OVERVIEW:
As the hype for Initial Coin Offerings (ICOs) is weakening, the attention is now shifted toward the Security Token (ST) industry. The ST industry is currently at its nascent stage, in which many startups are trying to revolutionize the traditional financial ecosystem. The transition from traditional assets to tokenized assets involves a set of requirements on both technological and compliance perspectives, making the tokenization process more complicated than simple tokenization through ERC-20 like we’ve seen for ICOs in the past. In my research, I will discuss the various components and challenges in tokenizing securities, evaluate the pros/cons of other solutions, and create a thesis around how the space could evolve in the next couple of years.
From a fundamental perspective, a tokenized version of assets should be able to demonstrate these key properties on the blockchain:
Other desired properties include privacy, programmability, governance, disclosure, liquidity, and scalability. Smart contract introduced programmability, allowing the implementation of more complex assets, such as bonds, commodities or derivatives. For example, Tokenized real estate investment trust (tREIT) involves a series of real estate debt and equity assets in a single tradeable unit. In this case, smart contracts can support for complex dynamics such as risk, rebalancing, debt defaults, in addition to just simple ownership on the blockchain.
Currently, privacy and compliance seem to be the major challenges in launching STOs. Financial securities are currently regulated and controlled by centralized authorities, following strict regulations such as GDPR, SWIFT, and FINRA, who ensure the privacy and protection of investors. Depending on the jurisdiction, investors have to go through strict Know Your Customer (KYC) and Anti-Money Laundering (AML) processes to be compliant and eligible to invest and trade securities. However, due to the borderless, peer-to-peer, transparent and decentralized natures of cryptocurrency, some frictions exist between tokenized assets and compliance.
For instance, cryptocurrency uses pseudonymization, in which the investors’ addresses are not directly reflecting their real identities. However, FINRA and SEC require that the identity of the investors are fully known and their transactions and holdings are reported periodically by the companies and exchanges. In the tokenized securities space, a list of eligible investors who passed KYC and AML would have to depend on third parties to connect their real identities to their public addresses. Only then, the investor addresses are valid for investments and trades as they are approved at the code level and automatically compliant. Another example is that German laws require the data of tokenized assets issued in Germany to be traded among German parties and cannot leave the jurisdiction, which contradicts the way data is currently stored across nodes around the world on public blockchains. Moreover, privacy isn’t completely available to the investors because all the transactions and token holdings are visible and traceable on public blockchains.
These challenges will have to be solved for the legacy system to transition into a tokenized system. Currently, a few issuance platforms are offering solutions for tokenizing securities. We have divided them into 3 categories: Protocols on Ethereum, Side-chains on ethereum, and a Security Token blockchain. Next, we will analyze the pros and cons of these different type of solutions, and discuss how the space could evolve.
Currently, the most advanced Security Token issuance platforms, notably Securitize.io, Polymath and Harbor, are building their solutions on the top of existing blockchains, with Ethereum being the most utilized blockchain. STOs are issued through their token standards, respectively DS-Protocol, ST-20, and R-Token. These projects are operating as centralized entities and working with third-party compliance validators for KYC and AML.
Ethereum, released in 2015, is the first and most proven secure blockchain with smart contract capabilities, allowing for more complex use cases to be implemented on the blockchain. Issuing STOs on the top of an existing blockchain does have its benefits, such as having access to the interoperability among different protocols, existing tools, developer community, and smart contract functionalities. Smart contracts can be used to define trading and governance rules, as well as dividend mechanisms.
Figure 1: Pros and cons of protocols built on Ethereum
On the other hand, addresses on ethereum are under pseudonyms, in which the identity of the token holders is hidden, causing friction with compliance. To solve this problem, issuance platforms have to verify that the investors actually own the addresses themselves by 1) Asking the investors to submit their addresses and link back to their email 2) Create an address directly for the investors 3) Utilize an address verification tool (like the one provided by Vertalo), in which the ownership of addresses are verified by asking investors to conduct micro-transactions through MetaMask. After all the investors are verified, the list of approved addresses (whitelist) is included into a smart contract for the token issuance, specifying the list of eligible investors for investing/trading as well as other trading permissions. For any new addition or subtraction of investors, the smart contract will have to be updated through various mechanisms.
Additionally, Ethereum is a general purpose blockchain, which doesn’t have functionalities specifically catered towards the needs of STs. Ethereum can easily represent fractional ownership on the blockchain through ERC-20, as well as transfer restrictions and simple dividend mechanisms through smart contracts. However, adapting to the legacy system, standard securities laws and more complex use cases such as debt, derivatives, disclosures, and voting would require a significant amount of coding efforts to bypass the challenges from the constrained code-semantics of smart contracts. Moreover, smart contracts have limitation in size due to the higher cost of deploying larger smart contracts for more complex use cases and limitation in portability as Solidity cannot be carried over to other blockchains’ smart contracts. This could impact the overall scalability for conducting transactions, building new functionalities, and providing trust in the system.
