Technical Perspective: Do Security Tokens Need a Dedicated Blockchain?
Should There Be a Blockchain for Security Tokens?
Author: Remi Gai
1. Introduction
Original by Bawei Research Institute, please indicate the source for reprinting
1. Introduction
Although the industry chain of Security Token is still in its infancy, many start-up companies regard it as a tool that can completely revolutionize the traditional financial ecosystem. The transition from traditional assets to tokenized assets involves a series of requirements for technology and compliance, making the tokenization process more complex and high-dimensional than the previous ICO that simply followed the ERC-20 protocol.
In this research, 8D Capital will discuss the various elements of security tokenization and the corresponding challenges, evaluate the advantages and disadvantages of different solutions, and state our views on how the relevant industrial chain will evolve in the next few years View.
First, the tokenization of an asset should be able to exhibit the following key properties on the blockchain:
1. Label assets: as virtualized representations of assets.
2. Ownership of the asset: The identity of the owner of the asset.
3. Asset Compliance Rules: A set of regulatory and compliance rules governing asset ownership and transactions.
Other high-quality properties include privacy, programmability, governance, discloseability, liquidity, and scalability. Smart contracts introduce programmability, making it possible to compile some more complex assets, such as bonds, commodities or derivatives, etc. For example, tokenizing a real estate investment trust (tREIT) would involve a collection of real estate debt and equity assets within a tradable unit. With smart contracts, complex dynamics such as risk, rebalancing, and debt default are supported by technology, rather than just dealing with ownership.
Right now, privacy and compliance seem to be the most important challenges for launching an STO. Traditional financial securities are supervised and controlled by centralized management agencies, and strictly follow the relevant regulations such as GDPR, SWIFT and FINRA to protect the privacy and interests of investors. Depending on the jurisdiction, investors must pass strict KYC certification and anti-money laundering (AML) processes in order to invest and trade securities in a compliant and qualified manner. However, due to the borderless, peer-to-peer, public, and decentralized nature of cryptocurrencies, there is some friction between tokenizing assets and compliance.
For example, cryptocurrencies have anonymity, where the addresses of investors do not directly reflect their true identities. However, FINRA and the SEC require that the identities of investors be known and that the relevant companies or exchanges regularly report their trades and holdings. In the realm of tokenized securities, accredited investor lists that pass KYC and AML will have to rely on third parties to link their true identities to their addresses. Only in this way, the investor's address can be used for investment and trading as it automatically meets the requirements of the guidelines. Another example is that German law requires that the data of tokenized assets issued by Germany can only be traded between Germany and German related parties, and cannot leave its jurisdiction. Data node storage conflicts. In addition, the privacy of investors cannot be fully guaranteed, because all transactions and token holding records are visible and traceable on the chain.
To transition from legacy systems to tokenized systems, these challenges need to be addressed. Currently, some issuance platforms are providing solutions for securities tokenization. We divide them into three categories: solutions based on protocols on Ethereum, sidechain solutions on Ethereum, and security token blockchain solutions. Next, we analyze the pros and cons of these solutions and discuss possible future evolutions related to them.
2. The scheme based on the protocol on Ethereum
Currently, the most cutting-edge Security Token issuance platforms, especially Securitize, Polymath, and Harbor, are building their solutions on top of the existing Ethereum. However, STO must pass their own tokenization protocol, namely DS-protocol, ST-20 and R-Token to be issued. These projects operate as if there is a centralized organization and need to work with relevant third-party organizations that verify compliance such as KYC and AML.
Released in 2015, Ethereum is the first blockchain with proven security to have smart contracts, which makes it possible to compile more complex applications on the blockchain. Issuing STO on the existing blockchain naturally has its benefits, such as making fuller use of different protocols, tools, developer community resources and excellent smart contract functions. Smart contracts can also be used to define trading rules, governance rules, and dividend mechanisms.
On the other hand, addresses on Ethereum come with anonymity, where the identity of token holders is hidden, causing friction with compliance requirements. To solve this problem, the distribution platform must verify that investors actually own their corresponding addresses in the following ways: 1) Ask investors to submit their addresses and link back to their emails. 2) The platform directly creates addresses for investors. 3) Utilize address verification tools (like those provided by Vertalo), requiring investors to verify ownership of addresses by making microtransactions through Metamask. After all investors have been verified, the approved address list (i.e. white list) will be included in the smart contract for token issuance, and investors who meet the specified conditions can make investment, trade or other transaction permission. As for the addition or reduction of subsequent investors, smart contracts must be updated through various mechanisms.
