White paper drafted under the European Markets in Crypto-Assets Regulation (EU) 2023/1114 for FFG FWSPQDBXB

The crypto-asset BLUE referred to in this white paper is a crypto-asset other than EMTs and ARTs, and is issued or represented on SUI network as of 2026-02-11 and according to DTI FFG shown in F.14. The total supply amounts to 1,000,000,000 units. The first activity on SUI can be viewed on 2024-12-05.

The crypto-asset does not grant any legally enforceable or contractual rights or obligations to its holders or purchasers. Any functionalities accessible through the underlying technology are purely technical or operational in nature and do not confer rights comparable to ownership, profit participation, governance, or similar entitlements known from traditional financial instruments.

As defined in Article 3(9) of Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on Markets in Crypto-Assets – amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937 – a utility token is “a type of crypto-asset that is only intended to provide access to a good or a service supplied by its issuer”. This crypto-asset does not qualify as a utility token, as its intended use goes beyond providing access to a good or a service supplied solely by the issuer.

Bluefin Holdings Ltd is seeking admission to trading on Payward Global Solutions LTD ("Kraken") platform in the European Union in accordance with Article 5 of Regulation (EU) 2023/1114 of the European Parliament and of the Council of 31 May 2023 on Markets in Crypto-Assets, and amending Regulations (EU) No 1093/2010 and (EU) No 1095/2010 and Directives 2013/36/EU and (EU) 2019/1937. The admission to trading is not accompanied by a public offer of the crypto-asset.

Bluefin Holdings Ltd is a company that manages and executes activities related to the BLUE governance token on behalf of the Bluefin Protocol ecosystem, a decentralized spot and derivatives trading platform built on the Sui blockchain.

n/a

Not applicable.

Bluefin Holdings Ltd was established on April 1, 2023, as the governance token management entity for the BLUE token ecosystem. For the period from April 1, 2023 to December 17, 2025, the company received 195,000,002 BLUE tokens from the token issuer, valued at $51,038,904.

The company deployed these tokens across three primary categories totaling $9,694,663 in operating expenses: (1) Exchange listings on 11 centralized exchanges including Binance, KuCoin, and OKX, totaling $2,685,286 in BLUE tokens plus $470,000 in USDT; (2) Market maker agreements with 7 firms, to provide liquidity; and (3) Professional services totaling $4,392,378, including $3,727,013 reimbursed to Bluefin Labs for technical development services, $632,778 for marketing with OKX, and consulting services.

Cash operating expenses totaled $896,649, comprising $342,638 in legal fees, $75,110 in professional services and compliance, $6,048 for wallet infrastructure, and $2,471 in administrative costs.

As of December 17, 2025, the company holds total assets of $4,538,506 (primarily 125,174,769 BLUE tokens valued at $4,284,413 in various strategic reserves, vesting contracts, market maker positions, and exchange positions, plus a $224,062 foundation receivable) against liabilities of $4,255, resulting in net assets of $4,534,251. The company generates no operational revenue, consistent with its governance token entity structure.

Bluefin is a decentralized spot and derivatives trading platform built on the Sui blockchain. The platform operates as a decentralized exchange (DEX) that enables users to trade crypto-assets through on-chain smart contracts. The BLUE token serves as the governance token for the Bluefin Protocol ecosystem, enabling token holders to participate in protocol governance decisions and benefit from the platform's development and growth.

Past Milestones:

- Pre-TGE: $37.5B volume, 42,865 users, 72% Sui market share, TrailOfBits audit

- Dec 11, 2024: TGE with 1B max supply, 150.4M initial circulating supply

- Token Distribution: 52% Ecosystem, 28% Strategic Participants, 20% Core Contributors

- Initial Unlocks: 4.5% Liquidity Reserve, 2.8% Protocol Development, Airdrop launch (19.68%)

- Q1 2025: Remaining airdrop distribution (50% over 2 months), exchange listings

- Q1-Q2 2025: Governance activation with real parameters (2.5M threshold, 1% of the circulating supply quorum)

- Q2 2025: Treasury vesting starts (6.5%, 3-month cliff)

- Dec 11, 2025: Major unlock - 1-year cliff expires for investors/team

Note: All future milestones are subject to significant uncertainty, including but not limited to technical feasibility, regulatory developments, market adoption, and community governance decisions. The project may modify, delay, or discontinue any of these initiatives at any time. Past implementation or performance outcomes do not constitute an indication of future results, and any such changes may materially affect the characteristics, availability, or perceived value of the BLUE crypto-asset for its holders.

