クックブック NFT Access Pass

Kimiary Smart Chain implements two completely independent governance layers with different rules, participants, and objectives:

Layer 1: Product Governance

Designed to make decisions about the CooBook platform roadmap, new features, Core Nodes incorporation, and structural changes to the ecosystem. Only NFT Access Pass holders participate with differentiated vote weights by tier.

Layer 2: Blockchain Consensus

The technical mechanism through which transactions are validated and blocks are added to the chain. All active users connected to the network participate, with absolute cryptographic equality regardless of NFT tier.

These two layers do not mix or interfere with each other — a product governance decision cannot alter blockchain consensus rules without going through a separate voting process that modifies the base protocol.

Any active NFT Access Pass holder can propose a governance vote, regardless of the tier they hold. An Esmerald Passage holder has the same proposal right as an Obsidian Dominion holder.

The process:

1. The holder formulates the proposal and sends it to the Governance Core Node
2. The Core Node cryptographically verifies that the applicant is an active holder via their Dilithium3 signature
3. Once eligibility is verified, the Core Node automatically deploys a voting smart contract with the proposal parameters
4. This smart contract is immutable from the moment of deployment — neither the proposer nor the CooBook team can modify the voting terms once initiated
5. The smart contract remains active for 72 hours, during which all eligible holders can cast their vote

The 72 hours represent a deliberate balance between two competing needs: decision speed and participation maximization.

• Shorter (24 hours): Would discriminate against holders in different time zones or with busy schedules, concentrating power in those who constantly monitor the platform
• Longer (1 week): Would unnecessarily slow the platform's ability to evolve and respond poorly to situations requiring quick decisions

The 72 hours guarantee that each holder has at least 2-3 natural time windows to vote regardless of their timezone or routine.

This parameter itself can be the subject of a future governance vote if the community determines it needs adjustment — demonstrating that the system is self-correcting without team intervention.

Each vote is cast through a Dilithium3 cryptographic signature from the holder, making it mathematically attributable, verifiable, and non-repeatable.

The process:

1. The Governance Core Node receives and records each signed vote on-chain in real-time
2. Any network member can independently verify the vote count by querying the Core Node's public registry
3. There is no central authority announcing the result — it's a distributed record anyone can audit
4. When the voting smart contract closes at 72 hours, the result is automatically calculated applying the corresponding tier weights
5. The result is recorded immutably on the chain

Technically, it is impossible to alter the result after closing because it would require modifying a block already sealed with BLAKE3 hash chained to all subsequent blocks — an operation the network would automatically reject.

Absence of vote is counted as abstention, not as a negative or affirmative vote. The final decision is made by the majority of votes actually cast, not by the majority of total holders.

This design replicates how most representative democratic systems work:

• Abstention does not block decisions
• But it reduces the perceived legitimacy of the vote

There is no economic penalty or loss of rights for not participating in a specific vote.

on-chain participation historyHowever, the is public — a holder who never votes has that record visible to the entire community, creating a natural reputational incentive for active participation.

This is the most important guarantee of the system and rests on the genesis block master registry.

For any decision that requires modifying protocol parameters, adding Core Nodes, or changing structural network rules, technical implementation requires the signature of authorized Core Nodes.

Those Core Nodes only act when an approved governance vote result authorizes them. The CooBook team does not have access to a master key that allows implementing changes without this process.

If the team attempted to implement something not approved by governance, the network would automatically reject it because the Core Node signatures would not correspond to any valid on-chain recorded vote.

This architecture turns compliance with governance decisions from a good faith question to a technical impossibility of doing otherwise.

No technical mechanism exists that allows the CooBook team to veto a decision approved by governance vote.

The system has:

• No emergency button
• No master key
• No privileged admin role above the result of an on-chain recorded vote

This is a deliberate and irreversibly unilateral design decision: the team relinquished this power when they registered the Core Nodes in the genesis block with the current rules.

The only way the team can influence a decision is by participating in the vote as NFT holders, with exactly the same weight as any other holder of their tier. Outside that democratic participation, they have no additional power over the result.

Decisions requiring governance vote (affect fundamental ecosystem structure):

• Adding or removing Core Nodes from the genesis registry
• Modifying consensus protocol parameters
• Changing validation rules
• Approving the M-of-N scheme for backup Core Nodes
• Implementing the revenue distribution mechanism once MiCA regulation is obtained
• Any change affecting holder rights

Operational decisions the team can take directly (don't affect protocol or holder rights):

• User interface improvements
• Frontend performance optimizations
• Incorporation of authors to the verification process
• Marketing or communication decisions

The dividing line is clear: if it affects the protocol or rights recorded on-chain, it requires governance. If it's operational and doesn't alter rights, the team can act directly.

Adding a new Core Node is one of the most controlled processes in the ecosystem precisely because Core Nodes have privileged access to critical network functions.

The process:

1. A full 72-hour governance vote where holders approve both the need for the new node and its specific Dilithium3 public key
2. If the vote passes, the result authorizes updating the genesis block master smart contract to include the new public key
3. Only with that on-chain approved update can the new Core Node begin operating and be recognized by the network

A Core Node whose public key is not in the genesis registry is automatically rejected by all network nodes, without exception.

This makes it technically impossible for the CooBook team to introduce a fake or unauthorized Core Node without community knowledge and approval.

The M-of-N scheme is a cryptographic threshold mechanism where M signatures out of N total Core Nodes are required to authorize certain critical network operations.

For example, a 3-of-5 scheme would mean that any operation affecting the genesis registry requires the simultaneous signature of at least 3 of the 5 authorized Core Nodes, making it impossible for a single compromised Core Node to act unilaterally.

Why it's not pre-defined:

Doing so unilaterally would contradict the principle of community governance. The first formal governance vote, planned for mainnet launch in Q1 2027, will determine this parameter with participation from all holders.

This particular decision is de facto irreversible once made because modifying it would require another vote with the same quorum, giving it constitutional robustness comparable to the most important decisions of any decentralized organization.

Sybil resistance in KSC is guaranteed by the combination of two mechanisms:

First mechanism: One user — maximum 1 NFT per wallet rule, which limits any actor's influence to a single governance power unit regardless of how many wallets they create.

Second mechanism: The on-chain digital identity system from the registration process, where each user generates a unique cryptographic identity through a ~1,040-bit entropy process that includes biometric data hashed with SHA3-512.

Creating multiple valid identities requires multiple registrations with different real data, making Sybil attacks costly and traceable.

No system is 100% Sybil-resistant without centralized identity verification — and that centralized verification contradicts decentralization principles. KSC's design honestly accepts this tension and mitigates it structurally without pretending to have eliminated it completely.

Technically they can sell their NFT at any time, but the system has safeguards that limit this manipulation vector:

• When an NFT initiates a sale, the smart contract suspends it as an active validator for 60 seconds
• Maximum of 3 sale attempts per day
• Most importantly: Voting rights in a specific governance belong to the holder registered at the moment the voting smart contract closes

If a holder sells their NFT during an active vote, the new holder can vote with it — the vote is not lost, it simply changes hands.

This makes strategic sale manipulation very difficult to coordinate because it requires finding a buyer willing to vote a specific way within a 72-hour period, which is practically unviable at scale.

This is a real limitation of any governance system in its early stages, and KSC addresses it honestly.

During the initial phase, when the number of holders is small, votes represent a minority fraction of the potential future ecosystem.

Mitigation:

• The design establishes that the most structural decisions — especially the M-of-N scheme for Core Nodes — are reserved for the first formal vote at mainnet
• Early operational decisions are made with whatever participation is available, following the same democratic rules
• With explicit transparency that the system is in the startup phase

As the holder base grows, governance power automatically distributes without requiring any team action.

The system has no post-approval veto mechanism — that would contradict the principle of governance decision immutability.

What does exist: The possibility of initiating a new vote that reverts or modifies the previous decision, following exactly the same democratic process.

This is the only legitimate way to correct a decision.

For high-impact technical decisions, the proposal process includes a public discussion period before the voting smart contract activates, precisely so the technical community can identify potential problems before voting.

The system trusts that an informed community will make better decisions than a central authority, recognizing that no system is infallible but that collective correction is more robust than hierarchical correction.

Governance participation is technically permissionless — any holder with wallet access and internet connection can vote regardless of geographic location.

How it works:

• The Dilithium3 vote signature is generated locally on the holder's device
• Transmitted to the network without intermediaries who could censor it by geographic origin

Project Kimiary OÜ is registered in Estonia under the EU regulatory framework and complies with MiCA, but the act of voting in governance does not require going through any regulated entity — it's a direct cryptographic operation between the holder and the Governance Core Node.

Local regulatory restrictions may affect NFT purchase or sale in certain jurisdictions, but not governance participation once the NFT is in the holder's possession.

The current design does not set a fixed minimum quorum — the decision is made by the majority of votes cast regardless of the total participation percentage.

This design decision recognizes that imposing high quorums in a growing community could paralyze the ecosystem's decision-making capacity in its early phases.

However, the absence of a minimum quorum is itself a parameter that can be modified through governance vote.

It's possible that the first formal vote at mainnet includes precisely the proposal to establish minimum quorums for different types of decisions — for example, 20% quorum for operational decisions and 50% for constitutional protocol changes.

This decision will rest with the community, not the team.

The on-chain reputation system is in development and represents one of the most important evolutions of the governance model.

The basic idea: A holder's influence should derive not only from their NFT tier but also from their history of active and correct participation in transaction validation.

How it works:

• A holder who consistently validates transactions that the network subsequently confirms as correct builds a positive on-chain reputation history
• This history is public, immutable, and non-transferable
• Unlike the NFT that can be sold, reputation is linked to the holder's on-chain identity

In future versions of the governance system, this reputation history could function as a second layer of vote weight that complements tier weight, rewarding expert participation over mere token holding.

Since all votes are recorded on-chain with the holder's signature, any community member can audit any other holder's behavior at any time.

There is no formal centralized reporting process because the system's radical transparency makes reporting unnecessary — malicious behavior is visible by definition.

If a group of holders attempts to coordinate votes in a way the community considers inappropriate, that coordination is detectable on-chain by anyone.

The natural response: Other holders vote against, and the malicious group's on-chain reputation publicly deteriorates.

In extreme cases where malicious behavior threatens protocol integrity, a governance vote can establish specific penalty mechanisms.

The system trusts transparency as the control mechanism rather than central authority as the arbiter.

The KSC governance system is designed to be self-correcting and evolutionary.

Current parameters — 72-hour duration, tier weights, no minimum quorum — are starting points that the community itself can modify through future votes.

Planned evolutions:

• VRF (Verifiable Random Function) implementation to make validator selection mathematically verifiable and impartial
• M-of-N scheme definition for Core Nodes in the first mainnet vote
• On-chain reputation system incorporation as a second layer of vote weight
• Potential opening to third-party operated Core Nodes external to the CooBook team

Each of these evolutions requires governance vote, guaranteeing that system growth reflects the collective will of its participants.

Compared to a traditional company:

The difference is radical. In a company, decisions are made by the board or majority shareholders in opaque internal processes. At CooBook, structural decisions are made in public, on-chain, auditable processes by anyone in real-time, where the founding team has exactly the same weight as any other holder of their tier.

There is no board of directors with veto power over the community.

Compared to a conventional DAO:

The difference lies in the underlying technical layer. Most DAOs operate on general-purpose blockchains like Ethereum, where governance contracts are vulnerable to the same quantum attacks that threaten all classical cryptography.

CooBook's governance operates on Kimiary Smart Chain with post-quantum NIST 2024 cryptography — vote signatures are Dilithium3, resistant to Shor's algorithm.

This means governance integrity is guaranteed not only for the present but for the quantum computing era.

Additionally, most DAOs have fungible tokens where accumulating more tokens means more power — KSC eliminates this vector with the 1 NFT maximum per wallet rule.

Kimiary Smart Chain is a next-generation blockchain specifically designed for the CooBook ecosystem, built entirely from scratch in Rust.

The decision not to use a fork of Ethereum, Cosmos, Substrate, or any other existing chain was simultaneously technical and philosophical.

Technically: General-purpose blockchains are optimized for financial transfers — their data structure, consensus model, and cryptography are calibrated for moving economic value, not for managing editorial workflows with authorship verification, content sealing, and knowledge governance.

Philosophically: Building on an existing chain means inheriting its cryptographic limitations, including the most critical one: Bitcoin, Ethereum, and virtually all mature blockchains use cryptographic algorithms vulnerable to quantum computers.

Kimiary Smart Chain implements NIST 2024 post-quantum cryptography standards from its first block — something impossible to do retroactively on an existing chain with millions of users and billions in locked value.

Rust is a systems programming language that guarantees memory safety by design, without needing a garbage collector.

This is relevant for a blockchain because the most common and devastating vulnerabilities in critical software are memory errors: buffer overflows, use-after-free, null pointer dereferences.

These errors have been responsible for the biggest hacks in software history, including multiple exploits on Ethereum smart contracts.

In Rust, an entire class of these errors is simply impossible — the compiler detects and rejects the code before it reaches production.

This is not a promise from the development team but a mathematical guarantee of the language's type system.

Solana is the only mainstream example of a blockchain built in Rust, and its technical performance and stability are notably superior to equivalent chains in other languages.

KSC takes this guarantee a step further by combining it with post-quantum cryptography from the origin.

KSC uses five cryptographic primitives, each chosen for a specific function:

• CRYSTALS-Dilithium3 — NIST 2024 standard for post-quantum digital signatures; used for signing all transactions, authenticating Core Nodes, and casting governance votes
• CRYSTALS-Kyber768 — NIST 2024 standard for key encapsulation; used for encrypting user private keys before storage
• BLAKE3 — Hash function for block chaining; 14 times faster than SHA3 while maintaining 256-bit security, with native multi-core parallelization support
• SHA3-512 — Protects user data privacy in the registry; with 512-bit output maintains 256-bit post-Grover security
• ChaCha20-Poly1305 — Authenticated symmetric encryption for protecting stored keys; TLS 1.3 and Signal protocol standard, chosen over AES-256-GCM for superior resistance to timing attacks without specialized hardware

Each algorithm has a distinct function and none is used outside its design domain.

Post-quantum cryptography is a set of algorithms mathematically resistant to attacks from quantum computers.

Current blockchains — Bitcoin, Ethereum, Solana, Cardano — use algorithms like RSA, ECDSA, and Ed25519 whose security rests on mathematical problems like large number factorization or discrete logarithm.

Shor's algorithm, discovered in 1994, can solve these problems in polynomial time on a sufficiently powerful quantum computer — meaning an advanced quantum computer could derive private keys from public keys, forge digital signatures, and compromise any existing wallet's identity.

CRYSTALS-Dilithium3 and Kyber768 base their security on the MLWE problem — Module Learning With Errors — for which the best known quantum algorithm requires superpolynomial time, making it mathematically intractable even with advanced quantum hardware.

KSC is the only blockchain to implement these four differentiators simultaneously: native post-quantum cryptography, real user digital identity, NFT holders as consensus validators, and immutable master registry of Core Nodes from the genesis block.

The genesis block is the first block of the chain and the most important because it establishes the fundamental rules that all subsequent blocks must follow.

In KSC, the genesis block contains a master smart contract with the Dilithium3 public keys of all initially authorized Core Nodes.

This registry is the trust root of the entire network — any node attempting to operate without being registered here is automatically rejected by the entire network.

The critical importance of genesis lies in its immutability: modifying it would require recalculating the BLAKE3 hash of that block and all subsequent blocks, which the network would instantly detect and reject.

This turns the genesis registry into a constitutional guarantee — as permanent and verifiable as Bitcoin's first block, but with the difference that in KSC that first block establishes a verifiable community governance system, not just a financial transaction registry.

Core Nodes are specialized nodes that perform specific critical functions within the KSC ecosystem.

Unlike generic nodes in other blockchains that perform all functions simultaneously, KSC implements a modular architecture where each Core Node has clearly delineated responsibility.

5 initial types:

1. Identity Core Node — Manages user registration and secure encrypted private key storage; the highest security level in the entire network
2. Content Core Node — Manages purchase transactions and opening of PDFs and courses
3. NFT and Marketplace Core Node — Manages ownership transfers, NFT sales and purchases including migration from Polygon
4. Governance Core Node — Deploys and records voting smart contracts, primarily active during voting periods
5. Backup Validation Core Node — Acts as a permanent validator when there are few connected users, continuously monitoring network status

All are registered in the genesis block and their authenticity is verifiable on-chain by anyone.

Each block in KSC contains the BLAKE3 hash of the previous block, creating a cryptographic chain where modifying any block automatically invalidates all subsequent blocks.

BLAKE3 produces a 256-bit output that acts as a unique, irreproducible fingerprint of all block content.

If someone attempted to modify a transaction in an already confirmed block, that block's hash would change, causing the next block — which contains the hash of the previous one — to become invalid, and so on up to the most recent block.

The network detects this inconsistency instantly and rejects the modified version.

This cryptographic chaining property is the basis of immutability in any blockchain, and in KSC it's implemented with BLAKE3 instead of SHA256 for its superior processing speed and native support for parallel verification across multiple cores.

Ethereum's Proof of Stake selects validators proportionally to the amount of ETH they have staked — the more tokens someone accumulates, the higher their chance of being selected and the more rewards they receive.

This inevitably creates a concentration of validation power in the richest holders.

KSC's Democratic Proof of Stake breaks this relationship between wealth and validation power:

• Validators are randomly selected from the pool of active, real-time connected users
• It doesn't matter how many tokens they have or what NFT tier they hold
• A user with the entry-level Esmerald Passage NFT has exactly the same chances of being selected as a validator as an Obsidian Dominion holder

The only condition to participate as a validator is being active and connected to the network at the time of selection.