In addition, since Ethereum is a general-purpose blockchain, it does not have ST-specific functions. In Ethereum, partial ownership can be expressed through ERC-20, and restricted transfer and simple dividend mechanism can be realized through smart contracts. However, this may also require significant additional redevelopment work to accommodate legacy systems, standard securities laws, and more complex use cases (such as debt, derivatives, disclosure, and voting), especially given the native smart contract design base limit.
And smart contracts themselves are also self-limiting, since more complex smart contracts are often required to deploy more complex use cases, and thus are more expensive. In addition, its portability is also limited, because Solidity cannot be used in smart contracts of other blockchains. From the perspective of the scale of the entire STO, whether it is in terms of conducting transactions, building new functions, or the system's ability to provide trust, it may be affected.
3. The side chain scheme on Ethereum
Some Ethereum sidechain solutions already exist, including POA Network, Loom, Skalelabs, etc., but we haven’t seen sidechains that are solely focused on ST. A sidechain is a separate blockchain connected to its parent blockchain using a two-way peg, ultimately enabling the interchangeability of assets at a predetermined ratio between the parent blockchain and the sidechain.
A sidechain dedicated to Ethereum could be an interesting alternative, since it can perform certain computations in an isolated environment before returning the results to the mainchain. Since not every process needs to be carried out on the chain, such as disclosure, compliance, voting/governance, integration of external resources, etc. In a way more scalable. Additionally, issues surrounding privacy can also be addressed with sidechains. And the cost, time and effort of creating a sidechain is much lower than creating a new blockchain. Sidechains also allow for interoperability between cryptocurrencies. For example, the issuer can conduct relevant tests on the side chain before promoting certain tokens on the main chain.
The disadvantage of sidechains arises in terms of their security requirements. Sidechains require their own miners and are in principle vulnerable if not backed by sufficient computing power. So from the very beginning we need enough miners to help secure the sidechain. In addition, a notarization is required between the main chain and the side chain. This designated centralized notary has the authority to lock and release tokens, thus posing a risk of potential attack or bribery.
4. Scheme of Security Token Blockchain
Security token-focused blockchains can help address some of the most fundamental challenges around privacy and governance, as well as improve trust issues and scalability. Ami Ben David, who has participated in the Securitize project and is also the co-founder and managing director of Spice VC, is a major proponent of the idea of "creating a blockchain for security tokens". He recently launched his new project, Ownera, which provides a new blockchain infrastructure focused on security tokens.
This architecture involves nodes composed of experts related to financial and business entities (such as those approved by the US Securities and Exchange Commission), who understand the legal implications of securities and are authorized to conduct title management, KYC, KYA, and exchange projects. In the proof-of-ownership system, the selected initial node is responsible for KYA (KYA is a complete set of documents that legally defines the ownership of off-chain assets and the rights of token holders), and the node uploads the asset file to The blockchain and writes all related transactions into blocks. In return for helping validate their transactions, nodes will always be rewarded in the associated assets. In the architecture, only the initial nodes can access the details, thus considering the privacy issues of investors. Holders and assets can also manage the level of privacy they belong to as needed. In addition, having specific nodes verify transactions enables higher transaction speeds, which provides a more scalable infrastructure to support the high volume of transactions required by traditional exchanges such as Nasdaq.
Ownera also plans to offer an open-source regulatory library of regulatory add-ons covering specific regulations for each region, asset type, and more. Any asset can choose which provisions to enable, saving the workload of different protocols having to go through their own processes. In addition, relevant users no longer need to be busy supporting different issuance protocols, but can directly use the exclusive blockchain of security tokens. A new consensus model optimized specifically for security tokens at the blockchain level can be compiled, instead of having to create some new consensus mechanisms on the basis of blockchains like the existing ones.
V. Conclusion
V. Conclusion
Most of the current solutions are based on the Ethereum protocol, and there are also some new projects that are developing ST-focused blockchains. Since we are in the early stages of the STO revolution, we believe that the privacy issues mentioned above will take time to be resolved in various stages. Initially, the solution to privacy is likely to be off-chain, relying heavily on a trusted centralized authority. These institutions can access investor information and store it locally. Thereafter, sidechain-based privacy solutions can shard the data, hiding them from the entire public network. Finally, privacy solutions can be implemented directly on more specialized security token blockchains and allow holders and related assets access levels of privacy to be managed and controlled.