Future Milestones:

- 2025-2029: Progressive vesting of all allocations per schedule

Token buyback programs approved through DAO governance votes, utilizing a tiered allocation framework based on protocol revenue

Token Allocations: At the December 11, 2024 token generation event, the complete 1,000,000,000 BLUE token supply was minted and allocated as follows:

Ecosystem Growth (52%, 520,000,000 tokens): Reserved for long-term ecosystem development, vesting over 5 years. Includes User Incentives (32.5%) for airdrops and trading rewards, Protocol Development (8.5%) for service providers and exchange listings, Treasury (6.5%) for DAO management, and Liquidity Reserve (4.5%) for market making.

Strategic Participants (28%, 280,000,000 tokens): Allocated to investors and advisors with 3-year vesting including 1-year cliff followed by 24-month linear unlock.

Core Contributors (20%, 200,000,000 tokens): Allocated to team members supporting engineering, infrastructure, and operations with 3-year vesting including 1-year cliff followed by 24-month linear unlock.

Initial Distribution: 150,385,000 tokens (15.04% of total supply) were released to circulation at TGE. This included 45,000,000 tokens deployed for liquidity provision (20,000,000 to market makers for centralized exchanges, 25,000,000 for DEX and cross-chain liquidity), and initial Protocol Development allocation for exchange listings and launch pools.

Vesting Infrastructure: Automated vesting contracts were deployed via Streamflow platform for investor and team allocations. Airdrop distribution commenced with 50% of allocations claimable at TGE for qualifying users.

Team & Operations: A global team of software engineers and blockchain developers.

Not applicable, as this white paper serves the purpose of admission to trading and is not associated with any fundraising activity for the crypto-asset project.

The admission to trading is sought to:

1. Provide European users with compliant access to the BLUE governance token through regulated trading platforms

2. Enable broader participation in the Bluefin Protocol governance ecosystem by token holders within the European Economic Area

3. Facilitate liquidity and price discovery for the BLUE token in regulated European markets

Not applicable, as this white paper is written to seek admission to trading, not for the initial offer to the public.

Holder restrictions are subject to the rules applicable to the Crypto-Asset Service Provider, as well as to any additional restrictions such provider may impose.

The token is intended to be listed on the trading platform operated by Payward Global Solutions LTD ("Kraken"). Access to this platform depends on regional availability and user eligibility under Kraken’s terms and conditions. Investors should consult Kraken’s official documentation to determine whether they meet the requirements for account creation and token trading.

The costs involved in accessing the trading platform depend on the specific fee structure and terms of the respective crypto-asset service provider. These may include trading fees, deposit or withdrawal charges, and network-related gas fees. Investors are advised to consult the applicable fee schedule of the chosen platform before engaging in trading activities.

Not applicable, as this white paper is written to seek admission to trading, not for the initial offer to the public.

No conflicts of interest arise in relation to this admission to trading.

Not applicable, as this white paper is written to seek admission to trading, not for the initial offer to the public.

Not applicable, as this white paper is written to seek admission to trading, not for the initial offer to the public.

All content listed below refers to technical functionalities as distinct from the enforceable rights described in F.1, such as shareholder rights.

The BLUE governance token provides the following functionalities:

1. Governance Voting Rights: Token holders can participate in protocol governance by voting on proposals that affect the Bluefin Protocol's operation, including parameter adjustments, protocol upgrades, treasury allocation decisions, and strategic initiatives.

2. Proposal Creation: Holders meeting the minimum threshold (2,500,000 BLUE tokens) can create governance proposals for community consideration.

3. Protocol Participation: Token holders participate in the decentralized ecosystem and benefit from the protocol's growth and development.

The token is implemented on the Sui blockchain and operates through on-chain smart contracts that enforce governance mechanisms transparently and immutably.

The governance functionalities of the BLUE token became active at the Token Generation Event on December 11, 2024.

Timeline of functionality activation:

• December 11, 2024: Token Generation Event - BLUE tokens became transferable, governance contracts deployed, and initial governance parameters activated

• At Launch: Governance portal operational with the following parameters:

- Proposal Threshold: 2,500,000 BLUE

- Voting Period: 3 days

- Quorum: 1% of the circulating supply (majority support required)

• Ongoing: Continuous governance participation available to all token holders. The voting process begins with forum discussion followed by on-chain voting through the Bluefin Governance Portal.

• Future: Additional utility functions may be introduced through on-chain governance votes as the community decides.