This cryptographic equality is absolute at the validation level and coded into the protocol — it cannot be modified by the team or the richest holders.

For each transaction, the system maintains a real-time tracker of active, connected users.

Before performing selection, the protocol automatically excludes the parties involved in the transaction — the sender and receiver can never validate their own exchange.

From the remaining pool of active users, 5 validators are randomly selected: 1 NFT holder of any tier and 4 regular users.

To guarantee mathematically fair and impartial selection, the roadmap includes implementing VRF — Verifiable Random Function — a cryptographic mechanism where the randomness of selection is publicly verifiable and cannot be manipulated by any actor, including the Core Nodes themselves.

Until VRF is implemented in Phase 2, the selection algorithm uses secure cryptographic entropy that makes it practically impossible to predict or influence which validators will be selected.

The system has a fallback mechanism designed to guarantee the network never stops due to low activity.

When the pool of active users is insufficient to complete the required 5 validators, the Backup Validation Core Node automatically enters to complete the quorum.

This Backup Core Node is always active and monitoring the network status precisely to cover these scenarios.

It's important to understand that this mechanism is temporary and proportional: the Backup Core Node only acts when strictly necessary to complete the number of validators that active users cannot cover, and its participation is verifiable on-chain like any other validation signature.

As the user base grows, the dependency on the Backup Core Node naturally decreases until it becomes exceptional.

When an author publishes an article on CooBook, the system automatically generates a unique hash of the complete content using BLAKE3.

This hash, along with the author's Dilithium3 signature, the exact timestamp, and relevant metadata, is recorded as an on-chain transaction in the Content Core Node.

What is permanently sealed is not the full article text — that resides in the platform's storage system — but its irreproducible cryptographic fingerprint.

This means any subsequent modification of the content, however minimal, would produce a completely different hash, making any alteration detectable.

On-chain registry includes: content hash, author public key, verifiable timestamp, and knowledge category. This information is public and auditable by anyone at any time.

No. Once an article has been sealed on-chain through a confirmed transaction in Kimiary Smart Chain, its hash is recorded immutably on the chain.

The CooBook team has no technical mechanism to alter that record — doing so would require modifying an already confirmed block, which the network would automatically reject for cryptographic inconsistency.

What the team CAN do: Manage content visibility on the platform interface — for example, hide content that violates terms of service.

But the on-chain record remains regardless of what happens on the presentation layer.

This distinction is important: immutability is a property of the blockchain registry, not necessarily of the user interface presenting it. The content hash will still exist on the chain even if the article is not visible on coobook.org.

KSC's identity system uses a privacy-by-hashing approach that guarantees authors' real personal data is never stored on the blockchain or any CooBook server.

During the registration process, author data goes through multiple rounds of hashing with SHA3-512 — a mathematically irreversible function — so only the cryptographic fingerprint of that data exists in the system.

Given the hash, it's computationally impossible to recover the original data.

What is recorded on-chain is the author's Dilithium3 public key, which acts as their verifiable digital identity.

Any article signed with the private key corresponding to that public key is mathematically attributable to that author, without revealing any personal data in the process.

The author controls their identity — if they decide to publicly reveal that a certain public key belongs to them, they can, but the system never forces or reveals it by default.

Entropy in cryptography measures the randomness of a key or process — the more entropy, the harder it is to predict or reproduce the result.

The NIST minimum for post-quantum cryptography is 256 bits.

KSC generates approximately 1,040 bits of entropy during user registration — four times the minimum required.

This entropy comes from multiple sources combined using a CSPRNG — Cryptographically Secure Pseudo-Random Number Generator — which is the primary source of randomness.

The entropy excess is not redundant: it acts as a security margin that guarantees that even if some entropy source turned out to be less random than expected, the final result remains cryptographically secure.

It's comparable to a bridge designed to support 10 times the maximum expected weight — excess capacity is a guarantee of robustness, not waste.

User private keys are never transmitted or stored in plain text in any system.

The protection process uses a combination of:

• Kyber768 to generate an ephemeral symmetric key
• ChaCha20-Poly1305 to encrypt the private key with that symmetric key

The encrypted result is stored in the Identity Core Node.

To access their own private key, the user must sign a request with their password and obtain authorization from 5 random validators through the blind authorization scheme — validators approve access without ever seeing the key content.

No one else — not other users, not Core Nodes, not the CooBook team — can access a user's private key without going through this authorization process that requires the owner's active participation.

If the user loses their password and recovery seed phrase, the key is irretrievable by design.

The KSC seed phrase is a set of 12 recovery words generated completely independently from the registration process — it's not derived from user hashes or any other system data.

This independence is critical: if the seed phrase were derived from the registration process, knowing the original inputs would allow regenerating it.

The independent generation guarantees that the seed phrase can only be known at the moment of its creation and its subsequent authorized query.

Difference from MetaMask:

• MetaMask: seed phrase is shown once and stored locally
• KSC: seed phrase is generated, shown to the user with clear warning to save it, and subsequently can only be queried by executing a specific smart contract requiring signature with the user's private key

Each query is recorded on-chain as an immutable transaction, creating an auditable history of seed phrase accesses.

KSC's modular architecture with specialized Core Nodes is precisely the answer to the scalability problem.

Instead of all nodes processing all transaction types — the generalist blockchain model — each Core Node is optimized for its specific operation type.

The Content Core Node, which handles the highest transaction volume since each PDF opening and purchase generates an on-chain registry, is designed for high throughput with low cost per individual transaction.

BLAKE3 for block hashing significantly contributes to performance — its massive parallelization capability across multiple CPU cores makes it up to 14 times faster than SHA3 on modern hardware.

The smart mempool with intelligent transaction batching, planned for Phase 2, will group multiple low-value transactions into efficient blocks to optimize chain capacity usage.

KSC smart contracts are programs that execute automatically on the blockchain when predefined conditions are met, with no possibility of external interference once deployed.

Critical ecosystem contracts:

• Private key access contract — Manages the 5-validator authorization process to release an encrypted key
• Seed phrase reveal contract — Requires owner signature and records each query on-chain
• NFT sale contract — Manages the 60-second timer system and ownership transfer
• Governance voting contract — Defines parameters for each vote and records the result immutably
• Genesis registry contract — Maintains the directory of authorized Core Nodes and can only be modified through approved vote

Once deployed, all these contracts execute their logic deterministically and immutably — neither the CooBook team can stop or modify their behavior.

The bridge between Polygon and Kimiary Smart Chain is a unidirectional migration mechanism that guarantees each NFT's uniqueness across blockchains.

The technical process:

1. A smart contract on Polygon verifies ownership and executes the NFT's burn — destruction
2. This generates a verifiable transaction hash
3. That hash is transmitted to KSC's NFT Core Node
4. It's used as cryptographic proof of the Polygon burn to generate the new NFT on KSC via Dilithium3 signature

The new NFT's ownership on KSC is cryptographically linked to the Polygon burn hash, creating a traceable migration history anyone can verify.

The unidirectional design is deliberate: there is no path back from KSC to Polygon, eliminating the risk of the same NFT existing simultaneously on both chains — the most common attack vector in bidirectional bridge systems.

Grover's algorithm is a quantum algorithm that accelerates unstructured search, effectively halving the security bits of hash functions.

KSC's response:

• SHA3-512 with 512-bit output maintains 256-bit post-Grover security — the maximum level recommended by NIST
• BLAKE3 with 256-bit maintains 128-bit post-Grover security, sufficient for the target security level of block chaining

Unlike Shor's algorithm that completely breaks classical elliptic curve cryptography, Grover only weakens without destroying hash functions — the solution is to use hash functions with twice the bits of the desired security level, exactly what KSC implements.

KSC's cryptographic primitives were selected with both known quantum algorithms in mind, guaranteeing security in the full post-quantum era, not just against a partial quantum threat.

KSC is structured as a Rust Cargo Workspace — the language's native project management system — with multiple independent crates, where each crate is a module with clearly delimited responsibilities that communicates with others through well-defined interfaces.

This modular architecture has direct security advantages:

• No crate has access to another's internals beyond its public interface
• This limits the scope of any potential vulnerability
• An error in the marketplace module, for example, cannot directly affect the cryptography module

Their communication interfaces are strict and verified at compile time.

This separation of responsibilities is standard practice in critical software development and is especially important in blockchain where the cost of an error can be irreversible.

User comments on CooBook are not recorded on-chain to avoid overloading the network with low-economic-value transactions.

However, each comment can be signed with the user's Dilithium3 private key, generating a cryptographically verifiable signature using their on-chain public key.

This replicates the Sign-In with Ethereum model but with post-quantum cryptography: anyone can verify that a specific comment was issued by the owner of a public key registered on KSC, without that comment being stored on the blockchain.

In case of authorship or content dispute, the comment's signature can be presented on-chain as evidence in a governance transaction.

The result is a system where off-chain is convenient and economical but not anonymous or falsifiable.

This is a question that deserves an honest answer.

Ethereum has years of independent audits, thousands of security researchers who have analyzed its code, and a history of vulnerabilities discovered and corrected that have hardened the system.

KSC starts from scratch and no operational history can substitute that level of accumulated scrutiny.

The design strength and cryptographic primitives' mathematical robustness are necessary but not sufficient — the specific implementation needs independent audit by third parties specialized in post-quantum cryptography before handling real value at scale.

The roadmap explicitly includes this audit in Phase 3, along with:

• P2P network penetration testing
• Formal verification of cryptographic protocols
• Public bug bounty program

Being transparent about this difference is part of the project's technical honesty commitment — real security is built with time, external scrutiny, and vulnerability correction, not just good initial design.

The long-term value of the NFT Access Pass is directly linked to the real utility of the network it operates on.

Unlike NFTs on general-purpose blockchains where the NFT is an asset independent of infrastructure, CooBook's Access Pass has its governance rights, validator role, and platform benefits coded on the native blockchain specifically designed to sustain them.

This creates an alignment of incentives between KSC's technical robustness and the NFT's value:

• If KSC is technically robust, secure, and well-governed, the Access Pass rights have real value
• If KSC fails technically, the Access Pass loses its utility

This alignment incentivizes holders to actively participate in governance to ensure the network's technical decisions are correct — exactly the behavior that makes a decentralized system work well long-term.

CooBook is not an open platform where anyone can publish without filter — that model exactly replicates the misinformation problem the platform seeks to solve.

To become a verified author, the candidate must demonstrate real professional credentials in the knowledge area they wish to publish about. This includes:

• University degrees
• Recognized professional certifications
• Demonstrable industry trajectory
• Or a combination of these

The verification process evaluates the legitimacy of credentials and the coherence between the candidate's professional profile and the thematic areas they request to publish in.

A doctor can publish on health and neuroscience, but not on software engineering if they have no training in that area.

This restriction is not arbitrary — it's the guarantee that makes CooBook's content have a level of rigor that differentiates it from any open publishing platform.

The process combines human credential verification with immutable cryptographic registration on the blockchain.

Once the author's credentials are validated by the CooBook team, the author links their professional identity to their wallet via their Dilithium3 signature.

This link is recorded on-chain in the Identity Core Node:

• The author's public key is permanently associated with their verified professional category
• Their area of expertise
• Their publication history

From that moment, any article signed with that private key is mathematically attributable to that verified author, with no possibility of forgery.

The author's reputation history — number of articles published, community scores, validation history — is built on-chain in a public and auditable way.

This record is immutable: once an author has a positive history on the chain, no one can delete or alter it.

Current library categories cover Science, Technology, Humanities, Health, and Education — areas representing the core of verifiable professional knowledge with the highest demand for reliable sources.

Expansion to new categories is precisely one of the clearest use cases for the governance system:

NFT Access Pass holders can propose and vote on the incorporation of new thematic areas — Law, Economics, Engineering, Art, Social Sciences — following the 72-hour voting process described in the Governance section.

This connection between the library structure and governance system is fundamental:

The NFT Access Pass doesn't just give access to existing content but real power over how the library evolves in the future.

A holder who considers their professional area underrepresented has the formal mechanisms to change that.

CooBook's quality strategy operates on three complementary layers:

Layer 1: Entry barrier

Only authors with verified credentials in their area can publish, which eliminates by design most sources of misinformation.

Layer 2: Community validation

NFT Access Pass holders participate in on-chain content validation, acting as a decentralized peer-review layer where validators with positive reputation history have greater relative credibility.

Layer 3: Immutability as accountability tool

Once published, content and authorship are permanently sealed on-chain. If an author publishes incorrect information that is later discredited, that history is publicly recorded and affects their on-chain reputation irreversibly.

This permanent accountability creates a structural incentive for accuracy that doesn't exist on platforms where content can be edited or deleted.

Once sealed on-chain, the original content hash is immutable — it cannot be modified or deleted from the blockchain record.

However, the system distinguishes between immutability of the record and live content management.

If an author needs to correct a factual error or update outdated information, they can publish a new version of the article — which generates its own new hash and timestamp — with an explicit reference to the previous version.

The on-chain record maintains the complete version history: the original, with its date and signature, and all subsequent updates with their respective dates.

This creates an unprecedented level of editorial transparency — any reader can see not only the current version of an article but its complete modification history, who made changes, and when.

On traditional platforms, editing an article erases the trace of what it said before. On CooBook, that trace is permanent.

CooBook is designed to manage multiple content formats with on-chain verification for each:

Articles and professional guides — Structured text with academic or technical rigor.

Documents and reports — Studies, papers, research, sector analyses — sealed with unique hash proving existence, authorship, and date without depending on third parties like notaries or institutional registries.

Courses and training programs — Particularly relevant format: the author creates structured educational content, course completion is certified on-chain, and the diploma or credential is permanently recorded on the blockchain — a certificate no institution can revoke or falsify.

Multimedia content — Videos, podcasts, audiovisual content — can also be registered with on-chain existence proof, protecting intellectual authorship for creators working in non-text formats.

CooBook courses share the library's knowledge access philosophy but add a certification layer that no traditional platform can offer.

On Coursera or Udemy:

• A completion certificate is a PDF issued by the platform
• If the platform closes, the certificate loses institutional backing
• If the company decides to revoke certificates, it can
• If someone falsifies a certificate, verification depends on the platform responding to verification queries

On CooBook:

Course completion generates an on-chain transaction signed by the Content Core Node that permanently records:

• What course was completed
• Who completed it
• When
• The verified author's signature who designed the course

This record is public, verifiable by any employer or institution without needing to contact CooBook, and remains valid regardless of what happens to the company or platform.

Intellectual property protection on CooBook operates through on-chain existence proof — the most robust currently available mechanism for establishing authorship priority.

When an author publishes content, that content's hash is recorded on Kimiary Smart Chain with their Dilithium3 signature and a verifiable timestamp.

This record constitutes cryptographic proof that that author produced that exact content on that precise date.

In authorship disputes, this proof is mathematically irrefutable: whoever has the oldest on-chain record for a specific content hash is the demonstrable original author.

Additionally, authors retain full control over their works — CooBook does not acquire rights to published content.

Authors can set usage licenses, monetize through the content marketplace, and receive automatic royalties on resales — all managed by smart contracts without intermediaries who can unilaterally modify agreed terms.

When a reader sees an article on CooBook with the "Verified on-chain" seal, they can query Kimiary Smart Chain's public registry to independently verify three things:

First: That the content hash they're reading matches the registered on-chain hash — if someone modified the article after original publication, the hashes won't match and the reader will detect it.

Second: That the author's Dilithium3 signature is valid and corresponds to the verified author public key registered in the Identity Core Node.

Third: That the on-chain timestamp establishes exactly when that content was published.

This verification doesn't require trusting CooBook as an intermediary — anyone with access to KSC's block explorer can perform it independently.

It's mathematical verification, not institutional.

CooBook's author monetization model eliminates intermediaries that typically retain between 30% and 70% of revenue on traditional platforms.

Authors can monetize their content in several ways managed by smart contracts:

Direct sale of premium course access — Payment is automatically transferred to the author without CooBook acting as intermediary.

Usage licenses for documents and studies for companies or institutions wanting access to specialized content.

Automatic royalties on resales — Each time a user resells their course access to another user, the author receives a percentage defined in the original smart contract.

These royalties execute automatically — the smart contract detects the resale transaction and transfers the corresponding percentage to the author without either party being able to evade or unilaterally modify it.

A professional who acquires the NFT Access Pass before becoming a verified author gets concrete advantages that go beyond content access:

Depending on the tier:

• Early access to new courses and publishing tools before the rest of the platform
• Positions themself in new thematic areas before they become saturated

Higher tiers include:

• Direct consultations with CooBook's technical team
• Can accelerate credential verification process
• Optimize content strategy

Governance participation allows influencing which new knowledge categories open, favoring their area of expertise.

On-chain verified badge of their tier adds an additional layer of credibility to their author profile — in an ecosystem where reputation is built publicly on-chain, being a high-tier NFT holder signals commitment to the project from its foundational stages.

Published on-chain content is permanent and independent of the author's relationship with the platform.

If an author decides to leave CooBook, their already published articles remain on the blockchain with their registered authorship — they cannot be deleted by the author, CooBook, or anyone.

Readers continue to have access to the content and authorship attribution remains intact forever.

If the author dies, their on-chain history is a permanent legacy of their intellectual work — more durable than any profile on a centralized platform that can close or decide to delete inactive accounts.

What CAN happen is the author stops publishing new content and their on-chain reputation stops growing, but what's already built is irrevocable.

This permanence is especially relevant for researchers and academics whose work has intellectual value that transcends their relationship with any specific platform.

The business and institutional use case is one of CooBook's strongest because it solves real problems companies face daily.

