硬核技術:證券型通證需要專屬的區塊鏈嗎?
八维资本
2018-12-15 02:17
本文约17587字,阅读全文需要约70分钟
證券型通證

一、介紹


Should There Be a Blockchain for Security Tokens?



作者:Remi Gai


一、介紹


八維研究院原創,轉載請註明出處



一、介紹



Security Token的產業鏈條目前雖然仍處於初級階段,但已有不少的創業公司把它看成是可用來徹底革新傳統金融生態系統的工具。從傳統資產到通證化資產的過渡涉及到對技術和合規性的一系列要求,使得當中的通證化過程比過往簡單地按照ERC-20協議執行的愛西歐更複雜和高維。



在這份研究裡,八維資本將討論把證券通證化的各種要素以及相應的挑戰,評估不同解決方案的優缺點,並圍繞未來幾年相關產業鏈條將如何演變這議題來陳述我們的觀點。



首先,一個資產的通證化應該能夠在區塊鏈上展示以下關鍵屬性:



1. 標示資產:作為資產的虛擬化表示。


2. 資產的所有權:資產所有者的身份。


3. 資產合規性規則:管理資產所有權和交易的一套監管和合規性規則。



其他的優質屬性還包括隱私性、可編程性、治理權、可披露性、流動性和可擴展性。智能合約引入了可編程性,使得一些更複雜的資產,如債券、商品或衍生品等等的編譯變得可能。比如說,對房地產投資信託(tREIT)進行通證化會涉及一個可交易單位內的一系列房地產債務和股權資產問題。有了智能合約,當中復雜的動態比如風險,再平衡,債務違約就得到了技術支撐,而不是單單只能處理所有權。



目前,隱私性和合規性似乎是啟動STO的最主要挑戰。傳統金融證券是由中心化的管理機構監管及控制,並嚴格遵循像GDPR,SWIFT和FINRA給出的相關規章內容,以保障投資者的隱私和利益。根據司法管轄區的不同,投資者必須通過嚴格的KYC認證和反洗錢(AML)流程才能合規、合符資格地投資和交易證券。然而,由於加密貨幣具有無國界性、點對點、公開性和去中心化的性質,通證化資產和合規性之間就存在些摩擦。



比如加密貨幣帶有匿名性,其中投資者的地址並不直接反映他們的真實身份。但是,FINRA和SEC要求投資者的身份是可被知曉的,而且相關公司或交易所會定期報告其交易和持股情況。在通證化證券的領域,通過KYC和AML的合格投資者名單將不得不依賴第三方去將其真實身份與其地址聯繫起來。只有這樣,投資者的地址才能一如自動符合指引要求的那樣,能用在投資和交易上。另一個例子是,德國的法律要求由德國發行的通證化資產數據只能在德國和德國關聯方之間進行交易,而不能離開其司法管轄區,但這就與目前公有鏈上遍布各地的數據節點存儲相矛盾。此外,投資者的隱私井無法完全保障,因為所有的交易及通證持有記錄在鏈上都是可見的和可追溯的。



要從舊有系統過渡到通證化系統,這些挑戰都需要被解決。現時一些發行平台正提供證券通證化的解決方案。我們將它們分為三類:基於以太坊上協議的方案、以太坊上的側鏈方案,及證券型通證區塊鏈的方案。接下來,我們將分析這些解決方案的優缺點,並討論未來相關的可能演變。



二、基於以太坊上協議的方案



目前,最前沿的Security Token發行平台,尤其是Securitize,Polymath和Harbour,它們正在現有的以太坊基礎上構建他們的解決方案。而STO必須通過它們自身的通證化協議,分別是DS-協議,ST-20和R-Token才能發行。這些項目的進行有如存在一個中心化組織,並需要與驗證KYC和AML等合規性的相關第三方組織共同運作。