Token Name: BLUE

Token Symbol: BLUE

Blockchain: Sui (native token)

Maximum Supply: 1,000,000,000 BLUE (fixed, non-inflationary)

Initial Circulating Supply: 150,385,000 BLUE (15.04% at TGE on December 11, 2024)

Bluefin Holdings Ltd is a special purpose entity established solely for the management and execution of activities related to the BLUE governance token. The BLUE token provides governance rights over the Bluefin Protocol, a decentralized spot and derivatives trading platform built on the Sui blockchain.

1. Governance Voting Rights: Token holders have the right to vote on governance proposals affecting the Bluefin Protocol, including:

• Protocol upgrades and technical improvements

• Fee structures and adjustments

• Asset listings on the exchange

• Allocating community treasury funds

• Launching new token listings on the Bluefin Protocol

• Introducing additional token utility

• Modifying or initiating incentive programs

• Introducing fee tiers

• Changes to governance contracts themselves

• Lending parameters and vault strategies

2. Proposal Creation Rights: Token holders possessing at least 10,000,000 BLUE tokens have the right to submit governance proposals for community consideration.

3. Transfer Rights: Token holders have the right to freely transfer BLUE tokens on the Sui blockchain, subject to vesting schedules (for Strategic Participants and Core Contributors) and compliance with applicable laws.

4. Trading Rights: Token holders have the right to trade BLUE tokens on crypto-asset service providers (exchanges) that list the token.

5. Self-Custody Rights: Token holders have the right to withdraw tokens from exchanges to self-custodied Sui-compatible wallets.

Obligations of BLUE Token Holders:

1. Legal Compliance: Token holders must comply with all applicable laws and regulations in their jurisdiction of residence, including restrictions on crypto-asset ownership and trading.

2. Responsible Governance: Token holders are responsible for ensuring that governance decisions are made in compliance with applicable laws and regulations. The community is encouraged to consult knowledgeable legal and regulatory professionals before implementing proposals.

3. Exchange Compliance: Token holders must satisfy the requirements of their chosen crypto-asset service provider.

4. Security Responsibility: Token holders maintaining self-custodied wallets are responsible for securing their private keys and wallet credentials. Loss of private keys may result in permanent loss of access to tokens.

5. No Investment Rights: BLUE tokens do not represent equity, debt, or any ownership interest in Bluefin Holdings Ltd. Token holders have no rights to dividends, profit distributions, or liquidation proceeds.

1. Forum Discussion: Proposals begin with community discussion on the Bluefin governance forum where stakeholders can debate the merits and implications of proposed changes.

2. Proposal Submission: Token holders with at least 10,000,000 BLUE tokens can submit formal on-chain proposals through the Bluefin Governance Portal.

3. Voting Period: Once submitted, proposals enter a 4-day voting period during which all token holders can vote. Voting power is determined by the number of tokens locked into the proposal during the voting period.

4. Quorum and Approval: For a proposal to pass, it must receive:

• Majority support from voting participants

• At least 1,000,000 BLUE tokens locked in votes (quorum requirement)

5. Execution: Approved proposals are executed automatically through smart contracts or implemented by the relevant parties.

Rights and obligations attached to BLUE tokens can only be modified through the on-chain governance process described in G.2.

Not applicable.

Not applicable, as this white paper is written to seek admission to trading, not for the initial offer to the public.

The crypto-assets themselves are not subject to any technical or contractual transfer restrictions and are generally freely transferable. However, crypto-asset service providers may impose restrictions on buyers or sellers in accordance with applicable laws, internal policies or contractual terms agreed with their clients.

Not applicable. There are no supply adjustment protocols (see G.12).

The BLUE token and the rights attached to it are governed by British Virgin Islands law (BVI Business Companies Act, 2004), as Bluefin Holdings Ltd is incorporated in the British Virgin Islands.

For disputes related to token rights and obligations: The High Court of Justice of the British Virgin Islands.

The BLUE token is implemented on the Sui blockchain, a Layer 1 distributed ledger technology.

Sui Blockchain Overview:

Sui is a delegated proof-of-stake blockchain designed for high throughput and low latency. The blockchain uses an object-centric data model where assets and smart contracts are represented as objects with unique identifiers. This architecture enables parallel transaction execution and efficient state management.

Key Technical Characteristics:

• Object-based architecture enabling parallel transaction processing

• Smart contracts written in Move programming language

• Byzantine Fault Tolerant consensus mechanism

• Validators secure the network through delegated proof-of-stake

• Transaction finality typically achieved within seconds

The BLUE token utilizes Sui's native token standard, ensuring compatibility with all Sui-compatible wallets and applications.

