s Provider dashboard. 2 Consideration The execution of the analysis shall be performed for a fee, as specified by the website. The fee is not refundable. No refunds are provided, even if the Service Recipient is unsatisfied with the report, the report does not contain any findings, the report does not contain any correct findings or the Service Provider encounters technical difficulties and cannot produce a report. 3 Service Recipient Obligations In order for the Service Provider to perform its obligations under this Agreement, the Service Recipient shall co-operate with Service Provider to the extent reasonably required for the performance of the Services by Service Provider, including, but not limited to: (a) providing such information, access and assistance in a timely manner as is reasonably requested by Service Provider as needed for the performance of Service Provider ‘s obligations; (b) fulfilling any undertaking or obligation expressly assumed by Service Recipient and performing any such obligations and undertakings with appropriately qualified, skilled staff and adequate resources; and (c) ensuring that it has obtained all necessary licenses and consents in any software or systems provided are made available to Service Provider. 4 Warranties Service Provider makes no warranties or conditions of quality, express or implied (including but not limited to any implied warranties of merchantability or fitness for a particular purpose) and all such warranties and conditions are excluded to the extent allowed by law. The Service Provider executes the Services in a reasonable effort manner and does not guarantee a specific outcome. Especially, the Service Recipient acknowledges and agrees that there is a significant chance, that the Services of the Service Provider do not detect any or all vulnerabilities or potential risks associated with the Smart Contracts. The Service Provider further notes that the provided analysis is not meant to replace and is no replacement for a manual audit involving significant manual labor. As such the analysis can be considered helpful to the developer team of the Service Recipient, prior to for example enacting a regular manual audit. However, the quality, depth and results of athe analysis are very likely inferior to a regular manual audit that is undertaken over many hours and potentially multiple human auditors. Further, the Service Recipient may consider a bug bounty program in addition to using the Service Provider’s services and a regular audit to potentially strengthen the Service Recipients’ smart contract security. In any case, it is essential to acknowledge, and the Service Recipient agress that there does not exist such a thing as 100% security. 5 Limitation of liability The Service Provider shall not be responsible for, and shall not pay, any amount of incidental, consequential or other indirect damages, whether based on lost revenue or otherwise, regardless of whether Service Provider was advised of the possibility of such losses in advance. Service Provider shall not be liable for damages caused by force majeure, hacking events, internet and hardware failure, blockchain attacks. Service Provider shall not be liable for any damages that may arise out of Service Provider’s performance of the services, including but not limited to damages arising from the Service Provider’s failure to detect vulnerabilities or potential risks in the Smart Contracts, except caused by intentional or grossly negligent behavior of Service Provider. In no event, Service Provider liability hereunder shall exceed USD 50.00, regardless of whether Parties’ claim is based on contract, tort, strict liability, product liability or otherwise. 6 Miscellaneous The Parties undertake to respect confidentiality as regards to the execution and the terms of this Agreement, and to abstain from disclosing the existence of this Agreement, its contents and all information provided to it by the other Party in connection with the negotiation of this Agreement without prior written approval of the other Party. Either Party, however, shall be entitled to disclose confidential information to the extent that one of the Parties is requested to such disclosure by applicable law or regulations, tax proceedings or court proceedings. Further, Service Provider has the right but not the obligation to (i) name Service Recipient as customer and/or partner and to (ii) to disclose and reference the fact that an analysis has been conducted for Service Recipient’s in any marketing, sales and other materials and documents. The Service Provider may also disclose the general nature of the analysis and the scope of services provided, while maintaining confidentiality of any proprietary or sensitive information obtained during the analysis. Neither party is entitled to transfer the Agreement or rights and obligations thereof to third parties without the prior written consent of the other Party, who may refuse without providing reason unless explicitly provided otherwise herein. Each Party shall bear all taxes, fees, costs and expenses incurred by it in connection with the preparation, signing and consummation of this Agreement. If any provision, or any portion of any provision, contained in the Agreement is invalid, illegal or unenforceable, the remaining provisions or the remaining portion of such provision, shall nevertheless remain in full force and effect. Instead of the invalid, illegal or unenforceable provision or portion of such provision, a rule shall apply that achieves as closely as possible the initial intention of the Parties in drafting the invalid provision. This Agreement constitutes the entire understanding and agreement of the Parties with respect to its subject matter and supersedes all prior and contemporaneous agreements or understandings, inducements or conditions, express or implied, written or oral, between the Parties. 7 Privacy Policy To conduct and improve the analysis, the Service Provider may share data provided by the Service Recipient with third parties and affiliates, e.g. OpenAI's API, Anthropic's API, Etherscan, and others. Data that is shared may be provided source codes, emails, IP addresses, browser agents, blockchain addresses, cookies, etc. The Service Recipient can inquire about its data/request a deletion of an account at any point in time by requesting the data via email to contact@d23e(dot)ch along with a proof of account. 8 Financial Services Disclaimer The Service Recipient acknowledges and agrees that the services provided by the Service Provider under this Agreement are strictly limited to the assessment and analysis of smart contract security. The Service Provider's services do not include, constitute, or relate to any financial services, investment advisory services, or any other form of recommendation or advice to buy, sell, or engage in any kind of financial or investment activity. The Service Provider is not a financial advisor, broker, or dealer and is not licensed nor authorized to provide investment advice, to engage in the facilitation of securities transactions, or to undertake any activities that would require such registration under the laws or regulations applicable to the Service Recipient or the Service Provider. The results, findings, recommendations, and any identified vulnerabilities or potential risks associated with the Smart Contracts provided by the Service Provider are to be used solely for the purpose of enhancing the security and functionality of the Smart Contracts and not for making any financial or investment decisions. The Service Recipient is solely responsible for any use of the information provided by the Service Provider and shall not interpret or construe the Service Provider's services as business, financial, investment, hedging, trading, legal, regulatory, tax, or accounting advice. The Service Recipient agrees that it will not rely on the Service Provider's services as a basis for any financial or investment decision. Under no circumstances will the Service Provider be held liable for any actions, decisions, or investments made by the Service Recipient based on the analysis or information provided by the Service Provider. 9 Governing Law and Arbitration This Agreement shall be governed by, and construed in accordance with, the substantive laws of Switzerland (excluding Swiss Private International Law and international treaties). Any dispute, controversy, or claim arising out of, or in relation to, this Agreement, including regarding the validity, invalidity, breach, or termination thereof, shall be resolved by Arbitration in accordance with the Swiss Rules of International Arbitration of the Swiss Arbitration Centre in force on the date on which the Notice of Arbitration is submitted in accordance with those Rules. The number of arbitrators shall be one. The seat of the arbitration shall be Zug. The arbitral proceedings shall be conducted in English language. 10 Class Action Waiver The Service Recipient agrees that any dispute resolution proceedings, including but not limited to claims concerning privacy and data security issues, will be conducted not in a class, consolidated or representative action. The Service Recipient expressly waives any right to file a class action or seek relief on a class basis. The Service Recipient expressly waives any right to file a class action or seek relief on a class basis. If for any reason a claim proceeds in court rather than in arbitration, the Service Recipient waives any right to a jury trial. This class action waiver is an essential part of the arbitration agreement and may not be severed. If a court or arbitrator determines that the class action waiver set forth in this section is void or unenforceable for any reason or that an arbitration can proceed on a class basis, then the arbitration provision set forth above shall be deemed null and void in its entirety and the parties shall be deemed to have not agreed to arbitrate disputes. 11 Amendments These Terms of Service and Privacy Policy may be amended, updated and modified without prior notice and without past notice at any point in time. Version: 13th of February 2024.