以太坊於2015年發布,是第一個也是安全性已被驗證的具有智能合約的區塊鏈,這使得在區塊鏈上編譯更複雜的應用成為可能。在現有的區塊鏈上發行STO自然有它的好處,比如可以更充分地協同利用目前不同的協議、工具、開發者社區資源和優秀的智能合約功能。智能合約也可用於定義交易規則、治理規則以及股息機制。


另一方面,以太坊上的地址帶有匿名性,其中通證持有者的身份被隱藏,這導致和合規性要求之間的摩擦。要解決這問題,發行平台必須通過以下方式去驗証投資者實際擁有其對應的地址:1)要求投資者提交其地址並鏈接回他們的電郵。 2)平台直接為投資者創建地址。 3)利用地址驗證工具(像Vertalo提供的那樣),要求投資者通過Metamask進行微交易來驗證地址的所有權。在所有投資者都經過驗證後,已批准的地址列表(即白名單)將包含在用於通證發行的智能合約中,符合指定條件的投資者可以進行投資、交易或其他交易許可。至於之後的投資者的新增或減少,智能合約須通過各種機制以進行更新。



此外,由於以太坊是通用的區塊鏈,它並沒有專門為ST而設的功能。在以太坊可以通過ERC-20表示部分所有權,以及通過智能合約實現限制轉讓和簡單的股息機制。然而,為了適應舊有系統、標準的證券法和更為複雜的用例(如債務、衍生品、披露和投票),這還可能額外需要大量的再開發工作,特別是考慮到原生智能合約的設計基礎限制。



而且智能合約自身也是自我受限的,因為部署更複雜的用例往往需要更複雜的智能合約,因而成本更高。另外其可移植性也受到了限制,因為Solidity不能用到其他區塊鏈的智能合約上。從整個STO的規模化來看,不管是在進行交易方面、構建新功能方面,還是系統在提供信任方面都可能會受到影響。



三、以太坊上的側鏈方案



目前已經存在一些以太坊側鏈解決方案,包括POA Network、Loom、Skalelabs等,但我們還沒有看到側鏈只專注於ST。側鍊是一個單獨的區塊鏈,使用雙向掛鉤連接到其母區塊鏈,最終在母區塊鍊和側鏈之間以預定比值實現資產的可互換性。


專門用於以太坊上的側鏈可能是個有趣的替補方案,因為它可以在某個隔離的環境下進行某些特定的計算,然後再將結果返回主鏈。由於並不是每個流程都需要全在鏈上進行,因此諸如披露、合規性、投票/治理、外部資源的整合等等都可以通過側鏈實現,從而在安全使用以太坊的同時使得主鏈在某程度上更具可擴展性。此外,圍繞隱私性的問題也可以通過側鏈來解決。而且創建側鏈的成本、時間和精力也遠遠低於去創建新的區塊鏈。側鏈還允許加密貨幣間的交互性。例如,發行人可以在主鏈上主推某些通證之前,先在側鏈上進行相關的測試。



側鏈的缺點出現在其安全性的要求方面。側鏈需要他們自己的礦工,如果沒有足夠的算力支撐,那這些鏈原則上很脆弱。因此在最開始我們就需要足夠的礦工來幫助確保側鏈的安全。此外,主鍊和側鏈之間還需要指定公證。這個被指定的中心化公證有權鎖定和釋放通證,從而具有潛在攻擊或被賄賂的風險。



四、證券型通證區塊鏈的方案



以證券型通證為重點的區塊鏈可以幫助解決圍繞隱私性和治理權的一些最基本挑戰,以及改善信任問題和可擴展性。 Ami Ben David曾參與Securitize的項目、同時亦是Spice VC的聯合創始人兼董事總經理,他是「為證券型通證創建區塊鏈」這想法的主要支持者。他最近推出了他的新項目Ownera,該項目提供了一個專注於證券型通證的、新式的區塊鏈基礎架構。