All BLUE token smart contracts are written in Move, a resource-oriented programming language designed for secure asset management. Move provides strong safety guarantees including:

• Resource safety preventing token duplication or loss

• Type safety ensuring correct token operations

• Formal verification capabilities for critical functions

2. Sui Native Token Standard:

BLUE implements Sui's native token standard (Coin<T> framework), ensuring:

• Interoperability with all Sui-compatible wallets and applications

• Standard token operations (transfer, split, merge)

• Native blockchain integration without wrapping

3. Governance Smart Contracts:

Custom governance contracts implementing:

• Proposal creation and voting mechanisms

• Token locking during voting periods

• Timelock execution for approved proposals

• Quorum and threshold validation

4. Streamflow Vesting Protocol:

Vesting schedules for Strategic Participants and Core Contributors are implemented using Streamflow's vesting smart contracts on Sui, providing:

• Automated time-locked token releases

• Transparent and immutable vesting schedules

• Claimable interface for vested tokens

5. Cryptographic Standards:

• ECDSA (secp256k1) for transaction signatures

• Ed25519 signature scheme supported by Sui

• SHA-256 and Blake2b hashing algorithms

BLUE tokens are held and stored using Sui blockchain addresses and wallets:

1. Self-Custodial Wallets: Users can store BLUE tokens in Sui-compatible wallets including Sui Wallet, Suiet, Ethos Wallet, Martian Wallet, and other wallets supporting the Sui network. Private keys are managed by the user and never leave the local device.

2. Exchange Custody: Crypto-asset service providers (exchanges) may hold BLUE tokens on behalf of users in custodial wallets managed according to MiCA requirements.

3. Hardware Wallets: BLUE tokens can be stored on hardware wallets that support Sui blockchain, providing additional security through offline key storage.

BLUE tokens are secured by the Sui blockchain's delegated proof-of-stake consensus mechanism.

Consensus Architecture:

Sui employs a Byzantine Fault Tolerant (BFT) consensus mechanism where:

• Network security is provided by a set of independent validators

• Validators stake SUI tokens (Sui's native cryptocurrency) to participate in consensus

• Token holders can delegate their stake to validators of their choice

• Validators reach consensus on transaction ordering and execution

• The system can tolerate up to one-third of validators acting maliciously or failing

Users pay network fees (gas fees) for BLUE token transactions on the Sui blockchain:

1. Simple Transfers: Typically under $0.01 per transaction

2. Governance Operations: Voting and proposal creation incur slightly higher fees due to increased computational requirements, typically $0.01-$0.05

3. Smart Contract Interactions: Complex operations may cost more depending on computational complexity

Fees are paid in SUI (Sui's native cryptocurrency), not in BLUE tokens. Users must hold a small amount of SUI in their wallets to execute BLUE token transactions.

The BLUE token and Bluefin Protocol smart contracts have undergone multiple independent security audits with the following outcomes:

TrailOfBits (June 2023) - Exchange Contracts:

- Identified 15 findings: 4 High, 2 Medium, 2 Low, 7 Informational

- Fix review results: 10 resolved, 3 unresolved (by design - related to rounding precision at 10th decimal, deemed too expensive to exploit), 2 undetermined (documentation updates)

OtterSec (November 2024) - Spot Contracts:

- Identified 9 findings: 1 Critical, 1 Medium, 4 Low, 3 Informational

- All critical, medium, and low severity vulnerabilities were resolved

- Critical issue involved faulty constant definition affecting tick calculations

OtterSec (December 2024) - Coin Contracts:

- Identified 1 informational finding for code refactoring

- No critical or high-severity vulnerabilities found

Asymptotic - RFQ Smart Contract:

- Identified 1 Medium, 5 Low vulnerabilities, and 3 Advisory recommendations

- All medium and low severity vulnerabilities were confirmed and remediated

- 2 of 3 advisory recommendations integrated; 1 waived (not considered security issue)

Overall Assessment: All critical and high-severity vulnerabilities have been resolved. The protocol has been audited by multiple reputable firms (TrailOfBits, OtterSec, Asymptotic) with no unresolved critical security issues remaining.

1. Regulatory and Compliance

Regulatory frameworks applicable to crypto-asset services in the European Union and in third countries are evolving. Supervisory authorities may introduce, interpret, or enforce rules that affect (i) the eligibility of this crypto-asset for admission to trading, (ii) the conditions under which a crypto-asset service provider may offer trading, custody, or transfer services for it, or (iii) the persons or jurisdictions to which such services may be provided. As a result, the crypto-asset service provider admitting this crypto-asset to trading may be required to suspend, restrict, or terminate trading or withdrawals for regulatory reasons, even if the crypto-asset itself continues to function on its underlying network.