Corporate knowledge management

A company can publish internal procedures, technical manuals, and process documentation on CooBook with on-chain sealing, guaranteeing an immutable record of which version of each document was in force at each moment — critical in regulated sectors like finance, pharma, or legal.

Employee training and certification

Corporate courses can be deployed on the platform with on-chain completion certification verifiable by external auditors without depending on the company providing documentation.

Corporate intellectual property protection

Internal studies, market research, and technical developments can be registered with existence proof establishing priority in patent or authorship disputes.

CooBook is designed so verification is accessible regardless of the reader's technical level.

On the platform interface, each article displays its "Verified on-chain" seal with the visible truncated hash — for example 0x7f3a... — and a verification status indicator.

With a single click, the reader can access the public record of that specific transaction on KSC's block explorer, where they'll see the complete hash, author signature, timestamp, and validation status.

They don't need to understand cryptography to interpret the result: the explorer presents the information legibly, clearly indicating whether the content they're reading matches what was originally registered.

It's comparable to verifying a notary's seal — the reader doesn't need to understand the notarization process to trust the seal, they just need to be able to verify the seal exists and is authentic.

Wikipedia is an admirable project of knowledge democratization with a structural problem: anyone can edit any article, the edit history is available but hardly auditable for non-technical readers, and the authority of editors isn't linked to verifiable external credentials.

Editorial decisions are made by anonymous editors whose real expertise is impossible to verify.

クックブック inverts this model:

• Only authors with verified professional credentials can publish
• Authorship is cryptographically linked to a real professional identity
• Content cannot be modified without creating a traceable new version
• Authenticity verification is available to any reader in real-time

Wikipedia is invaluable as an entry point to general knowledge.

CooBook is positioned for specialized professional knowledge where source verifiability is critical — medical diagnoses, legal advice, engineering technical analysis, applied scientific research.

The on-chain versioning system is the answer to this problem.

When an author updates an article because scientific evidence has evolved or technical information has become obsolete, they publish a new version that explicitly references the previous one.

On CooBook's interface, the reader clearly sees whether they're reading the most recent version or a previous one, with the date of each update.

The complete version history is public and accessible — the reader can compare what changed between versions and why.

Additionally, NFT Access Pass holders who participate in content validation can flag articles requiring updates, creating a community mechanism for maintaining knowledge relevance.

This system is superior to platforms where outdated content simply coexists with current content without any clear indication of its currency status.

CooBook's on-chain certificates are cryptographically verifiable documents that any employer or institution can validate independently in real-time.

When a student completes a course, the Content Core Node records a transaction including:

• Course identifier
• Student's public key
• Completion date
• Verified author's signature of the course
• Score or completion level if applicable

The student can share their certificate as a transaction hash or a link to KSC's block explorer — any employer with internet access can verify in seconds that that person completed that specific course on that date, with that verified author, without needing to contact CooBook or wait for any verification department response.

In a job market where certificate falsification is a growing problem, this level of instant verifiability has immediate practical value.

Yes, and the institutional use case is particularly powerful.

A university publishing research materials on CooBook gets:

• Immutable record of each work's production date — relevant for priority disputes in scientific discoveries
• Their researchers have on-chain verified profiles that reinforce their academic credibility beyond the institution's internal reputation system

Official courses can be on-chain certified with the cryptographic backing of the institution, creating certificates that are globally verifiable without depending on each university's own verification systems.

For institutions in countries where academic verification systems aren't globally accessible or are difficult to query, this opens the possibility of their credentials being recognized internationally with the same level of verifiability as any other institution registered on the chain.

The institutional incorporation process requires additional verification of the institution's legitimacy before on-chain registration.

Professionals with the greatest immediate benefit are those in fields where source verifiability is critical for the knowledge receiver.

Health professionals — doctors, psychologists, nutritionists, physiotherapists — who publish educational content have a constant problem: their audience can't easily distinguish their verified content from pseudoscientific content from any unsupported blog.

On-chain signature linked to verified credentials solves this problem.

Software engineers and technicians documenting technical solutions establish cryptographic authorship of their work — relevant in a field where code and documentation plagiarism is common.

Lawyers and legal advisors publishing analysis of regulations establish temporal records of their interpretations — useful in jurisdictions where the analysis date is relevant.

Researchers and academics who want to establish priority in ideas before going through the slow traditional academic publication process have in CooBook a fast, prior registration mechanism that's irrefutable.

Reader access is completely free and without barriers — it requires no registration, no wallet, no blockchain knowledge.

Anyone anywhere in the world can read all articles in CooBook's library, verify their authenticity on-chain if they wish, and access verified professional author knowledge without any cost or friction.

The NFT Access Pass is not a knowledge access barrier — it's a key to active participation in the ecosystem.

What differentiates a reader without NFT from a holder is the set of active functions:

• The holder validates content on-chain
• Votes in governance
• Accesses exclusive courses
• Receives verified badges
• Participates in building the platform's future

This distinction is fundamental to CooBook's positioning: knowledge is a public good of free access, and the NFT is the membership for those who want to be part of its governance and evolution.

This is the most important question any user should ask before placing trust in any knowledge platform.

CooBook's answer is the strongest possible: content registered on Kimiary Smart Chain exists independently of the company.

If Project Kimiary OÜ closed tomorrow, the hashes of all published articles, all author signatures, all completed course certificates, and all NFT ownership records would still exist on the blockchain, accessible to anyone who queries the chain's history.

What would disappear is the coobook.org interface — the presentation layer — but not the on-chain registered data.

Any developer could build a new interface that queries the same blockchain registry and presents the same content.

This architectural resilience to business failure is impossible on centralized platforms where content lives on company servers: if the company closes, the content disappears.

The author verification process includes the explicit definition of thematic areas each author is authorized to publish in, based on their verified credentials.

This authorization is recorded on their on-chain profile.

The system validates that each new article corresponds to the author's authorized areas before allowing on-chain sealing.

A doctor verified in neurology cannot publish under their verified profile a software engineering article — the system would detect it as inconsistent with their registered authorization area.

If a professional wants to expand their publishing areas, they must go through an additional credential verification process for that new area.

This restriction may seem limiting but it's precisely the guarantee that makes the verification seal valuable — a "verified author" on CooBook means verified in their area of expertise, not simply that they're a real person.

The corporate credential verification use case has direct applications in onboarding, regulatory audits, and talent management.

A company can verify candidate or employee on-chain credentials by querying their public KSC profiles — without needing to request physical documentation, wait for institutional responses, or hire background verification services.

Completed course certificates on CooBook are verifiable in seconds from any device.

For companies in regulated sectors that need to demonstrate to auditors that their employees have required certifications, the on-chain record provides immutable, timestamped evidence that no auditor can question — it doesn't depend on the company's good faith in document preservation but on a blockchain record verifiable by third parties.

Long-term, as more educational and training institutions integrate CooBook, this system could become a globally accessible credential verification layer without institutional intermediaries.

The on-chain existence proof mechanism works identically for any type of digital file, regardless of format.

An educational video, technical podcast, course slide deck, conference recording — any digital file produces a unique BLAKE3 hash that serves as its irreproducible cryptographic fingerprint.

This hash, along with the creator's signature and timestamp, is recorded on-chain exactly like for a text article.

The practical difference is that the multimedia file itself isn't stored on the blockchain — doing so would be technically unfeasible due to size — but in the platform's storage system.

What's stored on-chain is the cryptographic proof that that specific file existed on that date with that authorship.

If the file is later modified, its hash changes and the on-chain proof no longer corresponds to the modified file — alteration is automatically detectable.

In its initial phase, Kimiary Smart Chain operates with the 5 specialized Core Nodes described in the previous section — Identity, Content, NFT and Marketplace, Governance, and Backup Validation — all registered in the genesis block with their Dilithium3 public keys.

It's important to be honest about what this means: a network with 5 nodes controlled by the founding team is not decentralized in the full sense. It's a centralized network with decentralized architecture — designed from its origin so decentralization is the natural destination, not a later addition.

The critical difference from other platforms making similar promises is that in KSC, decentralization is not a team promise but a protocol-coded property: any new node addition requires governance vote, and existing Core Nodes cannot act unilaterally without the M-of-N threshold scheme that the community will approve in its first formal vote.

Honesty about the current state is part of the project's technical commitment.

Genuine decentralization in a blockchain requires three simultaneous conditions: geographic distribution of nodes, diversity of independent operators, and absence of single control points that can be compromised or censored.

No serious blockchain achieved these three conditions from day one — not Bitcoin, not Ethereum. Bitcoin took years to develop a node network sufficiently distributed to be resistant to coordinated attacks. Ethereum started with a small validator set and gradually expanded.

The difference between projects that genuinely decentralize and those using decentralization as marketing is architecture from the origin: does the protocol allow decentralization without requiring fundamental redesign?

In KSC, the genesis registry, on-chain governance system, and M-of-N scheme for Core Nodes are specifically designed so adding independent operators is a native protocol process, not a later patch.

The process of incorporating new Core Nodes is governed by the same voting system described in the Governance section — it requires a formal proposal, 72 hours of voting among NFT Access Pass holders, and approval by weighted majority.

What's voted on is both the need for the new node and its specific Dilithium3 public key — "more nodes" isn't approved generically, but this specific node with this concrete cryptographic identity.

Once approved, the new operator's public key is added to the genesis master smart contract and the node begins to be recognized by the entire network.

In advanced roadmap phases, the third-party Core Nodes program will open the possibility for external operators — companies, institutions, technically capable individuals — to request operating their own nodes, expanding the network beyond the founding team.

This program is subject to community approval through governance.

The M-of-N scheme is a cryptographic threshold mechanism where M signatures out of the total N Core Nodes are required to authorize critical network operations.

The fundamental principle is that compromising a single Core Node — even the most important — is insufficient to attack the network.

If the governance-approved configuration were, for example, 3 of 5, an attacker would have to simultaneously compromise 3 different Core Nodes to execute unauthorized operations.

In practice, Core Nodes operate on separate infrastructures, with private keys stored in isolated ways, making compromising multiple nodes simultaneously require a level of sophistication and resources beyond most malicious actors.

The exact parameter — how many of how many — will be determined by the community's first formal governance vote, precisely because it's a decision that affects the security-operability balance of the entire network.

This question directly connects with the deepest reason for using blockchain for a knowledge project.

If Project Kimiary OÜ closed for any reason — bankruptcy, strategic decision, external circumstances — KSC on-chain records are completely independent of the company's existence.

All published article hashes, all verified author signatures, all completed course certificates, all NFT ownership records, and all governance decisions recorded on-chain would still exist on the blockchain and be accessible to anyone querying the chain's history.

What would disappear is the coobook.org web interface and the company's operational services.

But since KSC's protocol is open source and data is on the public chain, any developer or institution could build a new interface accessing the same records and presenting the same verified content.

Knowledge permanence doesn't depend on company permanence — that's the fundamental guarantee no centralized platform can offer.

CooBook Access Pass NFTs are on-chain records on Kimiary Smart Chain — they're not data stored on company servers.

Each NFT's ownership is recorded as an immutable transaction on the chain, cryptographically linked to the holder's wallet via their Dilithium3 signature.

If the company disappears, the holder remains the cryptographic owner of their NFT because that record exists on the chain independently of any company action or inaction.

Governance rights coded in the genesis smart contract also survive — they're protocol rules, not revokable company policies.

What could be affected are operational benefits that depend on company infrastructure — platform course access, support, consultations — since these require the company to be operational to deliver them.

This honest distinction between permanent on-chain rights and company-dependent operational benefits is important for any buyer to understand before acquiring an Access Pass.

KSC's resistance to coordinated attacks rests on several simultaneous protection layers:

• Post-quantum Dilithium3 cryptography makes it mathematically impossible to forge signatures or impersonate identities registered in the genesis, even with advanced quantum computational resources
• M-of-N scheme for Core Nodes guarantees that compromising a single node is insufficient — simultaneously compromising M nodes with separate infrastructures and keys is required
• One user — one NFT rule prevents Sybil attacks on the validation system where an actor tries to control multiple votes by buying multiple stakes
• BLAKE3 block chaining makes altering chain history require recalculating all subsequent blocks, an operation the network detects and rejects instantly

None of these mechanisms is infallible in isolation — real security emerges from their combination, and the independent audit planned in the roadmap is designed precisely to identify vulnerabilities in that combination before mainnet launch.

During the initial phase, the network honestly acknowledges its decentralization limitations and mitigates them with compensatory mechanisms:

• Backup Validation Core Node guarantees the network never stops due to low user activity
• M-of-N scheme, once approved by governance, guarantees no single node can act unilaterally even within the initial set
• Rust implementation eliminates entire classes of implementation vulnerabilities unrelated to node distribution but to code quality
• Immutable genesis registry guarantees no unauthorized nodes can be introduced without community public knowledge
• Radical system transparency — where all records are public and auditable — means any anomalous behavior by initial nodes would be detectable by any community member in real-time

Security during the initial phase is real but different in nature from a fully decentralized network's security — it's security based on transparency and public accountability rather than control distribution.

Censorship resistance means no single actor — not the CooBook team, not a government, not a group of powerful holders — can prevent a valid record from being added to the chain or delete an existing record.

In KSC this property is guaranteed through several protocol properties:

• On-chain content has an immutable hash chained to all subsequent blocks — deleting it would require modifying the entire chain, an operation the network automatically rejects
• A new valid record — a correctly signed transaction by a key registered in the genesis — must be processed by validators; the protocol has no mechanism for Core Nodes to selectively reject valid transactions without being detected, since rejected transaction history is also auditable

As the network decentralizes with more independent operators, censorship resistance grows — censoring a transaction would require coordination of all node operators, coordination that becomes exponentially harder with each independent node added.

KSC's Core Node architecture is designed to grow modularly without requiring redesign of the base protocol.

In the initial phase, the 5 specialized Core Nodes cover all critical ecosystem functions.

As transaction volume grows, additional Content Core Node instances — the highest volume — can be added to distribute load, each approved by governance and registered in the genesis.

In more advanced phases, the third-party Core Nodes program allows external institutions — universities, tech companies, open knowledge organizations — to operate their own specialized nodes, expanding the network's geographic and institutional distribution.

Each Core Node type can scale independently according to the ecosystem's specific needs, without affecting other types' operation.

This modularity is a direct consequence of KSC's separate Rust crates architecture described in the technical section — modules are decoupled by design.

Rust offers memory safety guarantees directly relevant to user data protection in KSC:

• Buffer overflows — one of the most common attack vectors in system software — are impossible in Rust by compiler design
• Use-after-free errors — where software tries to access already freed memory, potentially exposing other users' data — are also eliminated by Rust's ownership system
• Race conditions in concurrent code — where multiple processes access the same data simultaneously with unpredictable results — are detected at compile time

In KSC's specific context, this means the Identity Core Node — which manages users' encrypted private keys — is implemented in a language where entire classes of vulnerabilities that have caused the most devastating hacks in software history are mathematically impossible.

This doesn't eliminate all possible risks, but eliminates the most common and most exploited in practice.

A real attack vector in any active-participation-based consensus system is low-activity attack: a malicious actor monitors when there are few users connected and acts at that time, when it's easier to control a larger proportion of the validator pool.

KSC has three lines of defense against this vector:

First: Backup Validation Core Node is always active and completes the 5-validator quorum when active users are insufficient — guaranteeing the network continues operating with legitimate validators even with zero users connected.

Second: On-chain validation pattern recording — validation history is public and auditable, allowing detection of statistical anomalies suggesting malicious coordinated behavior during low-activity periods.

Third (planned for advanced phases): Minimum activity threshold system before delegating to backup Core Nodes, guaranteeing that backup delegation activates additional supervision mechanisms.

KSC's separate primitives architecture — where each algorithm has a specific function and there's no circular dependency between them — is precisely the answer to this risk.

If a specific primitive were compromised, the others maintain their integrity independently:

• If BLAKE3 for block hashing were compromised, Dilithium3 signatures would remain valid and keys would remain protected with ChaCha20-Poly1305

The protocol can update individual primitives through governance vote — a new cryptographic standard can be adopted without redesigning the entire architecture.

This cryptographic update process is possible precisely because cryptography is modularized in separate Rust crates, and because the on-chain governance system provides the formal mechanism for the community to approve security updates.

In the specific case of Dilithium3 and Kyber768 — the most critical algorithms — their adoption as NIST 2024 standards means they have undergone years of cryptographic scrutiny by the global academic community before being selected.

KSC's security audit is designed as a multi-layer process with independent external participants:

The main post-quantum cryptography audit must be performed by specialists with specific expertise in NIST 2024 algorithms — not any blockchain security auditing company has the technical capability to correctly audit Dilithium3 and Kyber768 implementations.

In addition to the formal audit process, the public bug bounty program invites any security researcher worldwide to identify vulnerabilities in exchange for rewards, creating a distributed scrutiny layer that complements centralized audit.

Formal verification of cryptographic protocols — a mathematical process where code behavior is formally proven correct, not just empirically tested — adds a third validation layer.

All audit results are published publicly, including vulnerabilities found and corrections implemented — transparency in the security process is as important as security itself.

Personal data protection in KSC is designed under the principle that even if a Core Node were completely compromised, the attacker won't obtain usable personal data.

User personal data goes through multiple SHA3-512 rounds during registration — a mathematically irreversible function with 512-bit output and 256-bit post-Grover security.

What's stored on-chain is not the data but its cryptographic fingerprint, from which recovering originals is computationally impossible.

Private keys are stored encrypted with ChaCha20-Poly1305 using a symmetric key generated by Kyber768 — an attacker accessing the Identity Core Node would find encrypted keys without the decryption key, which is never stored alongside encrypted material.