So far, solutions on the issuance side have been based on the Ethereum protocol (for simpler tokenization use cases). While we believe that more specialized blockchains will emerge in the future, this does not mean that previous Ethereum-based protocols are worthless or will eventually become obsolete. For example, if privacy solutions such as ZKP (Zero-Knowledge Proof) technology or Bulletproof are successfully implemented, the privacy issues of the public chain may also be resolved in the future. Companies involved in related work include Zcoin and Ernst & Young (EY Ops Chain Public Edition prototype). If the existing protocol proves to be better, it can also try to be ported to a different blockchain. For example, Securitize's first protocol wants to be used in Ethereum, and they also plan to port their model architecture to other distributed accounting systems.
Incidentally, Union Square Ventures recently introduced an interesting relational theory to explain the mutual stimuli that exist between technical architectures and applications in the development process. And we think ST will develop in a similar way: For example, breakthrough applications in specific vertical fields (such as real estate) will stimulate the development of new protocols or blockchains for the scale of related applications.
This process will be repeated in different verticals related to securities. And as time goes by, as different use cases are fully explored and understood, a more powerful, scalable, and suitable platform for all protocols or blockchains will emerge, roughly equivalent to AWS in the securities industry.
Currently, we are still in the early stages of building a security token ecosystem. Many of these solutions in terms of distribution are still under development and testing. We believe that from a technical and regulatory perspective, it will take at least 4 years for the STO ecosystem to achieve growth and maturity, so as to achieve a sustainable transition from the traditional securities system to the tokenization system. Before the ecology becomes more mature, most of ST's early users will come from the cryptocurrency circle rather than the traditional financial circle. With the launch of different STOs and exchanges next year, we predict that the lack of liquidity and the implementation of more complex use cases and securities laws will make us more realistic and reduce the hype and overall expectations of STOs. Over time, more efficient technologies and new regulations will emerge and help drive growth and acceptance from traditional players.
Should There Be a Blockchain for Security Tokens?
Author:Remi Gai
Introduction:
As the hype for Initial Coin Offerings is weakening, the attention is now shifted toward the Security Token (ST) industry. The ST industry is currently at its nascent stage, in which many startups are trying to revolutionize the traditional financial ecosystem. The transition from traditional assets to tokenized assets involves a set of requirements on both technological and compliance perspectives, making the tokenization process more complicated than simple tokenization through ERC-20 like we’ve seen for ICOs in the past. In our research, 8 Decimal Capital will discuss the various components and challenges in tokenizing securities, evaluate the pros/cons of other solutions, and create a thesis around how the space could evolve in the next couple of years.
From a fundamental perspective, a tokenized version of assets should be able to demonstrate these key properties on the blockchain:
The underlying asset: the virtual representation of the asset.The ownership of the asset: the identity of the asset owners.The compliance rules of the asset: the set of regulatory and compliance rules governing the ownership and transaction of the asset.
Other desired properties include privacy, programmability, governance, disclosure, liquidity, and scalability. Smart contract introduced programmability, allowing the implementation of more complex assets, such as bonds, commodities or derivatives. For example, Tokenized real estate investment trust (tREIT) involves a series of real estate debt and equity assets in a single tradeable unit. In this case, smart contracts can support for complex dynamics such as risk, rebalancing, debt defaults, in addition to just simple ownership on the blockchain.
Currently, privacy and compliance seem to be the major challenges in launching STOs. Financial securities are currently regulated and controlled by centralized authorities, following strict regulations such as GDPR, SWIFT, and FINRA, who ensure the privacy and protection of investors. Depending on the jurisdiction, investors have to go through strict Know Your Customer (KYC) and Anti-Money Laundering (AML) processes to be compliant and eligible to invest and trade securities. However, due to the borderless, peer-to-peer, transparent and decentralized natures of cryptocurrency, some frictions exist between tokenized assets and compliance.
For instance, cryptocurrency uses pseudonymization, in which the investors’ addresses are not directly reflecting their real identities. However, FINRA and SEC require that the identity of the investors are fully known and their transactions and holdings are reported periodically by the companies and exchanges. In the tokenized securities space, a list of eligible investors who passed KYC and AML would have to depend on third parties to connect their real identities to their public addresses. Only then, the investor addresses are valid for investments and trades as they are approved at the code level and automatically compliant. Another example is that German laws require the data of tokenized assets issued in Germany to be traded among German parties and cannot leave the jurisdiction, which contradicts the way data is currently stored across nodes around the world on public blockchains. Moreover, privacy isn’t completely available to the investors because all the transactions and token holdings are visible and traceable on public blockchains.