2. Trading venue and connection risk

Trading in the crypto-asset depends on the uninterrupted operation of the trading venues on which it is listed and, where applicable, on its technical connections to external liquidity sources or venues. Interruptions such as system downtime, maintenance, faulty integrations, API changes, or failures at an external venue can temporarily prevent order placement, execution, deposits, or withdrawals, even when the underlying blockchain is functioning. In addition, trading platforms in emerging markets may operate under differing governance, compliance, and oversight standards, which can increase the risk of operational failures or disorderly market conditions.

3. Market formation and liquidity conditions

The price and tradability of the crypto-asset depend on actual trading activity on the venues to which the service provider is connected, whether centralised exchanges (CEXs) or decentralised exchanges (DEXs). Trading volumes may at times be low, order books thin, or liquidity concentrated on a single venue. In such conditions, buy or sell orders may not be executed in full or may be executed only at a less favourable price, resulting in slippage.

Volatility: The market price of the crypto-asset may fluctuate significantly over short periods, including for reasons that are not linked to changes in the underlying project or protocol. Periods of limited liquidity, shifts in overall market sentiment, or trading on only a small number of CEXs or DEXs can amplify these movements and lead to higher slippage when orders are executed. As a result, investors may be unable to sell the crypto-asset at or close to a previously observed price, even where no negative project-specific event has occurred.

4. Counterparty and service provider dependence

The admission of the crypto-asset to trading may rely on several external parties, such as connected centralised or decentralised trading venues, liquidity providers, brokers, custodians, or technical integrators. If any of these counterparties fail to perform, suspend their services, or apply internal restrictions, the trading, deposit, or withdrawal of the crypto-asset on the listing crypto-asset service provider can be interrupted or halted.

Quality of counterparties: Trading venues and service providers in certain jurisdictions may operate under regulatory or supervisory standards that are lower or differently enforced than those applicable in the European Union. In such environments, deficiencies in governance, risk management, or compliance may remain undetected, which increases the probability of abrupt service interruptions, investigations, or forced wind-downs.

Delisting and service suspension: The crypto-asset’s availability may depend on the internal listing decisions of these counterparties. A delisting or suspension on a key connected venue can materially reduce liquidity or make trading temporarily impossible on the admitting service provider, even if the underlying crypto-asset continues to function.

Insolvency of counterparties: If a counterparty involved in holding, routing, or settling the crypto-asset becomes insolvent, enters restructuring, or is otherwise subject to resolution measures, assets held or processed by that counterparty may be frozen, become temporarily unavailable, or be recoverable only in part or not at all, which can result in losses for clients whose positions were maintained through that counterparty. This risk applies in particular where client assets are held on an omnibus basis or where segregation is not fully recognised in the counterparty’s jurisdiction.

5. Operational and information risks

Due to the irrevocability of blockchain transactions, incorrect transaction approvals or the use of wrong networks or addresses will typically make the transferred funds irrecoverable. Because trading may also rely on technical connections to other venues or service providers, downtime or faulty code in these connections can temporarily block trading, deposits, or withdrawals even when the underlying blockchain is functioning. In addition, different groups of market participants may have unequal access to technical, governance, or project-related information, which can lead to information asymmetry and place less informed investors at a disadvantage when making trading decisions.

6. Market access and liquidity concentration risk

If the crypto-asset is only available on a limited number of trading platforms or through a single market-making entity, this may result in reduced liquidity, greater price volatility, or periods of inaccessibility for retail holders.

1. Insolvency of the issuer

As with any commercial entity, the issuer may face insolvency risks. These may result from insufficient funding, low market interest, mismanagement, or external shocks (e.g. pandemics, armed conflicts). In such a case, ongoing development, support, and governance of the project may cease, potentially affecting the viability and tradability of the crypto-asset.

2. Legal and regulatory risks

The issuer operates in a dynamic and evolving regulatory environment. Failure to comply with applicable laws or regulations in relevant jurisdictions may result in enforcement actions, penalties, or restrictions on the project’s operations. These may negatively impact the crypto-asset’s availability, market acceptance, or legal status.

3. Operational risks

The issuer may fail to implement adequate internal controls, risk management, or governance processes. This can result in operational disruptions, financial losses, delays in updating the white paper, or reputational damage.