While we haven’t seen a side-chain focused on STs, some existing Ethereum sidechain solutions include POA Network, Loom (👽 Dilanka @ LOOM / @mcu11inan), Skalelabs (Jack O’Holleran / Chadwick Strange), etc. A sidechain is a separate blockchain that is attached to its parent blockchain using a two-way peg, that enables interchangeability of assets at a predetermined rate between the parent blockchain and the sidechain.
Specialized side-chains on ethereum can be an interesting alternative, as it can offload specific sets of computation to isolated environments then reflect the results back to the main-chain. As not every process needs to live on-chain, components such as disclosures, compliance, voting/governance, and integration with external sources can be achieved with a side-chain, making transactions more scalable while utilizing the security of Ethereum. Additionally, the challenges around privacy can be solved on side-chains. The cost, time and effort of creating a side chain are also much less than creating a new blockchain. Side chains also allow cryptocurrencies to interact with each other. For example, an issuer can test out the tokens on the sidechain, before pushing them on to the main chain.
Figure 2: Pros and cons of side chain built on Ethereum
Some of the cons of side-chains are around the requirements for its security. Sidechains need their own miners, and without enough mining power, they could be compromised. Therefore, there’s an initial requirement for an extensive network of miners to help secure side-chains. Additionally, a federation needs to be assigned by the side-chain developers to serve as an intermediate point between the main chain and the side-chains. This designated centralized group has the power to lock and release tokens, creating a risk for attack or bribery.
A Security Token focused blockchain can help solve some of the fundamental challenges around privacy and governance, as well as improve trust and scalability. The co-founder and managing director of SPiCE VC, who also previously launched Securitize, Ami Ben-David, is a major proponent of the idea of creating a blockchain for Security Tokens. He recently introduced his new project, Ownerna, which offers a new blockchain infrastructure solely focused on Security Tokens.
The nodes are composed of experts who are financial and commercial entities (for example. SEC approved in the US), understand the legal ramifications of securities, and authorized to do ownership management, KYC (Know-Your-Customer), KYA (Know-Your-Asset) and transactions. In the proof-of-ownership system, the chosen primary node takes care of KYA, a full set of documents that legally define the ownership of off-chain asset and the rights of token holders, stakes its reputation, uploads the asset onto the blockchain and writes all the transactions to the blocks. In return, the primary node is rewarded with the asset’s lifetime revenues for helping validate its transactions. This way, only the primary node can access the details, allowing for privacy for the investors. Owners and assets can also manage their privacy level as needed. Additionally, having specific nodes validating transactions can allow for higher transaction speed, providing a more scalable infrastructure that can support a larger volume of transactions required in traditional exchanges such as Nasdaq.
Ownera also plans on offering an open-source regulation repository containing regulation Add-Ons, each covering a specific regulation per country, asset type, etc. Any asset can choose which regulations to enable, saving the effort for different protocols that go through this process themselves. Additionally, exchanges can save energy from supporting different issuance protocols separately by directly supporting the Security Token blockchain instead. New consensus models can also be implemented to be optimized for Security Tokens at the blockchain level, instead of creating artificial consensus mechanisms on the top of existing blockchains.
Figure 3: Pros and cons of Security Token focused Blockchain
Although a new blockchain might sound to be the better solution, the creation of a new blockchain will take significant effort and time to be built out, meaning that it can take years before any applications are built out. A new blockchain would also require the design of a new native cryptocurrency to incentivize network participants, in which the token economics will have to be well defined to ensure sustainability. Also, once deployed, the viability and security of the new blockchain will also have to be tested over time. Furthermore, the development of the developer community, and tools would also have to start from nothing.
Most of the current solutions are protocols built on the top of Ethereum, and some new projects are looking to develop an ST-focused blockchain. We believe that the privacy issue will take time to be solved in different phases, as we are in the early stage of the STO revolution. First, privacy will most likely be off-chain, heavily relying on trusted centralized authorities that have access to the investor information and keeping them stored locally. Next, privacy solutions based on side-chains could help segregate data into different sets, hiding them from the public network as a whole. Finally, privacy can directly live on-chain on a more specialized Security Token blockchain, which can allow owners and assets to control their privacy access level.