These challenges will have to be solved for the legacy system to transition into a tokenized system. Currently, a few issuance platforms are offering solutions for tokenizing securities. We have divided them into 3 categories: Protocols on Ethereum, Side-chains on ethereum, and a Security Token blockchain. Next, we will analyze the pros and cons of these different type of solutions, and discuss how the space could evolve.
1) Protocols Built on Ethereum:
Currently, the most advanced Security Token issuance platforms, notably Securitize.io, Polymath and Harbor, are building their solutions on the top of existing blockchains, with Ethereum being the most utilized blockchain. STOs are issued through their token standards, respectively DS-Protocol, ST-20, and R-Token. These projects are operating as centralized entities and working with third-party compliance validators for KYC and AML.
Ethereum, released in 2015, is the first and most proven secure blockchain with smart contract capabilities, allowing for more complex use cases to be implemented on the blockchain. Issuing STOs on the top of an existing blockchain does have its benefits, such as having access to the interoperability among different protocols, existing tools, developer community, and smart contract functionalities. Smart contracts can be used to define trading and governance rules, as well as dividend mechanisms.
Figure 1: Pros and cons of protocols built on Ethereum
On the other hand, addresses on ethereum are under pseudonyms, in which the identity of the token holders is hidden, causing friction with compliance. To solve this problem, issuance platforms have to verify that the investors actually own the addresses themselves by 1) Asking the investors to submit their addresses and link back to their email 2) Create an address directly for the investors 3) Utilize an address verification tool (like the one provided by Vertalo), in which the ownership of addresses are verified by asking investors to conduct micro-transactions through MetaMask. After all the investors are verified, the list of approved addresses (whitelist) is included into a smart contract for the token issuance, specifying the list of eligible investors for investing/trading as well as other trading permissions. For any new addition or subtraction of investors, the smart contract will have to be updated through various mechanisms.
Additionally, Ethereum is a general purpose blockchain, which doesn’t have functionalities specifically catered towards the needs of STs. Ethereum can easily represent fractional ownership on the blockchain through ERC-20, as well as transfer restrictions and simple dividend mechanisms through smart contracts. However, adapting to the legacy system, standard securities laws and more complex use cases such as debt, derivatives, disclosures, and voting would require a significant amount of coding efforts to bypass the challenges from the constrained code-semantics of smart contracts. Moreover, smart contracts have limitation in size due to the higher cost of deploying larger smart contracts for more complex use cases and limitation in portability as Solidity cannot be carried over to other blockchains’ smart contracts. This could impact the overall scalability for conducting transactions, building new functionalities, and providing trust in the system.
2) Side-Chain Built on Ethereum:
While we haven’t seen a side-chain focused on STs, some existing Ethereum sidechain solutions include POA Network, Loom (👽 Dilanka @ LOOM / @mcu11inan), Skalelabs (Jack O’Holleran / Chadwick Strange), etc. A sidechain is a separate blockchain that is attached to its parent blockchain using a two-way peg, that enables interchangeability of assets at a predetermined rate between the parent blockchain and the sidechain.
Specialized side-chains on ethereum can be an interesting alternative, as it can offload specific sets of computation to isolated environments then reflect the results back to the main-chain. As not every process needs to live on-chain, components such as disclosures, compliance, voting/governance, and integration with external sources can be achieved with a side-chain, making transactions more scalable while utilizing the security of Ethereum. Additionally, the challenges around privacy can be solved on side-chains. The cost, time and effort of creating a side chain are also much less than creating a new blockchain. Side chains also allow cryptocurrencies to interact with each other. For example, an issuer can test out the tokens on the sidechain, before pushing them on to the main chain.
Figure 2: Pros and cons of side chain built on Ethereum
Some of the cons of side-chains are around the requirements for its security. Sidechains need their own miners, and without enough mining power, they could be compromised. Therefore, there’s an initial requirement for an extensive network of miners to help secure side-chains. Additionally, a federation needs to be assigned by the side-chain developers to serve as an intermediate point between the main chain and the side-chains. This designated centralized group has the power to lock and release tokens, creating a risk for attack or bribery.
3) A Blockchain Focused on Security Token:
A Security Token focused blockchain can help solve some of the fundamental challenges around privacy and governance, as well as improve trust and scalability. The co-founder and managing director of SPiCE VC, who also previously launched Securitize, Ami Ben-David, is a major proponent of the idea of creating a blockchain for Security Tokens. He recently introduced his new project, Ownerna, which offers a new blockchain infrastructure solely focused on Security Tokens.