4. Governance and decision-making

The issuer’s management body is responsible for key strategic, operational, and disclosure decisions. Ineffective governance, delays in decision-making, or lack of resources may compromise the stability of the project and its compliance with MiCA requirements. High concentration of decision-making authority or changes in ownership/control can amplify these risks.

5. Reputational risks

The issuer’s reputation may be harmed by internal failures, external accusations, or association with illicit activity. Negative publicity can reduce trust in the issuer and impact the perceived legitimacy or value of the crypto-asset.

6. Counterparty dependence

The issuer may depend on third-party providers for certain core functions, such as technology development, marketing, legal advice, or infrastructure. If these partners discontinue their services, change ownership, or underperform, the issuer’s ability to operate the project or maintain investor communication may be impaired. This could disrupt project continuity or undermine market confidence, ultimately affecting the crypto-asset’s value.

1. Valuation risk

The crypto-asset does not represent a claim, nor is it backed by physical assets or legal entitlements. Its market value is driven solely by supply and demand dynamics and may fluctuate significantly. In the absence of fundamental value anchors, such assets can lose their entire market value within a very short time. Historical market behaviour has shown that some types of crypto-assets – such as meme coins or purely speculative tokens – have become worthless. Investors should be aware that this crypto-asset may lose all of its value.

2. Market volatility risk

Crypto-asset prices can fluctuate sharply due to changes in market sentiment, macroeconomic conditions, regulatory developments, or technology trends. Such volatility may result in rapid and significant losses. Holders should be prepared for the possibility of losing the full amount invested.

3. Liquidity and price-determination risk

Low trading volumes, fragmented trading across venues, or the absence of active market makers can restrict the ability to buy or sell the crypto-asset. In such situations, it is not guaranteed that an observable market price will exist at all times. Spreads may widen materially, and orders may only be executable under unfavourable conditions, which can make liquidation costly or temporarily impossible.

4. Asset security risk

Loss or theft of private keys, unauthorised access to wallets, or failures of custodial or exchange service providers can result in the irreversible loss of assets. Because blockchain transactions are final, recovery of funds after a compromise is generally impossible.

5. Fraud and scam risk

The pseudonymous and irreversible nature of blockchain transactions can attract fraudulent schemes. Typical forms include fake or unauthorised crypto-assets imitating established ones, phishing attempts, deceptive airdrops, or social-engineering attacks. Investors should exercise caution and verify the authenticity of counterparties and information sources.

6. Legal and regulatory reclassification risk

Legislative or regulatory changes in the European Union or in the Member State where the crypto-asset is admitted to trading may alter its legal classification, permitted uses, or tradability. In third countries, the crypto-asset may be treated as a financial instrument or security, which can restrict its offering, trading, or custody.

7. Absence of investor protection

The crypto-asset is not covered by investor-compensation or deposit-guarantee schemes. In the event of loss, fraud, or insolvency of a service provider, holders may have no access to recourse mechanisms typically available in regulated financial markets.

8. Counterparty risk

Reliance on third-party exchanges, custodians, or intermediaries exposes holders to operational failures, insolvency, or fraud of these parties. Investors should conduct due diligence on service providers, as their failure may lead to the partial or total loss of held assets.

9. Reputational risk

Negative publicity related to security incidents, misuse of blockchain technology, or associations with illicit activity can damage public confidence and reduce the crypto-asset’s market value.

10. Community and sentiment risk

Because the crypto-asset’s perceived relevance and expected future use depend largely on community engagement and the prevailing sentiment, a loss of public interest, negative coverage or reduced activity of key contributors can materially reduce market demand.

11. Macroeconomic and interest-rate risk

Fluctuations in interest rates, exchange rates, general market conditions, or overall market volatility can influence investor sentiment towards digital assets and affect the crypto-asset’s market value.

12. Taxation risk

Tax treatment varies across jurisdictions. Holders are individually responsible for complying with all applicable tax laws, including the reporting and payment of taxes arising from the acquisition, holding, or disposal of the crypto-asset.

13. Anti-money-laundering and counter-terrorist financing risk

Wallet addresses or transactions connected to the crypto-asset may be linked to sanctioned or illicit activity. Regulatory responses to such findings may include transfer restrictions, reporting obligations, or the freezing of assets on certain venues.

14. Market-abuse risk

Due to limited oversight and transparency, crypto-assets may be vulnerable to market-abuse practices such as spoofing, pump-and-dump schemes, or insider trading. Such activities can distort prices and expose holders to sudden losses.