這架構牽涉到由金融和商業實體相關的專家(例如有美國證券交易委員會資格核准的)組成的節點,他們了解證券的法律後承,並被授權進行所有權管理、KYC、KYA以及交易項目。在所有權證明系統中,所被選擇的初始節點負責進行KYA(KYA是一整套完整的文件,從法律層面定義了鏈下資產的所有權、通證持有者的權利),節點將資產文件上傳到區塊鏈並將所有相關的交易寫入區塊裡。作為幫助驗證其交易的回報,節點將從相關資產裡一直獲得獎勵。在架構裡,只有初始節點才能訪問細節,從而考慮了投資者的隱私性問題。持有者和資產還可以根據需要來管理其所屬的隱私級別。此外,讓特定節點驗證交易使更高的交易速度成為可能,這就提供了更具可擴展性的基礎設施,用以支持像傳統交易所(如納斯達克)所需的大量交易需求。



Ownera還計劃提供一個包含監管用附加組件的開源監管庫,涵蓋每個地區、資產類型等的特定規定。任何資產都可以選擇啟用哪些規定,從而節省了不同協議得自己走一遍各自的流程的工作量。此外,相關使用者亦不用再忙於支持不同的發行協議,而是可以直接使用證券型通證的專屬區塊鏈了。在區塊鏈層次上專門針對證券型通證進行優化的新共識模型是可被編譯,而不是像現有那樣得在區塊鏈的基礎上再搞一些新的共識機制。


五、結論



五、結論



目前大多數解決方案都是建基在以太坊上協議的方案,另外也有一些新項目正在開發以ST為重點的區塊鏈。由於我們正處於STO革命的早期階段,所以我們認為上文提到的隱私問題需要在不同的階段、經過一定時間才能得到解決。最開始,隱私的解決方案很可能是鏈下的,嚴重地依賴於可信賴的中心化管理機構。這些機構可以訪問投資者的信息並將其保存在本地。此後,基於側鏈的隱私解決方案可以將數據進行切分,從而將它們從整個公有網絡上隱藏起來。最後,隱私解決方案可以直接在更專門的證券型通證區塊鏈上實現,並允許持有者與相關資產其隱私訪問級別可被管理及控制。


到目前為止,在發行方面的方案都是基於以太坊的協議(用於更簡單的通證化用例上)。雖然我們認為未來會出現更多更專門的區塊鏈,但這並不意味著以前基於以太坊的協議是沒有價值、或者終將被淘汰。例如如果成功實施了ZKP(零知識證明)技術或Bulletproof等隱私解決方案,那麼公鏈的隱私問題也可能在未來得到解決。參與相關工作的公司包括Zcoin和Ernst&Young(EY Ops Chain Public Edition prototype)。如果現有協議被證明為更好的,也可以嘗試被移植到不同的區塊鏈上。比如說Securitize的第一個協議想用於以太坊,而且他們還計劃將其模型架構移植到其他的分佈式記帳系統。


順帶一提,Union Square Ventures最近引入了一種有趣的關係理論以解釋技術架構和應用程序之間在發展過程裡存在的相互刺激。而我們認為ST亦將以類似的方式發展: 像是在特定的垂直領域(例如房地產)出現突破性的應用,從而激發新協議或區塊鏈的開發,從而用於相關應用的規模化。


這個過程將在與證券相關的不同垂直領域裡不斷重複。而隨著時間的推移、隨著不同用例的開發被充分探索和理解,一個更為強大、可擴展的、適合所有協議或區塊鏈的平台將會出現,大概相當於證券界的AWS。



目前,我們仍處於建立證券型通證生態系統的早期階段。其中在發行方面的不少方案都仍在開發和測試中。我們認為從技術和監管角度來看,STO的生態系統至少需要4年時間才能實現增長和成熟,從而實現從傳統證券系統到通證化系統的一個可持續的過渡。在生態變得更加成熟之前,大多數ST的早期用戶將更多的來自加密貨幣圈而不是傳統的金融圈。隨著明年不同的STO及交易所的推出,我們預測在缺乏流動性方面和實施更複雜的用例及證券法方面,將使我們更實在一些,並減少對STO的炒作和整體期望。隨著時間發展,更有效的技術和新的規定將出現,並有助於推動來自傳統的參與者的增長和接受程度。



Should There Be a Blockchain for Security Tokens?