The nodes are composed of experts who are financial and commercial entities (for example. SEC approved in the US), understand the legal ramifications of securities, and authorized to do ownership management, KYC (Know-Your-Customer), KYA (Know-Your-Asset) and transactions. In the proof-of-ownership system, the chosen primary node takes care of KYA, a full set of documents that legally define the ownership of off-chain asset and the rights of token holders, stakes its reputation, uploads the asset onto the blockchain and writes all the transactions to the blocks. In return, the primary node is rewarded with the asset’s lifetime revenues for helping validate its transactions. This way, only the primary node can access the details, allowing for privacy for the investors. Owners and assets can also manage their privacy level as needed. Additionally, having specific nodes validating transactions can allow for higher transaction speed, providing a more scalable infrastructure that can support a larger volume of transactions required in traditional exchanges such as Nasdaq.
Ownera also plans on offering an open-source regulation repository containing regulation Add-Ons, each covering a specific regulation per country, asset type, etc. Any asset can choose which regulations to enable, saving the effort for different protocols that go through this process themselves. Additionally, exchanges can save energy from supporting different issuance protocols separately by directly supporting the Security Token blockchain instead. New consensus models can also be implemented to be optimized for Security Tokens at the blockchain level, instead of creating artificial consensus mechanisms on the top of existing blockchains.
Figure 3: Pros and cons of Security Token focused Blockchain
Although a new blockchain might sound to be the better solution, the creation of a new blockchain will take significant effort and time to be built out, meaning that it can take years before any applications are built out. A new blockchain would also require the design of a new native cryptocurrency to incentivize network participants, in which the token economics will have to be well defined to ensure sustainability. Also, once deployed, the viability and security of the new blockchain will also have to be tested over time. Furthermore, the development of the developer community, and tools would also have to start from nothing.
Conclusion:
Most of the current solutions are protocols built on the top of Ethereum, and some new projects are looking to develop an ST-focused blockchain. We believe that the privacy issue will take time to be solved in different phases, as we are in the early stage of the STO revolution. First, privacy will most likely be off-chain, heavily relying on trusted centralized authorities that have access to the investor information and keeping them stored locally. Next, privacy solutions based on side-chains could help segregate data into different sets, hiding them from the public network as a whole. Finally, privacy can directly live on-chain on a more specialized Security Token blockchain, which can allow owners and assets to control their privacy access level.
Figure 4: Evolution of privacy for Security Tokens
As of now, the issuance solutions offered are protocols based on Ethereum, allowing for simpler use cases of tokenization. Although we believe that a more specialized blockchain will eventually appear, it doesn’t mean that previous Ethereum-based protocols are not valuable and will go out of use in the future. For instance, the privacy issue in public blockchains might also be solved in the future if privacy solutions such as ZKP (Zero Knowledge Proof) technology, or Bulletproof are successfully implemented. Some of the companies who are exploring ways to implement ZKP on Ethereum include Zcoin Project, and Ernst & Young (EY Ops Chain Public Edition prototype). The existing protocols can also transition to different blockchains if they prove to be better. For example, Securitize’s first protocol implementation will work over the Ethereum blockchain, but they also plan on transferring its architectural model to additional distributed ledger systems.
Figure 5: Evolution of Apps and infrastructure from Union Square Ventures
On a side note,Union Square Ventures recently introduced an interesting relationship theory between infrastructure and applications. We think that the space will evolve in a similar way in which breakthrough applications in specific verticals, for example, real estate, will appear first to disrupt the space and inspire for a new protocol or blockchain to be developed to allow for similar applications to be built at scale. This process will be repeated among different verticals that are related to securities. Over time, the one size fits all protocol or blockchain will emerge as different use cases are fully explored and understood, providing a more powerful and scalable platform that would be the equivalent of AWS for securities.
Figure 6: Hype cycle of the Security Token industry
As of now, we are still in the early stages of the Security Token ecosystem, in which different issuance solutions are still being developed and tested. We believe that it will take at least another 4 years for the STO ecosystem to grow and mature from both a technical and regulatory perspective, allowing for a sustainable transition from the traditional securities system into a tokenized system. Until the space becomes more mature and viable, the majority of the early adopters of STs are going to be from the cryptocurrency space rather than the traditional players. As the different STOs and exchanges launch next year, we predict that the lack of liquidity and challenges around implementing complex use cases and securities laws will bring us closer to the reality and decrease the overall hype and expectations around STOs. Over time, more efficient technology and new regulations will appear and help drive the growth and adoption from the traditional players.