15. Legal ownership and jurisdictional risk

Depending on the applicable law, holders of the crypto-asset may not have enforceable ownership rights or effective legal remedies in cases of disputes, fraud, or service failure. In certain jurisdictions, access to exchanges or interfaces may be restricted by regulatory measures, even if on-chain transfer remains technically possible.

16. Concentration risk

A large proportion of the total supply may be held by a small number of holders. This can enable market manipulation, governance dominance, or sudden large-scale liquidations that adversely affect market stability, price levels, and investor confidence.

As this white paper relates to admission to trading of the crypto-asset, the risk description below reflects general implementation risks typically associated with crypto-asset projects and relevant for the crypto-asset service provider. The party admitting the crypto-asset to trading is not involved in the project’s implementation and does not assume responsibility for its governance, funding, or execution.

Delays, failures, or changes in the implementation of the project as outlined in its public roadmap or technical documentation may negatively impact the perceived credibility or usability of the crypto-asset. This includes risks related to project governance, resource allocation, technical delivery, and team continuity.

Key-person risk: The project may rely on a limited number of individuals for development, maintenance, or strategic direction. The departure, incapacity, or misalignment of these individuals may delay or derail the implementation.

Timeline and milestone risk: Project milestones may not be met as announced. Delays in feature releases, protocol upgrades, or external integrations can undermine market confidence and affect the adoption, use, or value of the crypto-asset.

Delivery risk: Even if implemented on time, certain functionalities or integrations may not perform as intended or may be scaled back during execution, limiting the crypto-asset’s practical utility.

As this white paper relates to admission to trading of the crypto-asset, the following risks concern the underlying distributed ledger technology (DLT), its supporting infrastructure, and related technical dependencies. Failures or vulnerabilities in these systems may affect the availability, integrity, or transferability of the crypto-asset.

1. Blockchain dependency risk

The functionality of the crypto-asset depends on the continuous and stable operation of the blockchain(s) on which it is issued. Network congestion, outages, or protocol errors may temporarily or permanently disrupt on-chain transactions. Extended downtime or degradation in network performance can affect trading, settlement, or the usability of the crypto-asset.

2. Smart contract vulnerability risk

The smart contract that defines the crypto-asset’s parameters or governs its transfers may contain coding errors or security vulnerabilities. Exploitation of such weaknesses can result in unintended token minting, permanent loss of funds, or disruption of token functionality. Even after external audits, undetected vulnerabilities may persist due to the immutable nature of deployed code.

3. Wallet and key-management risk

The custody of crypto-assets relies on secure private key management. Loss, theft, or compromise of private keys results in irreversible loss of access. Custodians, trading venues, or wallet providers may be targeted by cyberattacks. Compatibility issues between wallet software and changes to the blockchain protocol (e.g. network upgrades) can further limit user access or the ability to transfer the crypto-asset.

Outdated or vulnerable wallet software:

Users relying on outdated, unaudited, or unsupported wallet software may face compatibility issues, security vulnerabilities, or failures when interacting with the blockchain. Failure to update wallet software in line with protocol developments can result in transaction errors, loss of access, or exposure to known exploits.

4. Network security risks

Attack risks: Blockchains may be subject to denial-of-service (DoS) attacks, 51% attacks, or other exploits targeting the consensus mechanism. These can delay transactions, compromise finality, or disrupt the accurate recording of transfers.

Centralisation concerns: Despite claims of decentralisation, a relatively small number of validators or a high concentration of stake may increase the risk of collusion, censorship, or coordinated network downtime, which can affect the resilience and operational reliability of the crypto-asset.

5. Bridge and interoperability risk

Where tokens can be bridged or wrapped across multiple blockchains, vulnerabilities in bridge protocols, validator sets, or locking mechanisms may result in loss, duplication, or misrepresentation of assets. Exploits or technical failures in these systems can instantly impact circulating supply, ownership claims, or token fungibility across chains.

6. Forking and protocol-upgrade risk

Network upgrades or disagreements among node operators or validators can result in blockchain “forks”, where the blockchain splits into two or more incompatible versions that continue separately from a shared past. This may lead to duplicate token representations or incompatibilities between exchanges and wallets. Until consensus stabilises, trading or transfers may be disrupted or misaligned. Such situations may be difficult for retail holders to navigate, particularly when trading platforms or wallets display inconsistent token information.

7. Economic-layer and abstraction risk

Mechanisms such as gas relayers, wrapped tokens, or synthetic representations may alter the transaction economics of the underlying token. Changes in transaction costs, token demand, or utility may reduce its usage and weaken both its economic function and perceived value within its ecosystem.