Author:Remi Gai



Introduction:


As the hype for Initial Coin Offerings is weakening, the attention is now shifted toward the Security Token (ST) industry. The ST industry is currently at its nascent stage, in which many startups are trying to revolutionize the traditional financial ecosystem. The transition from traditional assets to tokenized assets involves a set of requirements on both technological and compliance perspectives, making the tokenization process more complicated than simple tokenization through ERC-20 like we’ve seen for ICOs in the past. In our research, 8 Decimal Capital will discuss the various components and challenges in tokenizing securities, evaluate the pros/cons of other solutions, and create a thesis around how the space could evolve in the next couple of years.


From a fundamental perspective, a tokenized version of assets should be able to demonstrate these key properties on the blockchain:


The underlying asset: the virtual representation of the asset.The ownership of the asset: the identity of the asset owners.The compliance rules of the asset: the set of regulatory and compliance rules governing the ownership and transaction of the asset.


Other desired properties include privacy, programmability, governance, disclosure, liquidity, and scalability. Smart contract introduced programmability, allowing the implementation of more complex assets, such as bonds, commodities or derivatives. For example, Tokenized real estate investment trust (tREIT) involves a series of real estate debt and equity assets in a single tradeable unit. In this case, smart contracts can support for complex dynamics such as risk, rebalancing, debt defaults, in addition to just simple ownership on the blockchain.



Currently, privacy and compliance seem to be the major challenges in launching STOs. Financial securities are currently regulated and controlled by centralized authorities, following strict regulations such as GDPR, SWIFT, and FINRA, who ensure the privacy and protection of investors. Depending on the jurisdiction, investors have to go through strict Know Your Customer (KYC) and Anti-Money Laundering (AML) processes to be compliant and eligible to invest and trade securities. However, due to the borderless, peer-to-peer, transparent and decentralized natures of cryptocurrency, some frictions exist between tokenized assets and compliance.


For instance, cryptocurrency uses pseudonymization, in which the investors’ addresses are not directly reflecting their real identities. However, FINRA and SEC require that the identity of the investors are fully known and their transactions and holdings are reported periodically by the companies and exchanges. In the tokenized securities space, a list of eligible investors who passed KYC and AML would have to depend on third parties to connect their real identities to their public addresses. Only then, the investor addresses are valid for investments and trades as they are approved at the code level and automatically compliant. Another example is that German laws require the data of tokenized assets issued in Germany to be traded among German parties and cannot leave the jurisdiction, which contradicts the way data is currently stored across nodes around the world on public blockchains. Moreover, privacy isn’t completely available to the investors because all the transactions and token holdings are visible and traceable on public blockchains.


These challenges will have to be solved for the legacy system to transition into a tokenized system. Currently, a few issuance platforms are offering solutions for tokenizing securities. We have divided them into 3 categories: Protocols on Ethereum, Side-chains on ethereum, and a Security Token blockchain. Next, we will analyze the pros and cons of these different type of solutions, and discuss how the space could evolve.


1) Protocols Built on Ethereum:


Currently, the most advanced Security Token issuance platforms, notably Securitize.io, Polymath and Harbor, are building their solutions on the top of existing blockchains, with Ethereum being the most utilized blockchain. STOs are issued through their token standards, respectively DS-Protocol, ST-20, and R-Token. These projects are operating as centralized entities and working with third-party compliance validators for KYC and AML.


Ethereum, released in 2015, is the first and most proven secure blockchain with smart contract capabilities, allowing for more complex use cases to be implemented on the blockchain. Issuing STOs on the top of an existing blockchain does have its benefits, such as having access to the interoperability among different protocols, existing tools, developer community, and smart contract functionalities. Smart contracts can be used to define trading and governance rules, as well as dividend mechanisms.