The 5-validator blind authorization scheme guarantees that accessing keys requires the owner's active participation — a compromised Core Node alone cannot initiate that process.

This defense-in-depth architecture guarantees that compromising a single node is not equivalent to compromising user data.

Ethereum and Solana have genuinely high decentralization levels in terms of validator count and geographic distribution — this is a real strength that KSC in its initial phase cannot match.

The difference is not in the current decentralization level but in the cryptographic guarantees of what operating on each network means:

• An Ethereum validator operates with ECDSA — vulnerable to Shor's algorithm on advanced quantum computers
• Governance contracts on Ethereum use the same underlying cryptography

In KSC, every Core Node authenticated with Dilithium3, every governance vote signed with Dilithium3, and every NFT ownership record is protected with cryptography that remains secure in the post-quantum era.

Ethereum is more decentralized today. KSC's cryptography is more durable long-term. They are strengths in different dimensions — no network currently has both simultaneously, and KSC makes the bet that cryptographic durability is more valuable long-term than immediate decentralization breadth.

The bug bounty program is a security crowdsourcing mechanism where independent researchers receive economic rewards for identifying vulnerabilities before malicious actors exploit them.

The logic is simple: there are more security researchers in the world than developers on any team, and the best researchers have economic incentives to find problems if rewards are sufficiently attractive.

For KSC, bug bounty has special importance because post-quantum cryptography implementation in Rust is a very specific technical area where the number of global experts is limited — program rewards must be sufficiently attractive to attract those experts' interest.

Vulnerabilities found and corrected during bug bounty are published publicly after resolution, contributing to the post-quantum security community's collective knowledge and generating technical credibility for the project.

This public history of vulnerabilities found and corrected is paradoxically a signal of security maturity, not weakness.

The modular architecture of specialized Core Nodes includes resilience mechanisms for temporary failures.

The Backup Validation Core Node — always active monitoring network status — can assume basic processing functions while a specific Core Node is temporarily inoperable.

Transactions requiring the affected Core Node — for example, NFT sale transactions if the Marketplace Core Node goes down — remain in the pending mempool until the node recovers, without being cancelled or lost.

Block chaining guarantees that once the node recovers, chain state is consistent — no divergent versions of history can exist if recovery follows the correct protocol.

System transparency allows any user to detect when a Core Node is offline by querying the block explorer, creating public accountability over infrastructure availability.

The relationship between decentralization and NFT value is direct and bidirectional.

As KSC decentralizes with more independent operators, the permanence guarantee for on-chain rights becomes more robust — Access Pass rights depend less on the good operation of a few nodes and more on the distributed mathematics of many.

Simultaneously, NFT Access Pass holders are the main actors governing the decentralization process — they vote on which new Core Nodes are incorporated, approve the third-party nodes program, and define the M-of-N scheme that determines how many nodes must collaborate for critical operations.

Perfect incentive alignment exists: holders want KSC more decentralized because that makes their rights more permanent, and the mechanism to achieve that decentralization goes through their active participation in governance.

The NFT is not just an asset that benefits from decentralization — it's the key to building it.

That KSC's protocol is open source means any technically capable person can:

• Inspect the code executing each Core Node
• Verify that the system's actual behavior matches technical documentation
• Identify vulnerabilities and contribute to their correction
• Fundamentally: build alternative protocol implementations that access the same on-chain data

This last property is the most powerful guarantee for users: if CooBook disappeared and someone wanted to rebuild the interface, protocol code is public and data is on the chain.

The combination of open source plus blockchain creates a situation where information and access rules are completely transparent and unmonopolizable.

No company can take knowledge registered on KSC and make it exclusive — it's on a public chain with a public protocol.

This is especially relevant for authors publishing their work: their intellectual property is not locked in any company's servers.

All Core Node activity is recorded on-chain and is auditable by anyone in real-time through KSC's block explorer.

This includes:

• Which transactions each Core Node processed
• What signatures it issued
• When it was active
• Whether there were attempts at unauthorized operations

A Core Node attempting to act outside its authorized parameters would produce signatures the network would reject — other node instances verify each operation's validity against the genesis registry.

Accountability is radical: no Core Node operation can occur without leaving an on-chain trace.

This transparency protects both users — who can detect malicious behavior — and Core Node operators themselves — whose correct operation is publicly verifiable, generating trust without requiring users to trust the company's word.

On-chain certificates are records on Kimiary Smart Chain — they're not documents stored on CooBook servers.

When a student completes a course, the certification transaction is recorded with the course identifier, student public key, timestamp, and Content Core Node signature.

This record is permanent and independent of any platform changes.

If CooBook redesigns its interface, updates its systems, changes technology, or even closes — the certificate remains verifiable by querying the chain's history.

If the course name changes in future platform versions, the on-chain record contains the immutable course identifier at certification time, not the name that might change.

This permanence is especially valuable for professional certifications presented in contexts where long-term verifiability is critical — a certificate issued today must be verifiable in 10 years without depending on any specific company still operating.

This is one of the most complex design tensions in any blockchain system, and KSC resolves it through a deliberate separation between what's public by necessity and what's private by right.

What's public on-chain:

• Public keys of users and authors
• Hashes of published content
• Transaction timestamps
• NFT ownership records
• Governance voting results

All this is necessarily public for the verification system to work.

What's never public:

• Real personal data of any user — these go through irreversible SHA3-512 during registration and are never stored in plain text in any system
• Private keys — always encrypted with Kyber768 plus ChaCha20-Poly1305 before any storage
• Transaction content that validators authorize through blind authorization

This separation is not a privacy policy promise but a cryptographic guarantee — private data is mathematically unrecoverable from the public, not just inaccessible by policy.

There's no universal threshold for sufficient decentralization — it's a continuous spectrum where more distribution always brings more resilience.

However, there are qualitative milestones that mark significant jumps in network resilience:

First: Implementation of the governance-approved M-of-N scheme — moment when no single node can act unilaterally.

Second: Incorporation of Core Nodes operated by third parties independent of the founding team — moment when operational control is no longer concentrated in a single organization.

Third: Geographic distribution across multiple jurisdictions — moment when no government or regulator can affect the network by pressuring a single legal entity.

Fourth: Opening to external validators on mainnet — moment when transaction validation distributes its pool beyond CooBook ecosystem users to the broader network.

Each of these milestones requires governance vote, and therefore depends on the active participation of the holder community.

The final guarantee is mathematical, not contractual.

An NFT Access Pass holder's rights — NFT ownership, governance rights, validator role — are recorded on Kimiary Smart Chain as Dilithium3 post-quantum cryptography signed transactions.

Revoking those rights would require modifying the chain's history — an operation the network automatically rejects for cryptographic inconsistency — or modifying the protocol through a governance vote where the holder themselves has voice and vote.

No technical mechanism exists that allows the CooBook team to revoke NFT ownership or suppress a holder's governance rights without going through that verifiable on-chain democratic process.

This guarantee is qualitatively different from any service contract or terms and conditions — it doesn't depend on a company keeping its word but on the laws of mathematics and cryptography being consistent.

As long as Kimiary Smart Chain operates with at least one active node in the world, rights registered on it are permanent.

CooBook's business model operates under a structured freemium principle where basic knowledge is free and added value is paid.

Articles, guides, and educational content in the library are free for any reader in the world without registration or wallet — this is simultaneously a philosophical and strategic decision.

Philosophical: Verified knowledge should be accessible.

Strategic: The free reader base is the audience asset that makes the ecosystem attractive for real revenue sources.

Revenue comes from multiple complementary sources:

• Premium content marketplace where professionals sell courses, PDFs, books, and specialized documents at prices they set
• Individual Premium memberships for readers wanting additional benefits
• Institutional sponsors of knowledge areas in the library
• Blockchain infrastructure as a service for companies needing on-chain sealing and document encryption
• NFT Access Pass as foundational funding source
• Future: content resale marketplace commissions

Each source is independent of the others — sustainability doesn't depend on any single source dominating.

The CooBook library is organized into 10 major knowledge areas: Formal Sciences, Natural Sciences, Health Sciences, Social Sciences, Humanities, Applied Sciences and Technology, Arts and Creative Expression, Education and Pedagogy, Economics and Business, and Interdisciplinary and Emerging Knowledge.

Each area can be sponsored by a company or institution whose activity relates to that field.

Examples:

• A pharmaceutical laboratory sponsoring Health Sciences
• A strategic consulting firm sponsoring Economics and Business
• A university sponsoring Education and Pedagogy

The sponsorship appears visibly in the corresponding library section with the sponsor's logo and description.

This model is similar to sponsored pavilions in museums or university chairs funded by companies — the sponsor gains visibility before a highly qualified and sector-relevant audience, while the platform gains recurring revenue without compromising editorial content independence.

CooBook's marketplace is the main income engine for professionals on the platform and a significant revenue source for the ecosystem.

Verified authors can publish and sell:

• Complete structured courses with on-chain certification upon completion
• Academic books and documents in PDF format with cryptographically controlled access
• Specialized professional guides at author-established prices
• Corporate training programs designed for companies
• Access to original research materials

The price of each product is freely set by the author — CooBook doesn't set prices or have a uniform pricing policy.

The marketplace also functions as a digital bookstore where users can discover, acquire, and collect verified knowledge in multiple formats.

The commission CooBook retains from each transaction is the platform's revenue source — the rest goes directly to the author via smart contract, without additional intermediaries eroding creator income.

This is one of CooBook's most powerful technical differentiators compared to any existing content distribution platform.

The process:

1. When an author publishes a document, book, or PDF in the marketplace, the file is encrypted using ChaCha20-Poly1305 with a unique system-generated key
2. That encryption key is encapsulated with Kyber768 linked to the buyer's public key — meaning only the buyer's private key can decrypt the document's encryption key
3. The encrypted document is registered on-chain on Kimiary Smart Chain
4. When the buyer wants to open the document, the system on-chain verifies that the public key is the legitimate ownership accessor
5. Only then is decryption released on the buyer's device

If the document is leaked or illegally distributed, the recipient doesn't have the original buyer's private key — the encrypted file is completely unusable without it.

This protection isn't traditional DRM that can be broken with software — it's mathematically resistant post-quantum cryptography.

Leaking a CooBook encrypted document is technically equivalent to distributing an unusable file.

Anyone receiving the leaked document without being the on-chain registered owner of access rights finds an encrypted file they cannot open without the original buyer's private key.

No software, brute force attack, or known method exists that can decrypt ChaCha20-Poly1305 with Kyber768 without the correct key in computationally viable time — even with quantum computers, since Kyber768 is a NIST 2024 post-quantum standard.

Additionally, the on-chain registry allows tracing the document's ownership chain — if the original buyer distributes their private key along with the document, that action is on-chain traceable and constitutes a terms-of-use violation with irrefutable cryptographic evidence.

The system doesn't eliminate the possibility of a buyer intentionally sharing their access, but it makes massive unauthorized redistribution technically unviable that destroys the content's economic value.

The enterprise use case for KSC's on-chain encryption solves one of the most expensive problems for modern organizations: theft or leakage of confidential documents.

A company registering strategic reports, market studies, contracts, technical manuals, or intellectual property on KSC with Kyber768 encryption obtains a guarantee no traditional document management system can offer.

Each document is encrypted linked specifically to authorized persons' public keys — if an unauthorized employee or external attacker obtains the file, what they have is unusable data.

If an authorized employee extracts and leaks the document outside the organization, the on-chain record shows exactly which wallet accessed the document, when, and how many times.

This cryptographic traceability is irrefutable digital evidence in legal proceedings.

For regulated sectors — financial, healthcare, legal, governmental — where confidentiality breaches have serious legal consequences, this protection has direct, quantifiable economic value.

KSC's multi-user access system allows a document to be encrypted with access linked to multiple public keys simultaneously — one for each authorized person.

The company defines at publication or distribution time exactly which wallets have access rights, and that record stays on-chain.

Adding or revoking a specific employee's access requires an on-chain transaction signed by the company's authorized administrator — creating an auditable history of all permission modifications.

If an employee leaves the company, their access can be on-chain revoked so documents already distributed to their device become inaccessible in future sessions.

This level of granular control and complete auditability is superior to most existing corporate access management systems, which depend on password policies and centralized access controls that can be bypassed or leave no verifiable trace.

The economic difference is substantial.

Udemy: Retains 37-63% of each sale depending on how the buyer found the platform.

Coursera: Retains similar or higher percentages for instructors.

CooBook: Platform commission is significantly lower because the model doesn't require the massive centralized infrastructure of those platforms — smart contracts automate payment distribution, eliminating operating costs.

Additional advantages:

• The professional sets content price freely — no suggested prices or platform pressure toward permanent discounts
• Resale royalties — when a buyer resells their access to another user, the author automatically receives via smart contract (non-existent on traditional platforms)
• Intellectual property remains entirely with the author — CooBook acquires no rights to published content
• On-chain certificates students receive have independent verifiable value that enhances course attractiveness without additional author costs

Kimiary Smart Chain isn't exclusively CooBook's infrastructure — it's a blockchain with technical capabilities that have value for any organization needing immutable document sealing, authorship verification, or on-chain encryption of digital assets.

The infrastructure-as-a-service model allows external companies to use KSC for their own document protection, process certification, or intellectual property registration needs, paying for the on-chain transactions they generate.

Examples:

• A law firm wanting to register contracts with immutable timestamp
• A pharmaceutical company wanting to certify clinical trial results
• A government institution wanting to register official documents with verifiable existence proof

All these are KSC applications that generate network transactions and therefore revenue for the ecosystem.

This model transforms KSC from an exclusive-use blockchain to a general-purpose knowledge infrastructure, significantly expanding the revenue base beyond the CooBook ecosystem.

Revenue source diversification is the most robust sustainability guarantee any platform can have.

CooBook doesn't depend on any single revenue source whose disappearance could compromise operation.

If NFT Access Pass sales decrease after launch — expected in any project — content marketplace revenue, institutional sponsors, and infrastructure-as-a-service maintain operation.

If a knowledge area loses sponsors, other areas and direct content sales compensate.

This diversification also protects editorial independence — no individual sponsor represents such a large revenue percentage that their pressure could compromise verified content integrity.

Long-term, as the user and author base grows, marketplace revenue scales proportionally to activity — creating an organic growth model where sustainability improves with adoption, not dependent on continuous external funding rounds.

A university student has access to a verified knowledge source by real professionals that complements their academic training with practical and interdisciplinary perspective.

Library articles, written by active professionals in their fields, offer real-world perspectives traditional academic texts often lack.

Marketplace courses, designed by experts with demonstrable track records, provide applied skills university programs often take time to incorporate — especially in rapidly evolving fields like technology, artificial intelligence, or data science.

On-chain completion certificates are instantly and permanently verifiable by employers — a significant differentiator in the job market where credential verification is typically slow and opaque.

For students producing original work — research, studies, analysis — on-chain registration of their work establishes cryptographic authorship before formal academic publication, protecting them against possible plagiarism by peers or supervisors.

CooBook functions as a digital bookstore in the fullest sense — authors can publish complete books in digital format with direct reader distribution without traditional publisher intermediation.

How it works:

• An author publishing their book on CooBook sets their sale price
• Receives most of each sale directly in their wallet via smart contract
• Retains all rights to the work

The book is cryptographically encrypted linked to the buyer — post-quantum DRM protection without traditional DRM drawbacks that often harm legitimate reader experience.

Sales history is transparent on-chain — the author can verify how many copies were sold without depending on publisher reports.

Resale royalties guarantee the author receives a percentage each time a copy changes hands in the secondary market — something that doesn't exist in physical bookstores or most digital platforms.

For authors wanting broader distribution, CooBook's marketplace acts as a showcase before an audience actively seeking verified knowledge.

A university integrating CooBook obtains a digital infrastructure layer that solves several problems simultaneously:

• Institutional intellectual property protection — research, teaching materials — managed on-chain with cryptographically demonstrable ownership and immutable timestamp
• Continuing education and supplementary course certificates issued on-chain are globally verifiable without needing to maintain their own verification systems
• Visibility of institution's researchers and teachers on a global verified knowledge platform reinforces academic profile beyond their own channels
• Sponsorship of knowledge areas relevant to the university positions their brand before their field's specific audience

For universities in digitization or internationalization processes, CooBook provides blockchain infrastructure without developing it internally — they access KSC capabilities through integration without the costs of building and maintaining their own blockchain.

Automatic royalties are one of the ecosystem's most innovative mechanisms and work through smart contracts that cannot be unilaterally modified once deployed.

When an author publishes content in the marketplace, they define in the smart contract the royalty percentage they'll receive on each resale — for example, 10% on each secondary transaction.

This parameter is coded in the contract and executes automatically each time that specific content copy changes ownership.

No intermediary can withhold those royalties, delay them, or decide not to pay them — the smart contract transfers them directly to the author's wallet at the resale transaction moment.

For authors creating high-quality content that maintains demand over time, this mechanism creates genuine passive income.

Unlike royalties in the traditional publishing system — which depend on publisher reports, have long payment timelines, and require audits to verify accuracy — on-chain royalties are instant, transparent, and mathematically verifiable by the author in real-time.

Companies needing certified employee training — regulated sectors, new employee onboarding, technical skill updates — find in CooBook a solution with advantages traditional LMS cannot offer:

• On-chain certificates are externally verifiable instantly by auditors, regulators, or clients without company intermediation — simplifying competency audit processes that currently require manual documentation
• Marketplace courses from verified authors provide curated quality training without content development costs
• Companies can sponsor specific knowledge areas aligned with their talent needs, gaining visibility before professionals in training in their sector

For companies developing internal training, publishing it on CooBook as premium content creates additional revenue — content development investment amortizes through external sales while content remains exclusively for authorized employee use.