8. Spam and network-efficiency risk

High volumes of low-value (“dust”) or automated transactions may congest the network, slow validation times, inflate ledger size, and raise transaction costs. This can impair performance, reduce throughput, and expose address patterns to analysis, thereby reducing network efficiency and privacy.

9. Front-end and access-interface risk

If users rely on centralised web interfaces or hosted wallets to interact with the blockchain, service outages, malicious compromises, or domain expiries affecting these interfaces may block access to the crypto-asset, even while the blockchain itself remains fully functional. Dependence on single web portals introduces a critical point of failure outside the DLT layer.

10. Decentralisation claim risk

While the technical infrastructure may appear distributed, the actual governance or economic control of the project may lie with a small set of actors. This disconnect between marketing claims and structural reality can lead to regulatory scrutiny, reputational damage, or legal uncertainty – especially if the project is presented as ‘community-governed’ without substantiation.

None.

BLUE tokens are secured by the Sui blockchain's delegated proof-of-stake consensus mechanism.

Consensus Architecture:

Sui employs a Byzantine Fault Tolerant (BFT) consensus mechanism where:

• Network security is provided by a set of independent validators

• Validators stake SUI tokens (Sui's native cryptocurrency) to participate in consensus

• Token holders can delegate their stake to validators of their choice

• Validators reach consensus on transaction ordering and execution

• The system can tolerate up to one-third of validators acting maliciously or failing

Users pay network fees (gas fees) for BLUE token transactions on the Sui blockchain:

1. Simple Transfers: Typically under $0.01 per transaction

2. Governance Operations: Voting and proposal creation incur slightly higher fees due to increased computational requirements, typically $0.01-$0.05

3. Smart Contract Interactions: Complex operations may cost more depending on computational complexity

Fees are paid in SUI (Sui's native cryptocurrency), not in BLUE tokens. Users must hold a small amount of SUI in their wallets to execute BLUE token transactions.

The energy consumption associated with this crypto-asset is aggregated of multiple contributing components, primarily the underlying blockchain network and the execution of token-specific operations. To determine the energy consumption of a token, the energy consumption of the underlying blockchain network SUI is calculated first. A proportionate share of that energy use is then attributed to the token based on its expected activity level within the network (e.g. transaction volume, contract execution).

The Functionally Fungible Group Digital Token Identifier (FFG DTI) is used to determine all technically equivalent implementations of the crypto-asset in scope.

Estimates regarding hardware types, node distribution, and the number of network participants are based on informed assumptions, supported by best-effort verification against available empirical data. Unless robust evidence suggests otherwise, participants are assumed to act in an economically rational manner. In line with the precautionary principle, conservative estimates are applied where uncertainty exists – that is, estimates tend towards the higher end of potential environmental impact.

To determine the proportion of renewable energy usage, the locations of the nodes are to be determined using public information sites, open-source crawlers and crawlers developed in-house. If no information is available on the geographic distribution of the nodes, reference networks are used which are comparable in terms of their incentivization structure and consensus mechanism. This geo-information is merged with public information from Our World in Data, see citation. The intensity is calculated as the marginal energy cost wrt. one more transaction. Ember (2025); Energy Institute - Statistical Review of World Energy (2024) - with major processing by Our World in Data. “Share of electricity generated by renewables - Ember and Energy Institute” [dataset]. Ember, “Yearly Electricity Data Europe”; Ember, “Yearly Electricity Data”; Energy Institute, “Statistical Review of World Energy” [original data]. Retrieved from https://ourworldindata.org/grapher/share-electricity-renewables.

To determine the GHG Emissions, the locations of the nodes are to be determined using public information sites, open-source crawlers and crawlers developed in-house. If no information is available on the geographic distribution of the nodes, reference networks are used which are comparable in terms of their incentivization structure and consensus mechanism. This geo-information is merged with public information from Our World in Data, see citation. The intensity is calculated as the marginal emission wrt. one more transaction. Ember (2025); Energy Institute - Statistical Review of World Energy (2024) - with major processing by Our World in Data. “Carbon intensity of electricity generation - Ember and Energy Institute” [dataset]. Ember, “Yearly Electricity Data Europe”; Ember, “Yearly Electricity Data”; Energy Institute, “Statistical Review of World Energy” [original data]. Retrieved from https://ourworldindata.org/grapher/carbon-intensity-electricity Licenced under CC BY 4.0.