Figure 1: Pros and cons of protocols built on Ethereum



On the other hand, addresses on ethereum are under pseudonyms, in which the identity of the token holders is hidden, causing friction with compliance. To solve this problem, issuance platforms have to verify that the investors actually own the addresses themselves by 1) Asking the investors to submit their addresses and link back to their email 2) Create an address directly for the investors 3) Utilize an address verification tool (like the one provided by Vertalo), in which the ownership of addresses are verified by asking investors to conduct micro-transactions through MetaMask. After all the investors are verified, the list of approved addresses (whitelist) is included into a smart contract for the token issuance, specifying the list of eligible investors for investing/trading as well as other trading permissions. For any new addition or subtraction of investors, the smart contract will have to be updated through various mechanisms.


Additionally, Ethereum is a general purpose blockchain, which doesn’t have functionalities specifically catered towards the needs of STs. Ethereum can easily represent fractional ownership on the blockchain through ERC-20, as well as transfer restrictions and simple dividend mechanisms through smart contracts. However, adapting to the legacy system, standard securities laws and more complex use cases such as debt, derivatives, disclosures, and voting would require a significant amount of coding efforts to bypass the challenges from the constrained code-semantics of smart contracts. Moreover, smart contracts have limitation in size due to the higher cost of deploying larger smart contracts for more complex use cases and limitation in portability as Solidity cannot be carried over to other blockchains’ smart contracts. This could impact the overall scalability for conducting transactions, building new functionalities, and providing trust in the system.


2) Side-Chain Built on Ethereum:


While we haven’t seen a side-chain focused on STs, some existing Ethereum sidechain solutions include POA Network, Loom (👽 Dilanka @ LOOM / @mcu11inan), Skalelabs (Jack O’Holleran / Chadwick Strange), etc. A sidechain is a separate blockchain that is attached to its parent blockchain using a two-way peg, that enables interchangeability of assets at a predetermined rate between the parent blockchain and the sidechain.


Specialized side-chains on ethereum can be an interesting alternative, as it can offload specific sets of computation to isolated environments then reflect the results back to the main-chain. As not every process needs to live on-chain, components such as disclosures, compliance, voting/governance, and integration with external sources can be achieved with a side-chain, making transactions more scalable while utilizing the security of Ethereum. Additionally, the challenges around privacy can be solved on side-chains. The cost, time and effort of creating a side chain are also much less than creating a new blockchain. Side chains also allow cryptocurrencies to interact with each other. For example, an issuer can test out the tokens on the sidechain, before pushing them on to the main chain.


Figure 2: Pros and cons of side chain built on Ethereum



Some of the cons of side-chains are around the requirements for its security. Sidechains need their own miners, and without enough mining power, they could be compromised. Therefore, there’s an initial requirement for an extensive network of miners to help secure side-chains. Additionally, a federation needs to be assigned by the side-chain developers to serve as an intermediate point between the main chain and the side-chains. This designated centralized group has the power to lock and release tokens, creating a risk for attack or bribery.


3) A Blockchain Focused on Security Token:


A Security Token focused blockchain can help solve some of the fundamental challenges around privacy and governance, as well as improve trust and scalability. The co-founder and managing director of SPiCE VC, who also previously launched Securitize, Ami Ben-David, is a major proponent of the idea of creating a blockchain for Security Tokens. He recently introduced his new project, Ownerna, which offers a new blockchain infrastructure solely focused on Security Tokens.


The nodes are composed of experts who are financial and commercial entities (for example. SEC approved in the US), understand the legal ramifications of securities, and authorized to do ownership management, KYC (Know-Your-Customer), KYA (Know-Your-Asset) and transactions. In the proof-of-ownership system, the chosen primary node takes care of KYA, a full set of documents that legally define the ownership of off-chain asset and the rights of token holders, stakes its reputation, uploads the asset onto the blockchain and writes all the transactions to the blocks. In return, the primary node is rewarded with the asset’s lifetime revenues for helping validate its transactions. This way, only the primary node can access the details, allowing for privacy for the investors. Owners and assets can also manage their privacy level as needed. Additionally, having specific nodes validating transactions can allow for higher transaction speed, providing a more scalable infrastructure that can support a larger volume of transactions required in traditional exchanges such as Nasdaq.