The complete corporate document protection flow:

1. The company designates an administrator with authorized wallet on KSC
2. The administrator uploads the document — strategic report, contract, market study — through CooBook interface
3. The system automatically encrypts the document with ChaCha20-Poly1305 using a key generated with ~1,040 bits entropy
4. That encryption key is encapsulated with Kyber768 linked to each authorized employee's public key — creating as many encapsulated key versions as people have access
5. The encrypted document and encapsulated keys are registered on-chain on KSC with administrator Dilithium3 signature and immutable timestamp
6. When an authorized employee needs to open the document, the system on-chain verifies their public key has access rights
7. Uses their private key to de-encapsulate the encryption key, and decrypts the document on their device — the document never travels in plain text over the network

Each access is recorded on-chain with timestamp, creating a complete, immutable audit log no administrator can retroactively modify.

No. This is the most important guarantee of the document protection system and is a mathematical guarantee, not an access policy.

A document encrypted with ChaCha20-Poly1305 and Kyber768 in KSC is a data file without readable structure for anyone without the correct key.

Even if someone obtains the file through device theft, transmission interception, or unauthorized server access — what they have is encrypted bytes without any information value.

Decrypting that file without the on-chain registered owner's private key would require solving the MLWE problem Kyber768 is based on — the best known algorithm for attacking it, even quantum, requires superpolynomial time.

In practical terms, this means a leaked CooBook file remains useless for the unauthorized recipient for decades, even with expected quantum computing advancement.

This property applies equally to personal, corporate, academic, or government documents — cryptography doesn't distinguish between content types.

An independent professional finds in CooBook a platform that simultaneously solves several of their most common problems:

• Expert visibility — with on-chain verified credentials and publicly built reputation differentiates their profile in a market where credibility is difficult to establish with new clients
• Free article publishing acts as verified content marketing demonstrating real expertise
• Sale of courses, guides, and specialized documents creates scalable income that doesn't depend on directly worked hours — published content keeps selling while the professional works on other projects
• On-chain protection of their methodologies, frameworks, and proprietary tools establishes irrefutable cryptographic authorship — if a client or competitor replicates their work, on-chain timestamp demonstrates priority
• On-chain certificates they issue to clients after consultations or training have verifiable external value that reinforces their service offering without additional certification infrastructure costs

NFT Access Pass have a role that goes beyond initial funding although that's their most immediate function.

As foundational funding source: Access Pass sales finance platform development before marketplace revenue becomes significant — similar to a crowdfunding round but with immediate real utility for buyers.

Long-term: Holders are the governance layer determining ecosystem evolution — their decisions on which knowledge areas to prioritize, what content types to incentivize, and which new Core Nodes to incorporate have direct impact on marketplace revenue growth.

Holders are also consensus validators — a technical role that makes the network function — creating alignment between owning the NFT and actively contributing to the infrastructure that generates value.

In the scenario where MiCA regulatory licenses are obtained for 6% net revenue distribution, NFT Access Pass become economic participations in platform growth — transforming the holder-revenue relationship from indirect to direct.

Scientific institutions have specific document protection needs that KSC's system covers especially relevantly:

• Research papers registered on-chain before journal publication establish cryptographic timestamp priority — in disputes over who first developed an idea or discovery, on-chain record is more robust evidence than any dated email draft
• Raw research data — databases, experiment results, clinical data — can be on-chain registered with controlled access via Kyber768 encryption, sharing selectively with reviewers, collaborators, or regulators without compromising confidentiality to competitors
• Peer review reports can be on-chain registered creating transparent review history the traditional academic system typically keeps opaque
• For research funders — government agencies, foundations, companies — on-chain registration of funded project deliverables provides immutable evidence of compliance that simplifies audits and reports

Multimedia content creators have in CooBook a platform where their work's intellectual property is protected on-chain regardless of format.

Podcasters: Publishing premium episodes registers each audio file's hash with on-chain signature — any unauthorized redistribution is traceable.

Premium episodes are encrypted linked to the buyer using the same mechanism as documents and PDFs — the illegally redistributed audio file is inaccessible for those without access rights registered on KSC.

Photographers: Selling usage licenses for their images on the marketplace defines on-chain exact license terms — editorial use, commercial use, temporary exclusivity — and those terms are verifiable by the buyer before transaction and irrefutable after.

Video course creators get the most complete protection: encrypted video, on-chain completion certificates, and automatic resale royalties combined in a single product that maximizes their income while minimizing unauthorized redistribution possibility.

CooBook doesn't impose or recommend specific pricing models — price freedom is a central marketplace feature.

However, the most effective practice emerging from ecosystem design is the natural funnel model:

1. Free articles in the library as expertise demonstration that generates organic audience
2. Moderately priced guides as first paid product that converts readers to buyers
3. Complete courses or specialized documents as premium product for the consolidated audience

This funnel works especially well on CooBook because the author's on-chain credential verification acts as a trust element that accelerates reader-to-buyer conversion — readers don't need to build trust in the author from scratch because verified credentials on blockchain do that work.

Authors with pre-established audience on other platforms can extend that presence by offering their most specialized resources on CooBook as natural extension of their existing presence.

Free access to the library isn't a promise contingent on the company's financial situation — it's a protocol property the business model is designed to permanently sustain.

Free content doesn't cost the platform per-transaction because library articles don't require on-chain transactions to be read — reading is a presentation layer operation, not the blockchain.

What's generated on-chain cost is the article's initial sealing — a single transaction the author pays as part of their publication process.

After that initial registration, the article can be read millions of times without additional cost.

This architecture guarantees that reader growth doesn't generate variable costs that could jeopardize the free model — on the contrary, more readers means more audience that attracts more authors and sponsors, strengthening the model.

Free permanent access isn't a subsidy the company pays indefinitely but a natural consequence of how the protocol economy is structured.

On-chain credential management has multiple monetization layers.

For individual professionals: Credential verification service and on-chain professional profile registration is part of becoming a verified author — a one-time paid service that provides a permanent reputation asset.

For companies needing to verify candidate or employee credentials: on-chain profile query service eliminating manual verification process is a B2B revenue source.

Sectors with most immediate impact:

• Healthcare — where healthcare professional credential verification is critical for patient safety and regulatory compliance
• Legal — where advisor identity determines validity of certain legal acts
• Technology — where technical certifications are the main differentiator in hiring processes

In all these sectors, the instant, public, and cryptographically irrefutable verification KSC offers has direct economic value for organizations currently spending time and money on slow, manual verification processes.

Public institutions have especially powerful use cases on CooBook because their documents combine public transparency needs with irrefutable integrity requirements.

Legislation and regulations registered on-chain with timestamp guarantees public record of which rule was in force at each moment — relevant in legal disputes over which legislation applied on a specific date.

Government reports and studies sealed on-chain are verifiable by citizens and journalists without information access requests — transparency is automatic.

Public contracts registered on-chain with controlled encryption allow auditing by authorized control bodies while remaining confidential to the general public until the planned publication date.

Public official and staff certifications verifiable on-chain simplify accreditation processes in complex administrative systems.

For governments in digital modernization processes, CooBook offers blockchain infrastructure without the cost and risk of developing their own — access to KSC capabilities as a service with all regulatory guarantees of the European framework under which Project Kimiary OÜ operates.

CooBook's income distribution model operates via smart contracts on Kimiary Smart Chain — payments are made in stablecoins like USDT or USDC, global assets that have no regulatory borders at the blockchain transaction level.

The author receives income directly in their wallet regardless of where the buyer is.

Tax obligations to declare that income are the author's responsibility in their jurisdiction — CooBook provides the on-chain transaction history the author can use for their declarations, history that is public, audited, and unmanipulable.

For authors in jurisdictions with complex crypto income regulations, transparent on-chain record is actually an advantage — it provides clear, verifiable documentation that facilitates regulatory compliance rather than complicating it.

Future integration of broader stablecoins and potentially KSC's native token once MiCA regulation is obtained expands authors' options for managing their income.

Students registering academic work on CooBook before presentation or publication obtain protection the traditional academic system doesn't provide.

On-chain hash with timestamp establishes the work existed in its final form before the defense date — irrefutable evidence against any subsequent plagiarism accusation or appropriation of ideas by supervisors.

For doctoral theses where publication process can take years and ideas can be replicated by other researchers during that time, prior on-chain registration is intellectual priority protection of incalculable value.

Kyber768 encryption allows the student to share their work with their thesis committee and external evaluators with cryptographically controlled access — guaranteeing confidentiality to third parties during the evaluation process.

Once the work is published, the on-chain record becomes the most robust authorship proof available — superior to any library seal, copyright registration, or email timestamp.

Sponsoring knowledge areas in CooBook's library is a high-segmentation visibility model — the sponsor appears before an audience actively consuming knowledge in their business's specific area.

The library has 10 major areas with detailed subspecializations — the sponsor doesn't appear before a general audience but before readers who are currently reading about mathematics, health, technology, economics, or any of the areas they sponsor.

Sponsorship includes:

• Sponsor logo and description visible in the area section
• Possible sponsored content integration if it meets platform verified quality standards
• Brand association with the concept of verified, trustworthy knowledge — especially valuable positioning for companies in sectors where credibility is a core asset

The model's scarcity — one company per area as official sponsor — guarantees positioning exclusivity traditional digital advertising cannot offer.

Health professionals face a specific problem in knowledge communication: the audience cannot distinguish between a board-certified specialist with verifiable credentials and someone who claims to be one.

Health misinformation proliferates precisely because the sender's credential is difficult to verify at the moment of consuming content.

On CooBook, the health professional's credentials are verified and registered on-chain — when a reader reads an article about neurology signed by a verified KSC neurologist, they can cryptographically verify those credentials are real.

This protects the reader but also differentiates the legitimate professional in a saturated health content market of unverified sources.

Additionally, clinical guidelines, protocols, and training materials a professional develops throughout their career are protected on-chain with irrefutable authorship — if a colleague or institution replicates their methodology, the KSC record establishes who developed it first.

CooBook's passive income model is more complete than any traditional content distribution platform.

• Automatic resale royalties of courses and documents arrive without author action each time a buyer resells their access — income that accumulates indefinitely as long as content has demand
• Evergreen content — guides and documents whose value doesn't decrease over time — generates continuous sales from the catalog without constant updating
• On-chain certificates the author issues act as verifiable expertise credentials, organically attracting new buyers without marketing investment
• On-chain reputation built over time — number of publications, validation history, community scores — functions as a visibility asset that improves author marketplace position without additional cost

For authors with higher-tier NFT Access Pass, platform benefits — consultations, discounts, early access — have direct economic value complementing content income.

Substack and Patreon are recurring subscription models where creator income depends on maintaining active subscribers month to month — constant pressure toward continuous content production. If the creator stops publishing, income falls.

CooBook's model is accumulated permanent value — published content keeps generating income indefinitely through direct sales and resale royalties without needing new production.

Content ownership on CooBook is the author's with irrevocable on-chain protection — on Substack, the platform can close and the creator loses their audience and history.

CooBook's on-chain certificates create additional value no subscription can provide — someone completing a course has a verifiable asset, not just temporary content access.

And CooBook's audience actively seeks verified knowledge by professionals — a different profile from Substack or Patreon communities, with greater predisposition to pay for high-quality specialized content.

Tech companies have specific interest in verified quality technical content existing in their specialization areas — that content attracts developers, engineers, and technical professionals who are their product audience.

Sponsoring Applied Sciences and Technology or Interdisciplinary and Emerging Knowledge positions the company before exactly that audience.

Beyond sponsorship: Companies can collaborate with verified authors to develop technical content — advanced documentation, specialized tutorials, case studies — published under the independent verified author's credentials, not as corporate communication, granting greater credibility than own marketing content.

Companies developing tools, languages, or frameworks can publish their official technical documentation on CooBook with on-chain sealing, establishing an immutable record of which documentation version was current at each moment — useful in legal or technical liability disputes.

CooBook's revenue model has inherent scalability characteristics that make it more robust with growth:

• Marketplace revenue scales directly with activity — more authors producing more content before more buyers generates more on-chain transactions and more commissions without proportional operating cost increase, because smart contracts automate payment distribution
• Sponsor revenue scales with audience — as more readers use the library, each area's sponsorship value increases and sponsors' willing-to-pay price grows
• Infrastructure-as-a-service revenue scales with enterprise adoption — each new company using KSC for document protection generates recurring transactions
• Automatic resale royalties create content secondary market that grows with accumulated catalog — content published today keeps generating resale royalties within years

This multi-source scalability structure is the long-term sustainability foundation — growth of any component reinforces others instead of creating internal competition between revenue sources.

CooBook's long-term vision transcends being a content platform to become the global digital knowledge trust infrastructure — comparable to what HTTPS did for web security or what ISBN did for book identification, but with mathematical guarantees no previous standard can provide.

In that scenario:

• KSC's on-chain hash becomes the reference standard for verifying authenticity and integrity of any digital document — academic articles, corporate reports, legislation, contracts, credentials
• Verified authors on KSC are globally recognized as trustworthy sources in their areas
• On-chain certificates are accepted by employers and institutions in any country without additional verification
• Companies and institutions integrate KSC as a trust infrastructure layer in their own systems
• Early-stage NFT Access Pass holders are the founding governors of that global infrastructure — position equivalent to Ethereum's first validators or Bitcoin's first miners, but in verified knowledge domain instead of financial value

This vision is the deepest justification for both the project and the Access Pass value proposition for those who share it.

Project Kimiary OÜ is registered in Tallinn, Estonia, with registration number 17198360 and LEI 9845002EAF9848395638.

Estonia is not an arbitrary choice — it's one of the world's most advanced jurisdictions for business digitization and technology regulation.

Estonia was the first country to implement digital e-Residency, has one of the clearest regulatory frameworks in the European Union for technology companies, and is part of the EU — meaning it operates under the world's most robust and predictable regulatory umbrella.

For a blockchain project with long-term aspirations, registering in a jurisdiction with clear, stable, internationally recognized regulation is a responsibility decision — not regulatory evasion.

By operating within the EU, CooBook is subject to all applicable European legislation including GDPR for data protection, digital services regulations, and the MiCA framework for crypto-digital assets being progressively implemented across all member states.

MiCA — Markets in Crypto-Assets Regulation — is the European Union's first comprehensive regulatory framework for crypto-assets, approved in 2023 and in the process of progressive implementation.

MiCA establishes specific requirements for crypto-asset issuers, crypto-asset service providers, and platforms operating in the blockchain space within the EU.

Relevance for CooBook is direct: Any mechanism involving income distribution, economic participation, or financial rights linked to digital assets requires MiCA compliance or equivalent national regulations in each member state.

MiCA's importance is not just legal compliance — it's user protection. A project operating under MiCA has transparency obligations, capital reserves, and consumer protection mechanisms that offshore projects don't have.

CooBook has deliberately chosen to operate within this framework even if it means more requirements and slower processes — the alternative of operating in unregulated jurisdictions would be faster but less secure for holders.

No. CooBook does not currently have regulatory licenses under MiCA or any other equivalent regulation that allows distribution of economic benefits to NFT holders.

This is an explicit statement in the legal notice at coobook.org/nft and it's important that any buyer clearly understands it before acquiring an Access Pass.

Obtaining the corresponding regulatory licenses is a declared goal in the project's roadmap — not a promise with a guaranteed date.

The regulatory process under MiCA involves formal applications to competent authorities, project structure review, compliance audits, and response times that are outside the company's direct control.

Being honest about this current state is not a project weakness — it's the posture that distinguishes a serious project from one making regulatory promises it can't guarantee.

The expression "pending regulatory activation" on CooBook's website means there is a declared intent in the project roadmap to implement a mechanism for distributing 6% of annual net benefits among NFT Access Pass holders, but that implementation is conditioned on first obtaining the corresponding regulatory licenses — primarily under MiCA or equivalent applicable regulations.

"Pending" doesn't mean "coming soon" nor implies any timeline. It means:

• The benefit doesn't currently exist
• Its future existence depends on external conditions outside the company's direct control
• There is no guarantee those conditions will be met or when they might be met

Any purchase decision for an NFT Access Pass should be based exclusively on currently active benefits — access to courses, governance, on-chain validation, badges, consultations according to tier — not expectations about future benefits that are explicitly marked as not guaranteed.

Transparency about the project's long-term vision is part of the commitment to honesty with the community.

Hiding a declared roadmap intent because it's not yet realizable would be a form of misinformation by omission — holders have the right to know the direction the team aspires to give the project, even when that direction is conditioned on external factors.

The alternative — not mentioning the income distribution intent until all licenses are obtained — could be interpreted as hiding relevant information from the community.

The decision to publish it with all corresponding legal disclaimers — including the red banner that explicitly marks it as not guaranteed and not active — is the balance between transparency about the vision and responsibility about expectations.

The legal notice is unequivocal: "Purchasing this NFT does not constitute a financial investment. Do not buy expecting an economic return." This clarity protects both buyers and the project itself.

By operating as a company registered in Estonia within the EU, Project Kimiary OÜ is subject to several layers of legal protection that benefit European buyers and, in many cases, buyers from other jurisdictions.

The EU Consumer Rights Directive establishes pre-contractual information standards the company must comply with.

GDPR guarantees buyers' rights over their personal data — access, rectification, and in certain cases erasure.

EU digital services regulations establish transparency obligations about terms of service.

NFT Access Pass purchase contracts are governed by Estonian and European law, providing a predictable legal framework with accessible dispute resolution mechanisms.