Figure 4: Evolution of privacy for Security Tokens
As of now, the issuance solutions offered are protocols based on Ethereum, allowing for simpler use cases of tokenization. Although we believe that a more specialized blockchain will eventually appear, it doesn’t mean that previous Ethereum-based protocols are not valuable and will go out of use in the future. For instance, the privacy issue in public blockchains might also be solved in the future if privacy solutions such as ZKP (Zero Knowledge Proof) technology, or Bulletproof are successfully implemented. Some of the companies who are exploring ways to implement ZKP on Ethereum include Zcoin Project, and Ernst & Young (EY Ops Chain Public Edition prototype). The existing protocols can also transition to different blockchains if they prove to be better. For example, Securitize’s first protocol implementation will work over the Ethereum blockchain, but they also plan on transferring its architectural model to additional distributed ledger systems.
Figure 5: Evolution of Apps and infrastructure from Union Square Ventures
On a side note, Union Square Ventures recently introduced an interesting relationship theory between infrastructure and applications. We think that the space will evolve in a similar way in which breakthrough applications in specific verticals, for example, real estate, will appear first to disrupt the space and inspire for a new protocol or blockchain to be developed to allow for similar applications to be built at scale. This process will be repeated among different verticals that are related to securities. Over time, the one size fits all protocol or blockchain will emerge as different use cases are fully explored and understood, providing a more powerful and scalable platform that would be the equivalent of AWS for securities.
Figure 6: Hype cycle of the Security Token industry
As of now, we are still in the early stages of the Security Token ecosystem, in which different issuance solutions are still being developed and tested. We believe that it will take at least another 4 years for the STO ecosystem to grow and mature from both a technical and regulatory perspective, allowing for a sustainable transition from the traditional securities system into a tokenized system. Until the space becomes more mature and viable, the majority of the early adopters of STs are going to be from the cryptocurrency space rather than the traditional players. As the different STOs and exchanges launch next year, we predict that the lack of liquidity and challenges around implementing complex use cases and securities laws will bring us closer to the reality and decrease the overall hype and expectations around STOs. Over time, more efficient technology and new regulations will appear and help drive the growth and adoption from the traditional players.
Please let me know your comments, and feel free to reach me out at [email protected] if you have any more questions about this topic.
White Papers: Harbor, Securitize.io, Polymath, OpenFinance
Dani Grant & Nick Grossman from Union Square Ventures: https://www.usv.com/blog/the-myth-of-the-infrastructure-phase
Yogita Khatri from CoinDesk: https://www.coindesk.com/ey-reveals-zero-knowledge-proof-privacy-solution-for-ethereum
Sebastian Wurst of Zcoin ($XZC) Cryptocurrency / Zcoin Project: https://zcoin.io/zcoin-implement-zero-knowledge-proofs-ethereum/
vasa from Hackernoon: https://hackernoon.com/difference-between-sidechains-and-state-channels-2f5dfbd10707
Owerna: https://ownera.io/wp-content/uploads/2018/10/Ownera-Presentation.pdf
Jesus Rodriguez from Hackernoon: https://hackernoon.com/do-security-tokens-need-a-new-blockchain-benefits-challenges-part-i-48f281f5101e
Jesus Rodriguez from Hackernoon: https://hackernoon.com/do-security-tokens-need-a-new-blockchain-benefits-and-challenges-part-ii-de480e54c12a
Jesus Rodriguez from Hackernoon: https://hackernoon.com/do-security-tokens-need-a-new-blockchain-part-iii-the-building-blocks-7adfa7239bb0
Jesus Rodriguez from Hackernoon: https://hackernoon.com/do-security-tokens-need-a-new-blockchain-part-iv-how-about-a-sidechain-acd8686d8fae
Jesus Rodriguez from Hackernoon: https://hackernoon.com/security-token-2-0-some-thoughts-off-chain-vs-on-chain-governance-2cba087389ab
Jesus Rodriguez from Hackernoon: https://hackernoon.com/some-cool-protocols-to-consider-for-the-next-generation-of-security-token-platforms-98697f0c55e6
Jesus Rodriguez from Hackernoon: https://hackernoon.com/the-elephant-in-the-room-security-and-privacy-protocols-in-security-tokens-a6687af8d1d6
Julianne Sloane from Hackernoon: https://hackernoon.com/can-security-tokens-fulfill-their-promise-of-liquidity-938022e53133
Deepa Sathaye from @Fluidity: https://medium.com/fluidity/automatic-regulatory-compliance-with-ethereum-892f01ef9eaa
Jesus Rodriguez from Hackernoon: https://medium.com/@jrodthoughts/about-disclosures-and-information-asymmetry-in-security-tokens-fc83c350548a
Julianne Sloane from Hackernoon: https://hackernoon.com/can-security-tokens-fulfill-their-promise-of-liquidity-938022e53133