Ownera also plans on offering an open-source regulation repository containing regulation Add-Ons, each covering a specific regulation per country, asset type, etc. Any asset can choose which regulations to enable, saving the effort for different protocols that go through this process themselves. Additionally, exchanges can save energy from supporting different issuance protocols separately by directly supporting the Security Token blockchain instead. New consensus models can also be implemented to be optimized for Security Tokens at the blockchain level, instead of creating artificial consensus mechanisms on the top of existing blockchains.


Figure 3: Pros and cons of Security Token focused Blockchain



Although a new blockchain might sound to be the better solution, the creation of a new blockchain will take significant effort and time to be built out, meaning that it can take years before any applications are built out. A new blockchain would also require the design of a new native cryptocurrency to incentivize network participants, in which the token economics will have to be well defined to ensure sustainability. Also, once deployed, the viability and security of the new blockchain will also have to be tested over time. Furthermore, the development of the developer community, and tools would also have to start from nothing.



Conclusion:


Most of the current solutions are protocols built on the top of Ethereum, and some new projects are looking to develop an ST-focused blockchain. We believe that the privacy issue will take time to be solved in different phases, as we are in the early stage of the STO revolution. First, privacy will most likely be off-chain, heavily relying on trusted centralized authorities that have access to the investor information and keeping them stored locally. Next, privacy solutions based on side-chains could help segregate data into different sets, hiding them from the public network as a whole. Finally, privacy can directly live on-chain on a more specialized Security Token blockchain, which can allow owners and assets to control their privacy access level.


Figure 4: Evolution of privacy for Security Tokens


As of now, the issuance solutions offered are protocols based on Ethereum, allowing for simpler use cases of tokenization. Although we believe that a more specialized blockchain will eventually appear, it doesn’t mean that previous Ethereum-based protocols are not valuable and will go out of use in the future. For instance, the privacy issue in public blockchains might also be solved in the future if privacy solutions such as ZKP (Zero Knowledge Proof) technology, or Bulletproof are successfully implemented. Some of the companies who are exploring ways to implement ZKP on Ethereum include Zcoin Project, and Ernst & Young (EY Ops Chain Public Edition prototype). The existing protocols can also transition to different blockchains if they prove to be better. For example, Securitize’s first protocol implementation will work over the Ethereum blockchain, but they also plan on transferring its architectural model to additional distributed ledger systems.


Figure 5: Evolution of Apps and infrastructure from Union Square Ventures


On a side note,Union Square Ventures recently introduced an interesting relationship theory between infrastructure and applications. We think that the space will evolve in a similar way in which breakthrough applications in specific verticals, for example, real estate, will appear first to disrupt the space and inspire for a new protocol or blockchain to be developed to allow for similar applications to be built at scale. This process will be repeated among different verticals that are related to securities. Over time, the one size fits all protocol or blockchain will emerge as different use cases are fully explored and understood, providing a more powerful and scalable platform that would be the equivalent of AWS for securities.


Figure 6: Hype cycle of the Security Token industry


As of now, we are still in the early stages of the Security Token ecosystem, in which different issuance solutions are still being developed and tested. We believe that it will take at least another 4 years for the STO ecosystem to grow and mature from both a technical and regulatory perspective, allowing for a sustainable transition from the traditional securities system into a tokenized system. Until the space becomes more mature and viable, the majority of the early adopters of STs are going to be from the cryptocurrency space rather than the traditional players. As the different STOs and exchanges launch next year, we predict that the lack of liquidity and challenges around implementing complex use cases and securities laws will bring us closer to the reality and decrease the overall hype and expectations around STOs. Over time, more efficient technology and new regulations will appear and help drive the growth and adoption from the traditional players.


八维资本
作者文库