These protections are not equivalent to those they would have under complete MiCA regulation for financial assets — which is precisely why income distribution is conditioned on obtaining that regulation — but they are substantially superior to those offered by a company registered outside the EU in jurisdictions without an equivalent regulatory framework.

The tension between GDPR and blockchain is one of the most complex legal debates in the space, and CooBook addresses it through a deliberate technical design decision.

GDPR establishes the right to be forgotten — the right of a user to have their personal data deleted. On an immutable blockchain, deleting data is technically impossible.

KSC's solution is that real personal data never reaches the blockchain. During registration, user data goes through multiple rounds of irreversible SHA3-512 — what is recorded on-chain is the cryptographic fingerprint, not the original data.

If a user exercises their right to be forgotten, the company can delete personal data from its centralized systems — what exists on-chain is a hash that without the original data is cryptographically useless for identifying the person.

This privacy by design architecture is precisely the approach GDPR recommends for systems processing personal data.

CooBook doesn't store personal data on the blockchain; it stores irreversible mathematical fingerprints that don't constitute personal data in the legal sense of the term.

This legal distinction is fundamental and determines the applicable regulatory framework.

A regulated financial security — share, participation, bond — is an instrument that grants direct economic rights over a company: dividends, liquidation preference, or profit participation. These instruments require registration with securities regulators, approved prospectus, and compliance with financial market regulations.

The NFT Access Pass in its current state is none of these things — it's a utility membership that grants access to services, governance rights over a platform, and a technical validator role on a blockchain.

Buying an NFT Access Pass today is legally more similar to buying a club membership or service subscription than to buying company shares.

This distinction is why the legal notice is so explicit: "Purchasing this NFT does not constitute a financial investment."

The future intent for income distribution — if corresponding MiCA licenses are obtained — would change this legal nature, which is precisely why it requires additional regulation before implementation.

Buyers outside the EU are subject to their own jurisdiction's regulations regarding the purchase, holding, and use of NFTs.

The responsibility for verifying whether acquiring an NFT Access Pass is legal, tax-wise, and regulatory compatible with the buyer's local laws rests with the buyer themselves.

CooBook cannot provide specific legal advice for every jurisdiction in the world — the advice is to consult with a local legal advisor before proceeding if there is any doubt about regulatory compatibility.

What CooBook can guarantee is that the NFT Access Pass is designed as a utility membership — not as a financial instrument — which in most jurisdictions places it outside the financial securities regulatory perimeter.

However, crypto regulations vary significantly between countries, and in some, specific compliance may be required even for utility NFTs.

This warning is not unique to CooBook — it applies to any responsible blockchain project operating globally.

By operating under Estonian and European law, Project Kimiary OÜ has legally enforceable obligations before EU courts.

A holder who considered the company had breached contractual commitments could access dispute resolution mechanisms available under European consumer law, including mediation procedures and jurisdiction of Estonian civil courts with recognition throughout the EU via the Brussels I Regulation.

Additionally, the blockchain serves as an immutable evidence record — commitments recorded on-chain are verifiable by any court.

It's important to note that active commitments — current utility benefits of the NFT — are enforceable. Conditional commitments — income distribution pending regulation — are explicitly excluded from guarantee in the legal notice, which limits the basis for any claim based on expectations about that future benefit.

This distinction between active and conditional commitments is why the legal notice is so detailed — it protects both parties by precisely establishing what is guaranteed and what is not.

The process for obtaining MiCA licenses involves several stages that depend both on the project's internal preparation and regulatory authority response times — in Estonia's case, the Finantsinspektsioon.

Stage 1: Application preparation — complete documentation of the business model, token or digital asset structure, consumer protection mechanisms, required capital reserves, and risk management plan.

Stage 2: Formal submission and regulator review period.

Stage 3: Regulator response — which may include requests for additional information, model modifications, or additional requirements before approval.

MiCA regulatory timelines are not under the company's control — they can vary significantly depending on case complexity, regulator workload, and evolving regulatory interpretation.

Being specific about timelines would be irresponsible precisely because those timelines are not under the company's control. What IS under the company's control is the quality and completeness of preparation — work the team is doing in parallel with the platform's technical development.

The NFT Access Pass's active benefits — access to courses, governance, on-chain validation, badges, discounts, consultations according to tier — remain completely independent of obtaining MiCA licenses or not.

These benefits don't require financial regulation to be delivered because they are platform services, not economic benefit distribution.

If MiCA licenses are never obtained, the scenario for holders is that utility benefits continue functioning exactly as described at the time of purchase, but the declared future intent for income distribution in the roadmap is never implemented.

This is the scenario the legal notice establishes as the basis — purchase is made for current benefits, any future economic benefit is contingent and not guaranteed.

A buyer who acquires the Access Pass clearly understanding this distinction suffers no harm if licenses are not obtained — their active benefits remain intact. The potential harm is only for someone who bought expecting exclusively future economic return, an expectation the legal notice explicitly warns should not be the basis for the decision.

CooBook's on-chain governance system — where NFT holders vote on platform decisions — operates in a legal space that European legislation is beginning to specifically regulate.

DAOs and blockchain governance mechanisms have variable legal recognition across different EU jurisdictions.

Project Kimiary OÜ as a registered legal entity is the legal responsible party for the platform before third parties and regulators — on-chain governance is a mechanism for community participation in internal decisions, not a substitute for the company's legal liability.

This distinction is important: NFT holders who vote in governance don't acquire legal liability for approved decisions — that liability remains with the company.

The governance system is an incentive alignment and community participation mechanism compatible with Estonian corporate structure, not a legally responsible entity-less DAO that would operate in a regulatory vacuum.

Estonia has one of the most innovative tax systems in the EU — companies don't pay corporate tax on retained profits, only on distributed profits.

This has direct implications for any income distribution mechanism to holders: any distribution of 6% of annual net profits would be subject to Estonian tax obligations on profit distribution before reaching holders.

Additionally, holders in their respective jurisdictions would be subject to local tax obligations on received income — which varies significantly between countries.

This multinational tax complexity is another reason the income distribution mechanism requires not only crypto-asset regulatory licenses but also specialized tax advice to structure it correctly.

CooBook is committed to implementing this in a tax-responsible way when the time comes — which inevitably adds complexity and time to the process.

The LEI — Legal Entity Identifier — 9845002EAF9848395638 of Project Kimiary OÜ is a unique global identifier for legal entities, managed under the global LEI system under the auspices of the G20 and the Financial Stability Board.

Its existence confirms that CooBook is a registered, verifiable legal entity recognized in the international financial system — not a ghost company or anonymous structure.

Anyone can verify Project Kimiary OÜ's LEI validity in the global public LEI database.

For buyers evaluating the seriousness and legitimacy of a blockchain project — especially after the numerous fraudulent cases in the space — the existence of a publicly verifiable LEI is a significant signal that the company operates under internationally recognized identification standards.

It's not a guarantee of project success or fulfillment of all its commitments, but it IS evidence that there is a real, traceable legal entity behind the project.

Courses published on CooBook's marketplace are commercial educational content — a category widely regulated in most jurisdictions regarding quality standards, truthful advertising, and consumer protection, but generally not subject to the same requirements as formal regulated education.

CooBook's on-chain completion certificates are non-regulated training certificates — equivalent to those from any e-learning platform like Coursera or Udemy.

They are not university degrees or official professional certifications, unless the course author is an institution with capacity to issue those certifications in their own jurisdiction.

On-chain certificate verifiability doesn't change its legal nature — what changes is verification robustness, not the certificate's regulatory category.

For sectors where certifications must be issued by officially authorized entities — physicians, lawyers, licensed engineers — CooBook certificates complement but do not replace required official certifications.

CooBook operates as a distribution platform — not as a publisher or rights assignee.

Authors publishing on CooBook retain full intellectual property rights over their works. The platform obtains a non-exclusive usage license to distribute content under the terms the author establishes — without acquiring any rights to the work itself.

On-chain registration on KSC doesn't create or transfer intellectual property rights — those rights exist by virtue of work creation under applicable law.

What on-chain registration creates is evidence of creation date and creator identity, which can be instrumental in intellectual property disputes but is not itself the title of ownership.

Authors in jurisdictions with formal copyright registration systems — like the Copyright Office in the U.S. or European equivalents — can use on-chain registration as supplementary evidence in those formal proceedings.

The separation between sponsorship and editorial content is one of CooBook's most important guarantees and is designed architecturally, not just by policy.

Knowledge area sponsors get visibility in that area of the library — their logo and description appear in the corresponding section — but have no mechanism to influence what content is published, which authors are verified, or how articles are rated.

Author verification is an independent process based on real credentials. Content validation is a process of the NFT holder community.

None of these processes has entry points for sponsors to influence their outcome.

Additionally, sponsorship contracts include no editorial influence clauses — this is verifiable in the platform's public terms of service.

Editorial integrity is not just a company promise but a system property: content validators are independent NFT holders, not sponsor employees.

Transparency about fund use is part of the project's accountability commitment to its community.

Funds obtained through NFT Access Pass sales finance technical platform development — KSC implementation, interface development, Core Nodes infrastructure, author verification process, and general company operations.

There is no on-chain treasury management mechanism like in some DAOs where each expense requires voting — Project Kimiary OÜ manages its finances as an Estonian company with corresponding accounting obligations.

What DOES exist is transparency through the public roadmap detailing development objectives the funds should finance, and community accountability through the on-chain governance system where holders can propose and vote on development priorities involving resource allocation decisions.

The balance between company operational agility and community transparency is managed through on-chain governance for structural decisions and company autonomy for operational decisions.

MiCA regulation is in the process of progressive implementation and its specific interpretation for different asset types — including utility NFTs with governance elements — is being gradually defined by competent authorities in member states.

This means the regulatory environment CooBook operates in is actively changing.

CooBook's approach to this risk is to operate with the most conservative model possible in the present — being explicit about which benefits are active and which are contingent future intents — while actively monitoring regulatory evolution to adapt the model when necessary.

The modular architecture of the on-chain governance system is an asset in this context: if regulation requires modifications to the income distribution model or NFT structure, those modifications can be implemented through governance voting without needing to redesign the platform from scratch.

Regulatory adaptability is not a risk CooBook ignores but a variable the system design anticipates.

Applicable AML and KYC obligations for CooBook depend on the exact nature of activities it performs under Estonian and European law.

As a content platform with a utility NFT layer, obligations may be different from those of a cryptocurrency exchange or regulated virtual asset service provider.

Project Kimiary OÜ complies with obligations applicable to its activity under Estonian law, which implements European AML Directives.

For the author verification process, real professional credentials are collected and verified — a process that has an integrated identity verification component.

The evolution of AML and KYC obligations under MiCA for the specific type of CooBook activity is part of the regulatory analysis the team performs as part of license preparation.

It is not possible to be more specific about these internal procedure details without compromising their effectiveness as a prevention mechanism.

Not necessarily. Some jurisdictions have specific prohibitions or restrictions on the purchase, sale, or holding of NFTs and crypto-assets that may make acquiring an NFT Access Pass not legal or advisable in those countries.

CooBook operates from Estonia under European law and cannot guarantee regulatory compatibility of its products with every country's legislation in the world.

It is the buyer's responsibility to verify the applicable regulatory situation in their jurisdiction before proceeding with any purchase.

This is not a situation unique to CooBook — any responsible blockchain project has the same limitation.

The recommendation is to always consult with a local legal advisor if there is any doubt about the applicability of local regulations to utility NFT acquisition.

CooBook doesn't actively exclude buyers from any specific jurisdiction on its technical platform, but neither can it guarantee the legality of acquisition in each individual jurisdiction.

This is an inherent tension for any blockchain project operating within national or regional regulatory frameworks.

CooBook's resolution is the same adopted by serious blockchain projects globally: separate the protocol layer — which operates according to the mathematical rules of the blockchain, without jurisdiction — from the services layer — which operates through Project Kimiary OÜ as a legal entity with clear jurisdiction and regulatory obligations.

The KSC protocol has no citizenship or jurisdiction — it's code that executes mathematical rules.

Project Kimiary OÜ DOES have Estonian jurisdiction and European obligations.

This separation allows the technical infrastructure to be globally accessible while the company operating it complies with its legal obligations.

When there is a real conflict between a protocol rule and a legal obligation, the company is obligated to comply with the law — and the governance system is the mechanism for the community to adapt the protocol when necessary to maintain that compliance.

Regulatory decisions for a blockchain project aspiring to operate within the European legal framework cannot depend exclusively on the founding team's internal judgment — they require specialized legal advice in crypto-asset regulation, Estonian law, and applicable European legislation.

Project Kimiary OÜ works with external legal advice for critical regulatory decisions — including structuring the NFT Access Pass as a utility membership, drafting legal notices about future income distribution, and planning the MiCA license acquisition process.

The quality and rigor of the legal notice at coobook.org/nft — unusually detailed and explicit about product limitations — is itself a signal that regulatory communication decisions have had specialized legal review.

It is not a generic warning copied from other projects but an accurate description of the product's current legal situation.

Independent verification of CooBook's legal legitimacy is available through multiple public sources.

Estonia's business register — e-Business Register, publicly available at ariregister.rik.ee — allows verifying the existence, active status, and basic data of Project Kimiary OÜ with registration number 17198360.

Global LEI database — available at gleif.org — allows verifying LEI 9845002EAF9848395638 and its active status.

Terms and conditions, legal notice, and privacy policy published at coobook.org provide the product's contractual documentation.

The specific legal notice about NFT Access Pass at coobook.org/nft precisely establishes what is guaranteed and what is not.

Verifiable social media presence and the project's public activity — including this FAQ documentation — are additional signals of a project operating with transparency.

None of these verifications guarantees future project success or constitutes investment advice — but they DO confirm there is a real, registered, transparent legal entity behind CooBook.

The decision to launch NFT Access Pass on Polygon via OpenSea is a bootstrapping decision — not a contradiction with the KSC vision.

Kimiary Smart Chain is in active development and doesn't yet have its mainnet operational.

Waiting for KSC's complete launch to start selling NFTs would delay project funding that precisely allows developing KSC — a Catch-22 that no resource-limited project can afford.

Polygon is a mature EVM network, with established liquidity, with millions of active users, and with native integration into OpenSea — the highest volume NFT marketplace in the world.

Selling there now doesn't compromise the KSC vision but finances it.

The subsequent migration of NFTs from Polygon to KSC via cryptographic bridge is a planned transition from the origin — current buyers know they are acquiring an NFT that will live on Polygon until KSC is operational, and the migration process will be available when that moment arrives.

This transparency about the product trajectory is part of the project's honesty commitment.

The bridge is a cryptographic mechanism that allows transferring NFT ownership from the Polygon network to Kimiary Smart Chain without the asset existing simultaneously on both networks.

The process works through a burn-and-mint system — destruction at origin and verified creation at destination — guaranteeing that at no point do two copies of the same NFT exist on two different blockchains.

The complete technical flow:

1. Holder initiates migration from CooBook interface
2. A smart contract on Polygon verifies NFT ownership and executes the burn — permanent, irreversible destruction of the original NFT on Polygon
3. That burn transaction hash is transmitted to KSC's NFT Core Node as cryptographic proof of destruction
4. KSC generates the new NFT identifier on its own chain: KSC_NFT_ID = Dilithium3.Sign(hash_burn + PK_user), mathematically linking the new NFT to the verifiable destruction event on Polygon
5. The new NFT is registered on-chain on KSC with complete history of its origin — including its previous life on Polygon — and becomes active under the owner's public key on KSC

The bridge design is built on the principle that a failure at any point in the process should not result in loss of the holder's asset.

The sequence is ordered so destruction on Polygon is only irreversible after creation on KSC has been confirmed — not the other way around.

If something fails after burn but before mint on KSC, the system has recovery mechanisms based on the burn transaction hash that remains registered on Polygon — that hash is irrefutable evidence that the NFT was legitimately destroyed and can be used to claim mint on KSC.

The complete process is audited by KSC validators through the 5-signature scheme described in previous sections — including the NFT Core Node and a second verifying Core Node — guaranteeing that no individual actor can manipulate the migration process.

The complete migration history is recorded on-chain on both chains, providing verifiable evidence of the process at each end.

No. Migration is designed to preserve all NFT characteristics and rights integrally.

What transfers exactly:

• The tier — Esmerald, Ivory Genesis, Royal Blue Accord, Aureum Privilege, Platinum Imperium, Obsidian Dominion
• Corresponding governance rights for the tier activate on KSC from the moment of mint
• Validator role on KSC consensus activates automatically

The previous ownership history on Polygon is referenced in KSC's on-chain registration — the new NFT includes a field pointing to the burn transaction hash on Polygon, creating a verifiable custody chain proving ownership continuity.

What changes is the infrastructure protecting the NFT — which moves from Polygon's classical cryptography to KSC's post-quantum Dilithium3 cryptography.

From the holder's perspective, it's the same NFT with the same rights but greater cryptographic protection and with the additional benefits of operating on CooBook ecosystem's native blockchain.

Migration is not mandatory — it's an available option for holders when KSC is operational.

A holder can keep their NFT on Polygon indefinitely if they prefer.

However, it's important the holder understands the practical implications of this decision:

• An NFT that remains on Polygon can continue to be bought, sold, and transferred on OpenSea normally
• What it cannot do is exercise specific KSC benefits — participate as consensus validator, vote on on-chain governance, or activate platform benefits linked to the CooBook ecosystem on the native chain

These benefits require the NFT to exist on KSC.

The ecosystem design thus creates a natural incentive toward migration without imposition — holders who want to actively participate in the ecosystem will migrate because that activates their full benefits, while those who prefer to keep the NFT as an asset on Polygon can do so without that implying loss of the asset itself.

The migration process involves transactions on two different networks — Polygon and KSC — each with their own transaction costs.

On Polygon: The burn transaction requires gas fees in MATIC — Polygon's native token — which are historically very low on that network, generally fractions of a cent.

On KSC: The mint of the new NFT requires a transaction that generates costs on the network.

The exact cost structure for KSC transactions — including whether CooBook assumes any migration cost as an incentive for holders — will be defined before mainnet launch and communicated with sufficient advance notice so holders can plan.

What is clear from the design is that the migration process must be accessible for all holders regardless of their tier — creating migration with prohibitive costs for entry-tier holders would be contradictory to the ecosystem's access model.

Exact economic details of the bridge will be part of mainnet launch communication.

Currently, for buying and managing NFT Access Pass on Polygon through OpenSea, all standard EVM ecosystem wallets that OpenSea supports are compatible.

MetaMask is the most used option with best support on OpenSea — available as browser extension and mobile app.

Coinbase Wallet provides an integrated experience with the Coinbase exchange and native support on OpenSea.

Rainbow Wallet is a popular option especially on mobile with interface designed for NFTs.

WalletConnect is a protocol that allows connecting dozens of different mobile wallets to OpenSea via QR code.

Trust Wallet has wide compatibility with Polygon and OpenSea.

Ledger and Trezor — hardware wallets — can connect to OpenSea via MetaMask or other interfaces, providing the highest security level for NFT storage.

The general recommendation for significant value NFTs is to use a hardware wallet — the Access Pass represents a long-term membership and storage security should be proportional to that value.

KSC uses Dilithium3 cryptography — fundamentally different from ECDSA cryptography that all standard EVM wallets like MetaMask use.

This means current Ethereum ecosystem wallets are not directly compatible with KSC without adaptation.

CooBook will develop native KSC wallets — both a browser extension and a mobile app — that manage Dilithium3 keys and chain interaction.

These native wallets are part of the platform development plan in the roadmap.

For the migration process specifically, CooBook's interface will act as an intermediary — the holder uses their current EVM wallet to authorize the burn on Polygon, and the native KSC wallet to receive the mint on KSC.

This guided process eliminates the need for the holder to manually manage the technical complexity of interaction between two different cryptographic systems.

Developing native KSC wallets with good user experience is a recognized team priority — usability is as important as technical security for ecosystem adoption.

Once the NFT has migrated to KSC, it no longer exists on Polygon — the burn is irreversible.

OpenSea is a marketplace built on EVM networks — Ethereum, Polygon, Base, Arbitrum — and has no native support for non-EVM networks like KSC.

This means NFTs migrated to KSC cannot be sold directly on OpenSea.

NFT buying and selling transactions on KSC are done through CooBook's native marketplace described in previous sections — with sale smart contracts, 60-second timer system, and on-chain registration of each ownership transfer.

This marketplace transition is coherent with the project's philosophy — KSC has its own transaction ecosystem providing greater cryptographic security and greater integration with platform benefits.

CooBook's native marketplace has complete buying/selling functionality — price history, offer management, direct transfers — that a holder needs to manage their NFT.

Yes. NFT Access Pass on Polygon and OpenSea are fully functional assets on that network while KSC is not operational.

They can be bought, sold, and transferred on OpenSea normally. NFT metadata — tier, image, description — is visible on OpenSea.

What is not active during this period are specific KSC benefits — consensus validation, on-chain governance on KSC, access to courses — because those benefits require the platform to be launched and the NFT to be on the native chain.

This pre-launch period is essentially the project's crowdfunding period — buyers are funding development and reserving their position in the ecosystem, with the expectation that full benefits activate with platform launch.

Communication of development progress, milestones reached, and roadmap status is how CooBook keeps the community informed during this period.

The non-duplication guarantee is mathematically more robust than any policy promise.

The burn mechanism on Polygon is an irreversible operation — once executed, the NFT ceases to exist on that network and no contract or actor can recreate it.

The burn smart contract on Polygon includes a record of the transaction hash that functions as a destruction certificate.

The mint smart contract on KSC requires that hash as a valid input — without the hash of a verifiable burn transaction on Polygon, no mint can execute.

And that hash can only be generated once per burn — it cannot be reused because KSC records on-chain all processed burn hashes and automatically rejects duplicates.

The combination of burn irreversibility on Polygon, hash verification on KSC, and on-chain recording of processed hashes creates three independent guarantee layers against duplication. Compromising any of them would require attacking two different blockchains simultaneously — an extremely complex scenario.

Yes. An NFT Access Pass bought on OpenSea on Polygon can be sold on OpenSea at any time before KSC is operational, exactly like any other NFT on Polygon.

The buyer and seller negotiate price on OpenSea marketplace, the transaction executes on Polygon with standard gas fees, and ownership transfers from one wallet to another.

There is no technical restriction or lockup period on NFT resale on OpenSea during the pre-KSC launch period.

The only relevant consideration is that if the NFT has recurrent holders — is sold and repurchased several times — each new owner inherits the position in the corresponding tier and access rights to benefits that activate with launch.

The ownership history on Polygon is recorded on-chain on that network — including all intermediate transactions — and that history is referenced in the KSC registry when the NFT finally migrates.

The decision to build KSC with post-quantum Dilithium3 cryptography — instead of standard EVM ECDSA — is a security decision with a real compatibility cost.

KSC is not EVM-compatible, which means it doesn't automatically benefit from the ecosystem of tools, wallets, explorers, and marketplaces built for Ethereum and its compatible chains.

This tradeoff is conscious and deliberate — post-quantum cryptography cannot coexist with ECDSA cryptography that defines the EVM standard.

CooBook's strategy for managing this cost is building essential own ecosystem tools — native wallet, marketplace, block explorer — and maintaining the bridge with Polygon as the entry point from the EVM ecosystem.

Long-term, as post-quantum cryptography becomes the industry standard — which regulatory and standardization bodies are actively promoting — KSC's advantage of having implemented that standard from origin becomes competitive rather than isolating.

OpenSea has content moderation policies that can result in collection removal — primarily for intellectual property rights violations, fraudulent content, or behavior that violates their terms of service.

CooBook's NFT Access Pass is a legitimate utility membership with clear metadata, honest description, and a registered company behind it — it has no characteristics that typically result in moderation by OpenSea.

However, centralized platform policies like OpenSea can change, and no blockchain project can guarantee its permanent presence on a platform it doesn't control.

This is precisely one of the arguments for the transition to KSC — on CooBook's native marketplace, the platform controls its own destiny without depending on third-party decisions.

During the Polygon period, presence on OpenSea is convenient and strategic. Long-term, KSC's native marketplace is the distribution infrastructure the ecosystem completely controls.

Communicating the migration process to holders is a critical responsibility that CooBook will manage through multiple channels to guarantee no holder is left without information.

Official communication channels — X (Twitter), Discord if developed, platform newsletter, and official social networks described on coobook.org — will be the primary communication means.

OpenSea's interface for the collection can also include information about the migration process in the updated collection description.

The migration process will not be activated surprising — there will be a prior announcement period with sufficient time for holders to understand the process, prepare their KSC wallets, and make informed decisions about whether to migrate immediately or at a later moment.

Since migration is not mandatory, there is no imposed urgency — each holder can manage their own migration at the moment they consider appropriate after the process is available.

Yes, with a specific process.

A holder who has their NFT in a hardware wallet like Ledger connected to MetaMask can use that combination to sign the burn transaction on Polygon — exactly as they would sign any other transaction on that network with their hardware wallet.

The signature is made on the hardware device, which never exposes the private key, providing the same security level as any other Ledger transaction.

For the mint on KSC, the holder will need to generate a KSC identity — a Dilithium3 key pair — using KSC's native wallet.

This is a new process independent of the existing hardware wallet, since Ledger and Trezor currently don't support Dilithium3 cryptography.

The native KSC wallet will generate post-quantum keys with the entropy process described in the technical section — ~1,040 bits of entropy — and the holder must protect these new credentials with the same rigor they protect their current EVM credentials.

CooBook's guided interface for the migration process will accompany the user through each step of this process clearly and unequivocally.

KSC's on-chain registration of an NFT migrated from Polygon is intentionally complete to guarantee total asset traceability.

The registration includes:

• The generated KSC_NFT_ID — unique identifier on KSC based on the Dilithium3 signature of hash_burn and the owner's public key
• The burn transaction hash on Polygon — the verifiable reference to the destruction event on the original chain
• The timestamp of mint on KSC — when migration was exactly completed
• The owner's public key on KSC — who is the cryptographic owner of the NFT on the new chain
• The NFT's tier — with all its governance and validation parameters
• The history of all subsequent transactions on KSC — sales, transfers, validator activity

This complete information guarantees that any external verifier can reconstruct the NFT's complete history from its original creation on Polygon to its current state on KSC, with verifiable evidence on both chains.

There is no dark point in the asset's custody chain.

Polygon is a network with years of operation, thousands of validators, and tens of billions of dollars in locked value — a sudden closure scenario is extremely unlikely.

However, in the unlikely case that Polygon were to stop operating, there would be significant warning signs with sufficient advance notice for holders to migrate their NFTs to KSC before effective closure.

Additionally, Polygon transaction history is public and archived by multiple independent services — even if Polygon active nodes stopped functioning, the history of which wallet owned which NFT at what moment would still be verifiable in archives.

In the edge case that a holder couldn't migrate in time, on-chain evidence of NFT possession on Polygon — verifiable in historical archives — would provide the basis to claim mint on KSC through the exceptional case resolution process CooBook would define in that scenario.

This level of contingency planning is part of responsible long-term system design.

The current purchase process on OpenSea is standard for any NFT on Polygon.

The buyer connects their EVM wallet — MetaMask, Coinbase Wallet, or any WalletConnect-compatible wallet — to OpenSea via the standard Web3 wallet connection protocol.

They browse to CooBook's NFT Access Pass collection on OpenSea, select the tier they wish to acquire, and execute the purchase transaction.

OpenSea requests transaction confirmation through the connected wallet — MetaMask shows the transaction detail for user approval, including cost in WETH or accepted currency and gas fee in MATIC.

The user approves, the transaction processes on Polygon, and the NFT appears in the buyer's wallet.

This entire process uses Polygon's and OpenSea's standard infrastructure — there is no custom CooBook technical component involved in the purchase process on Polygon.

CooBook's custom interface comes into play when the platform is launched and the migration process to KSC is available.

That KSC is built from scratch in Rust — not an Ethereum, Cosmos, or any other existing blockchain fork — has both positive and negative long-term implications that any holder must understand.

On the positive side: KSC can implement native post-quantum cryptography from the first block without the compatibility limitations an Ethereum fork would have — Ethereum cannot adopt Dilithium3 without breaking compatibility with all existing contracts and wallets.

The democratic consensus model with NFT holders as validators, the specialized Core Nodes system, and the digital identity architecture are possible precisely because there is no technical debt from a previous blockchain restricting design.

On the negative side: Building from scratch means KSC doesn't inherit years of security audits, the tool ecosystem, or the user base of established networks.

Each component needs its own maturation and audit process.

This is the project's central bet — that building correctly from the start is worth more long-term than the shortcuts of a fork with more compatibility but fewer capabilities.

Verifying the authenticity of the official collection is critical before any purchase — fraudulent collections that imitate legitimate projects on OpenSea are a common fraud vector in the NFT space.

Indicators of CooBook's official collection on OpenSea:

• Direct link from coobook.org/nft — that points directly to the official collection, never to a different one
• OpenSea's verification badge if available for the collection
• Collection smart contract address — public and verifiable on Polygonscan, listed on CooBook's official page
• Volume and transaction history — fraudulent collections typically have little or no history
• NFT metadata consistency — description, image, tier — with official information published on coobook.org/nft

The simplest rule: always navigate to OpenSea from the direct link on coobook.org, never from OpenSea search results where fraudulent collections can appear with similar names.

NFT Access Pass transactions on Polygon are verifiable in real-time through Polygonscan — polygonscan.com — Polygon network's official explorer.

Polygonscan allows viewing the complete history of any NFT: all buy, sell, and transfer transactions with exact timestamps, wallets involved in each transaction, the NFT's smart contract with its verifiable code, and current ownership status.

OpenSea can also be used directly as a visualization layer for the same on-chain history.

For users who prefer more advanced analysis tools, services like Etherscan — which also supports Polygon — or Dune Analytics allow more detailed analysis of the collection's behavior.

When KSC is operational, CooBook will develop its own block explorer for KSC — functionally equivalent to Polygonscan but for the native chain — that will allow verifying all KSC transactions with the same transparency level Polygonscan currently provides for Polygon.

No — NFTs are non-fungible assets indivisible by definition.

An NFT Access Pass exists in a single unique wallet at any given moment.

It cannot be split between multiple wallets, nor can a fraction of an NFT be held.

What a holder with multiple wallets CAN do is transfer the complete NFT from one wallet to another — operation that is recorded on-chain and changes the cryptographic ownership of the asset.

The one-user rule — one NFT on KSC applies at the verified account level, not the technical wallet level — a user cannot have more than one NFT in the ecosystem regardless of how many wallets they technically manage.

This restriction is a KSC protocol rule designed to prevent validation power concentration, and its compliance is verified during the identity linking process when the NFT migrates to KSC and links to the holder's verified identity.

On Polygon, NFT resale royalties work according to the EIP-2981 standard implemented on OpenSea — a percentage of the sale price is automatically transferred to the original collection creator (CooBook) on each secondary sale.

This mechanism has the limitation that it depends on OpenSea respecting it — OpenSea has historically modified its royalty enforcement policy, and not all EVM marketplaces respect the EIP-2981 standard.

On KSC, the royalty mechanism is radically different and more robust — royalties are coded directly into the NFT sale smart contract, execute automatically through the chain protocol, and do not depend on any external marketplace respecting them.

Any NFT sale transaction on KSC that doesn't include the corresponding royalty to the creator is not a valid transaction according to the protocol — the smart contract automatically rejects it.

This mathematical guarantee of royalties on KSC is substantially superior to the platform-dependent guarantee that exists on Polygon.

The bridge to Polygon is KSC ecosystem's first bridge — the most immediate because that's where current NFTs are — but not the only bridge envisioned in the long-term vision.

As KSC matures and its ecosystem grows, bridges to other relevant networks expand the interaction surface with the broader Web3 ecosystem.

Ethereum is the natural candidate for a second-generation bridge — given its central position in the DeFi and NFT ecosystem.

Bridges to networks with active knowledge communities — like networks specialized in educational credentials or digital identity — complement KSC's position as verified knowledge infrastructure.

Each additional bridge follows the same design principle as the Polygon bridge: unidirectional burn-and-mint that guarantees no asset exists simultaneously on two chains.

The priority of which bridges are developed after Polygon is precisely the type of decision the governance system is designed to manage — NFT Access Pass holders vote on which external ecosystem integrations they prioritize according to their own interests and ecosystem vision.

It's the most legitimate question any buyer should ask before acquiring any asset in the crypto space.

The answer has several layers:

Project Kimiary OÜ is a company registered in Estonia with public registration number 17198360 and globally verifiable LEI — it's not an anonymous or offshore entity.

The founders operate under their real identity with personal legal responsibility under Estonian and European law.

A company in the EU that disappears with buyer funds doesn't disappear without consequences — there's clear legal jurisdiction, real claim mechanisms, and traceable corporate identity.

Additionally, CooBook's business model doesn't depend exclusively on NFT sales to operate — the content marketplace, institutional sponsors, and infrastructure-as-a-service are independent revenue sources that create incentives to build and operate the platform.

A team that simply wanted to take the money and disappear wouldn't have invested in documentation of this depth, in European legal registration, in building a blockchain from scratch in Rust, or in transparent communication about project limitations.

None of these signals guarantee success — but they DO unequivocally distinguish CooBook from projects that have fraudulent intent from the origin.

Yes — and saying it explicitly is part of the project's honesty commitment.

Currently, KSC operates with 5 Core Nodes controlled by the founding team. Calling that "decentralized" in the full sense would be inaccurate.

What KSC has that no centralized blockchain has is the architecture and mechanisms to decentralize without redesign — the immutable genesis registry, the on-chain governance system, and the third-party Core Nodes program are the tools that make decentralization the system's natural destination instead of an empty promise.

The difference between "centralized with decentralizable architecture" and "decentralized" is real and significant.

CooBook doesn't pretend that difference doesn't exist — it acknowledges it and addresses it by being explicit about the current state and the path toward real decentralization.

A buyer requiring full decentralization today should wait until KSC reaches that state before buying.

A buyer who understands they're financing that decentralization development from a foundational position is making a different decision with complete information.

There's no reason to believe it based solely on trust — nor should there be.

The correct evaluation is based on verifiable evidence, not trust.

Available evidence includes:

• Real-depth technical documentation — two whitepapers with mathematically justified design decisions, critical questions answered honestly including corrected errors, and a 28-module architecture with clear dependencies
• Rust implementation with real NIST 2024 cryptographic primitives — not invented cryptography but internationally audited algorithms
• Legally registered company with verifiable public presence
• Business model with multiple income sources independent of KSC launch — meaning the company can operate and develop KSC without depending exclusively on mainnet being ready to generate income

What doesn't exist is a guarantee that KSC will work — that guarantee cannot exist in any software project under development.

What exists is the most solid technical, legal, and economic base possible for it to work, combined with honesty about real risks.

It's an intelligent objection that deserves an equally intelligent answer.

Today, in 2026, with currently available quantum computers, post-quantum cryptography is not necessary to protect a knowledge library. ECDSA remains sufficiently secure in the current computational environment.

The relevant question is not whether it's necessary today but when it will be — and the answer is that no one knows precisely, but the cryptographic community consensus is that the horizon is between 10 and 20 years.

A blockchain launched today with ECDSA that wants to migrate to post-quantum cryptography in that horizon will face a fundamental problem: its entire transaction history, all existing wallets, all deployed contracts use old cryptography. The migration is technically possible but operationally catastrophic — as will happen to Bitcoin and Ethereum.

KSC makes that migration unnecessary to need because it starts from the correct standard.

The argument is not that the quantum threat is immediate — it's that building on correct foundations from the origin is always preferable than fixing incorrect foundations under pressure.

For infrastructure designed to last decades, that decision is not marketing — it's responsible engineering.

Using Ethereum or Solana would have been the fastest and cheapest decision — and also the decision that would make the project's central differentiators impossible.

Ethereum and Solana use ECDSA — incompatible with post-quantum cryptography without breaking all existing compatibility.

They don't have a real digital identity system linked to verifiable professional credentials — adding it over a general-purpose blockchain requires complexity layers that degrade experience.

They don't have a native mechanism for NFT holders to be consensus validators with cryptographic equality — Ethereum PoS assigns validation power proportional to economic stake, which is exactly the model KSC rejects for creating power oligarchy.

Document encryption linked to the buyer's registered on-chain ownership requires deep integration between the identity layer and transaction layer — on a general-purpose blockchain that integration would be superficial.

Building on an existing blockchain would have given access to its ecosystem at the cost of relinquishing everything that differentiates CooBook.

The inverse question is equally valid — why build CooBook if it's going to be just another project on Ethereum without real differentiation?

Yes, there are — and analyzing why they failed is exactly the exercise that justifies CooBook's design.

Decentralized knowledge projects that failed typically shared one or more of these problems:

• Exclusive dependence on speculative tokens with no real utility — the project's value depended on token price, which collapsed with the market
• Absence of content quality mechanism — anyone could publish anything, producing unusable signal-to-noise
• No sustainable business model independent of speculation — when investors withdrew, there was no real income to maintain operation
• Inherited cryptography from existing blockchains with no real technical differentiation

CooBook addresses each of these failure points directly:

• NFTs are real utility memberships with active benefits independent of market price
• The verified authors system with on-chain credentials is the quality mechanism previous projects didn't have
• The business model has multiple real income sources — marketplace, sponsors, infrastructure-as-a-service — independent of speculation
• Post-quantum cryptography from origin is real technical differentiation, not cosmetic

None of these arguments guarantee success — but they DO demonstrate that CooBook learned from previous failures instead of repeating them.

The credential verification process is as robust as the diligence applied to its execution — and that is an honest limitation CooBook recognizes.

No verification system is completely fraud-proof if someone presents convincingly falsified credentials.

What CooBook can guarantee is the process — verification of real credentials against verifiable sources, coherence between professional profile and authorized publication areas, and cryptographic linking of that verification to an immutable on-chain identity.

What the system adds over initial verification is permanent accountability — an author with fake credentials who publishes on CooBook has their on-chain history irrevocably linked to those fake credentials.

If falsification is discovered later, the reputational damage is permanent and public.

This negative incentive is more deterrent than on platforms where profiles can simply be deleted.

Long-term, the on-chain reputation system — where publication history, ratings, and validations are public and cumulative — creates an additional credibility signal that complements initial credential verification.

It's a mathematically founded objection that deserves an equally mathematical answer.

The 10 Obsidian Dominion holders have 30 combined votes in product governance — 3 votes each.

The 25,000 Esmerald Passage holders have 25,000 combined votes — 1 vote each.

Even if the 10 Obsidian holders voted in perfect coordinated block — which requires perfect coordination between 10 actors with potentially different interests — they represent 0.12% of total possible votes.

Tier vote weighting gives amplified voice to the most committed holders, not majority control.

For premium tiers to dominate a vote would require the vast majority of Esmerald holders to abstain — which is precisely the scenario the 72-hour duration is designed to avoid, maximizing participation.

The system's radical transparency is the additional protection — every vote is public and on-chain, any attempt at manipulative coordination is visible to the entire community who can respond by actively participating.

Perfectly distributed governance doesn't exist in any system — what exists in CooBook is a structure where power concentration is mathematically limited and publicly auditable.

Because hiding it would be worse than publishing it with its exact conditions.

If CooBook removed all mention of future income distribution until having licenses — which may take indeterminate time — and then announced it as something new, the community would have legitimate reasons to ask why it wasn't communicated from the start.

Transparency about the complete project vision — including elements that aren't yet implementable — is part of respect toward buyers.

What distinguishes responsible from irresponsible communication is not whether it's mentioned but how it's mentioned.

The notice on CooBook's website is unequivocal: the benefit is not active, it's conditioned on regulation that isn't held, and the purchase shouldn't be made expecting that return.

A buyer who reads that notice and still buys expecting the 6% is ignoring an explicit warning — the responsibility isn't CooBook's.

A buyer who reads that notice and buys for active benefits is making an informed decision exactly as the project intends.

Yes — and recognizing it is part of the project's honesty.

CooBook's scope is genuinely ambitious.

The response isn't to minimize that ambition but to explain how it's managed:

• Specification-Driven Development — where each component is completely specified before coding — allows development to be more efficient than typical startup exploratory development
• Modular crate architecture in Rust allows different components to be developed in parallel without dependencies blocking progress
• Phased roadmap — Phase 1 is cryptographic foundations, Phase 2 is P2P network, Phase 3 is audits — prioritizes work in a logical order that avoids building on unvalidated foundations
• The content platform itself — coobook.org with the library and marketplace — doesn't require KSC to be on mainnet to begin operating in an initial version

The project's ambition is real. The mechanisms to manage it are also real.

Execution risk exists — any project of this scale has it — and denying it would be dishonest.

It's a completely legitimate question in a space where whitepapers without code are common.

KSC's technical documentation — including the 28-module architecture with specific Rust file paths, crate dependencies, and function specifications — has the level of detail that is only possible to generate when real technical development is happening in parallel.

CooBook's Specification-Driven Development methodology produces documentation as a development artifact — not as code replacement but as its precursor and complement.

Transparency about development status — what's implemented, what's in progress, what's on the roadmap — is the most honest signal available.

KSC source code is not currently published as a public repository — a strategic decision during the development phase to avoid exposing implementation before security audit.

Code publication as open source is planned on the roadmap and will be verifiable at that time.

Until then, documentation's technical depth, design decisions' specificity, and honesty about limitations are the most reliable indicators available.

The price reflects the value of the founding position in the ecosystem — not the value of the product in its current state.

An Esmerald Passage NFT at 0.528 WETH is the most accessible entry to the ecosystem.

Higher tiers have higher prices because their scarcity is greater and their governance benefits are proportionally more significant.

The correct question is not whether the price is high or low in absolute terms but whether the expected value of active benefits plus the founding position justifies the price for the specific buyer.

For a professional who wants to publish on CooBook and establish their presence in the ecosystem from the start, the calculation is different than for a pure speculator.

For a holder who values governance over a verified knowledge platform, the calculation is different than for someone who has no interest in that ecosystem.

The correct price is subjective and depends on the buyer's personal valuation of the specific benefits they receive — not on abstract comparison with other projects.

Any buyer who considers the price too high should simply not buy — there is no artificial time pressure in CooBook's offer.

It's a completely valid criticism backed by real data — the vast majority of NFT collections launched between 2021 and 2023 lost between 90% and 100% of their market value.

Ignoring that reality would be dishonest.

The relevant distinction is between speculative NFTs — whose only value was the expectation that someone would buy them at a higher price in the future — and utility NFTs — whose value is anchored in concrete active benefits.

CooBook's NFT Access Pass belongs to the second category by design — its benefits don't depend on the NFT's market price but on the platform's operation.

If an Esmerald Passage's market price falls to zero, the holder still has access to included courses, still has governance rights, still is a network validator.

Market value and use value are independent — something that was not true for the speculative NFTs that destroyed value.

This distinction doesn't guarantee market price goes up or is maintained — but it DOES guarantee the NFT cannot become completely useless while the platform operates.

The objection has foundation — any credential verification system has inclusion and exclusion criteria that reflect value decisions.

CooBook deliberately makes the decision that real professional credential verification is the correct mechanism to guarantee knowledge quality on the platform.

This decision excludes people with genuine knowledge but without recognizable formal credentials — a real cost of the model.

The justification is that the problem CooBook solves — the reader's inability to distinguish reliable content from misinformation — requires a verifiable quality signal mechanism, and professional credentials are currently the most robust mechanism available for that signal.

A system where anyone can publish reproduces the problem the platform exists to solve.

The verification process is designed to be rigorous with credentials but accessible for those who have them — it's not a closed club but an open standard for any professional with real training in their area.

Evolution of the verification system — including potentially alternative mechanisms for non-academic knowledge with demonstrable trajectory — is the type of decision the governance system allows the community to make as the ecosystem matures.

You shouldn't blindly trust KSC's security based on team documentation — and the team doesn't ask for that blind trust either.

The honest position is this:

• Technical documentation details design decisions and their mathematical justifications, which any cryptographer can evaluate independently
• Chosen cryptographic primitives — Dilithium3, Kyber768, BLAKE3, SHA3-512, ChaCha20-Poly1305 — are internationally audited standards — years of global academic scrutiny before being selected by NIST, which is not the same as auditing KSC's specific implementation
• Rust implementation eliminates entire classes of implementation vulnerabilities by compiler guarantees

Independent specialized PQC audit is explicitly planned on the roadmap as a prerequisite to mainnet launch — not as optional but as a necessary condition.

Using KSC with real value before that audit is completed and published would be imprudent — and CooBook doesn't recommend doing so nor designs its roadmap that way.

Trust in KSC's security must be built on independent audit evidence, not on the team's word.

It's a high-quality technical question that deserves a precise technical answer.

User private keys on KSC are not stored in plain text on-chain — what is stored is ciphertext produced by ChaCha20-Poly1305 using an ephemeral symmetric key generated by Kyber768.

What an attacker would obtain by accessing on-chain storage is that ciphertext — encrypted data that without the decryption key is mathematically useless.

The decryption key is never stored alongside the ciphertext — it's destroyed after use and can only be regenerated with the active participation of the owner plus 5 blind validators.

The alternative model — storing private keys on centralized servers off-chain — has the opposite risk: a compromised server exposes all keys simultaneously.

KSC's model distributes the risk — an attacker who compromises on-chain storage obtains ciphertexts without value; to access a specific key they additionally need to compromise the 5-validator authorization process plus the owner's participation.

The legitimate question is not whether on-chain storage is risky — it's whether that specific risk is greater or lesser than available alternatives.

KSC's architecture argues it is lesser.

By not competing on the same ground.

Academia.edu, ResearchGate, and Google Scholar are platforms for discovering and distributing existing academic knowledge — repositories of papers already published in journals.

CooBook is not a repository of existing academic publications but an original publishing platform with on-chain authorship verification, intellectual property protection, and direct economic model for creators.

They are different categories with different purposes.

The professional who publishes on ResearchGate is distributing a paper already published in a journal.

The professional who publishes on CooBook is creating original content with cryptographic authorship protection, direct monetization without intermediaries, and verifiable certification for their readers.

Additionally, none of those platforms can protect documents with buyer-linked on-chain encryption, or issue cryptographically verifiable completion certificates, or offer governance rights over the platform to their most committed users.

CooBook's real competition is not academic platforms but professional publishing and training platforms like Substack, Udemy, or Coursera — and toward those, the differentiators have already been described in previous sections.

Several complementary mechanisms make malicious coordination simultaneously difficult, detectable, and unprofitable:

• Random selection from active users — and in the future via mathematically verifiable VRF — makes it impossible for an attacker to predict or control who the validators of a specific transaction will be
• One user — one NFT rule guarantees validation power cannot be concentrated by buying multiple stakes
• Blind authorization — validators don't see the content of what they're authorizing — eliminates the incentive to selectively validate transactions that benefit them
• On-chain validation history is public — anomalous coordination patterns are detectable by any community member
• The economic incentive to act dishonestly is structurally limited — validators don't receive payments that can be recovered through manipulation, and their on-chain reputation — which has value in the ecosystem — is permanently destroyed if malicious behavior is detected

No consensus system is perfectly immune to manipulation — but the combination of random selection, radical transparency, and incentive alignment makes attack costly and benefit limited.

The historical argument about DRM is valid for traditional DRM — systems like Adobe DRM, iTunes FairPlay, or Kindle DRM that have been repeatedly cracked.

But KSC's encryption nature is fundamentally different from those systems.

Traditional DRM fails because decryption keys are stored in the user's device software — software that can be analyzed, decompiled, and its keys extracted.

KSC's system encrypts the document with a key that can only be regenerated with the owner's private key registered on-chain — a key that never leaves user control and is never stored in decompilable software.

Cracking this system is not a software reverse engineering problem — it's a problem of solving MLWE with Kyber768, which requires superpolynomial computational resources even quantumly.

That said, no content protection system is perfectly immune — a user can intentionally share their private key with another user, or take screenshots of decrypted content.

KSC's protection prevents massive automated redistribution — it cannot prevent a user's voluntary decision to share what they see on their screen.

It depends on the type of decision — and that distinction is coded into the protocol, not a company promise.

Decisions requiring governance vote — adding or removing Core Nodes, structural protocol changes, new knowledge areas — genuinely cannot be implemented without holder approval.

The genesis smart contract is the technical guarantee of this — none of those actions are executable without going through the on-chain voting process.

Operational decisions — interface design, marketing strategy, marketplace prices, sponsor configuration — are under company control and don't require voting.

This separation between democratized structural decisions and centralized operational decisions is the same model practically all organizations with governance mechanisms use — shareholders vote on strategy, the executive team manages operations.

The difference with CooBook is that governance-required decisions are defined in immutable code — not in a policy the company can unilaterally change.

Credential verification significantly reduces — but doesn't eliminate — the risk of incorrect or harmful content.

A verified doctor can publish incorrect medical information. A verified economist can publish biased analysis.

Verification guarantees the author has real training in their area — not that everything they publish is infallibly correct.

Additional quality control mechanisms:

• The on-chain reputation system — where community rating history creates cumulative reliability signals
• The content validation system by NFT holders, which acts as decentralized peer review

Additionally, on-chain registry immutability creates permanent accountability — an author who publishes demonstrably incorrect or harmful content has that history linked to their verified identity forever.

In cases of content that violates platform terms of service — illegal content, demonstrable deliberate misinformation — the company has the ability to make content inaccessible on coobook.org, although the on-chain hash remains registered.

The separation between presentation layer and blockchain layer allows this moderation without compromising registry immutability.

It's not contradictory — it's a recognized and deliberately managed design tension.

Author verification currently requires human intervention to evaluate real credentials — a process that cannot be automated completely without creating fraud vectors the automated system cannot detect.

This centralization of the verification process is a pragmatic compromise in favor of content quality.

What is decentralized is not the verification process but governance over verification standards — NFT holders can vote to modify verification criteria, add new categories of recognized credentials, or even propose alternative verification mechanisms for specific knowledge categories.

Long-term, the on-chain reputation system — where public publication, rating, and validation history becomes a credibility signal independent of initial verification — reduces dependence on centralized verification as the sole trust mechanism.

CooBook's decentralization is a gradual process that advances in parallel with ecosystem maturity, not a binary state that exists or doesn't exist from day one.

The world doesn't need another content platform — it needs a verified knowledge platform that solves problems existing platforms cannot solve.

The distinction isn't semantic.

The real problem isn't platform scarcity but the impossibility of verifying source credibility on platforms where anyone can publish anything.

Medium has millions of articles — and no mechanism to distinguish the board-certified doctor from the blogger without medical training.

YouTube has millions of educational videos — no way to verify creator credentials.

Google Scholar indexes academic papers — but not applied professional knowledge that doesn't go through formal academic publication.

LinkedIn has professional profiles — but credentials are self-declared without cryptographic verification.

CooBook doesn't add more content to the world — it adds verifiability to knowledge.

That's a category that doesn't currently exist with the technical guarantees KSC provides.

If that verifiability has no value for a specific user, that user doesn't need CooBook — and CooBook doesn't pretend to be needed by everyone.

Benefits that are coded on-chain in the genesis smart contract are mathematically immutable without governance vote — including participation of the holder who would be affected by the change.

Operational benefits that depend on the platform — access to courses, consultations, discounts — are protected by the purchase contract under Estonian and European law, which is enforceable before courts.

What no system can guarantee is that the company continues delivering operational benefits if it ceases to exist — that is the business risk no contractual protection completely eliminates.

The distinction between immutable on-chain benefits and company-dependent operational benefits is the same as described in the decentralization section — and honesty about that distinction is precisely the most real protection CooBook can offer.

A project that pretended all its benefits were equally permanent and immutable would be lying.

CooBook precisely establishes which ones are and which aren't — that clarity is the best available protection for the buyer.

There's no weighty reason to buy today if the founding position has no value for the specific buyer.

This is the honest answer.

Waiting for the complete platform launch to buy has real advantages — the product will be verifiable, security audits will be published, and execution risk will have been eliminated by the reality of a working product.

What is lost by waiting is the founding position — NFT prices at mainnet launch will reflect the product's state at that time, which will include years of additional development, completed audits, and demand from an established community.

Current buyers are those financing that development and assuming corresponding execution risk — in exchange for a position in the ecosystem that won't be available at the same price when the product is fully launched.

The correct decision depends entirely on the buyer's profile: if execution risk is unacceptable for you, wait.

If the founding position has value for you and the risk is acceptable given everything you've read here, then the decision has rational foundation.

CooBook doesn't need buyers who buy from pressure or FOMO — it needs holders who buy because they understand the project and believe in what it's building.