The NEAR Foundation (the “Foundation”) submits this letter in response to the consultation and call for evidence by His Majesty’s Treasury (“HMT”), concerning the ‘Future Financial Services Regulatory Regime for Crypto Assets’ in the United Kingdom (“UK”) (“Consultation”). The Foundation believes that a clear and proportionate regulatory framework is essential for the meaningful global adoption of Web3 technology and welcomes HMT’s proactive engagement with industry participants towards achieving this goal.
The Foundation is a Swiss-based regulated non-profit organisation created in September 2019, with a core mission (and legal mandate) of supporting the development and growth of the NEAR protocol (the “NEAR Protocol”) and its associated ecosystem (as well as the global adoption of open-web technologies more generally). The NEAR Protocol is a permissionless, open source, decentralised, proof-of-stake blockchain network. There are more than 550,000 participants in the NEAR Protocol ecosystem, including over 4,000 developers and 1,000 projects building on the NEAR Protocol.
A key aspect of the Foundation’s mission is advocating for clear, fair, and proportionate regulation of Web3 technology, and we recently publishedPolicy Principles setting out the core values driving our advocacy work. We believe that the policy outcomes advanced by HMT are reasonable and capable of being achieved in the Web3 context with the right approach (i.e. regulatory equivalence is possible). In fact, we believe that many of Web3’s core characteristics (particularly decentralisation, disintermediation, transparency and immutability) make it uniquely well-suited to effectively achieving these policy outcomes.
The Consultation comes at a key crossroads for Web3 in general and Decentralised Finance (“DeFi”) more specifically. While DeFi currently represents a small fraction of the Traditional Finance (“TradFi”) markets, its potential for growth and broader positive impact is significant. As of January 2023, total volume on decentralised exchanges (“DEXes”) (a proxy for the total DeFi market cap) stood at $56 billion, compared with the total value of traded shares on the largest exchanges worldwide of $41.8 billion as of June 2022. As of 2022, there exists roughly 4.8 million DeFi users globally, and within Europe, the UK is marked as the most prominent DeFi player. Beyond DeFi, UK’s cryptoasset activity is significant, with the UK occupying a place among the top 20 nations with high adoption of crypto activity.
Given its comparative infancy, DeFi offers an opportunity for regulators to establish proportional, adaptable, and clear regulatory frameworks that attract investment, job creation, and innovation to the UK and ultimately position the UK as a leader in the evolving DeFi landscape.
- Chapter 11 Responses
36. Do you agree with the assessment of the challenges of regulating DeFi? Are there any additional challenges HM Treasury should consider?
The Foundation broadly agrees with the challenges of regulating DeFi listed by HMT in the Consultation. When compared to TradFi, DeFi raises different risks, involves different actors, and engages different policy considerations. While DeFi systems can be built to replicate the functional result of some existing TradFi activities, DeFi and TradFi use different technology and employ different legal and social/incentivisation arrangements. A different regulatory approach is therefore required.
This different regulatory approach is likely to, and should at least in many respects, share the same principles and goals as existing TradFi regulation. However, it is essential for any effective DeFi regulatory framework to recognise and facilitate DeFi’s unique features (particularly decentralisation and disintermediation). Failure to do so risks stifling innovation and undermining the very policy objectives HMT is seeking to achieve.
At a fundamental level, TradFi relies on rights and obligations defined by external legal contracts and laws, while DeFi operates on the basis of powers and incentives defined by internal deterministic peer-to-peer or peer-to-software systems. These are fundamentally different approaches to solving the problem of trust in transactions, with different risk profiles and regulatory outcomes.
It is also important to note that while DeFi can be built to replicate certain TradFi activities, DeFi can be structured to operate in a fundamentally different way to achieve those outcomes. For example, consider a ‘transaction’ in the DeFi context. Even a very basic DeFi transaction – e.g. transferring cryptoassets from one cryptoasset wallet to another – involves several different actors (end-user(s), network miner/validator, network relayer, and possibly many others depending on the underlying blockchain network and the apps/services which the end-user opts to use) and complex technological processes (broadcasting a signed data package to a network’s memory pool (“Mempool”), selecting data packages/transactions from the Mempool by network miner/validators based on cryptoasset incentive structures, creating of new network blocks etc.).
Consider further a ‘lending’ transaction in the context of a DeFi interest rate protocol. Although the term ‘lending’ is broadly used and easily understood in common parlance, it misrepresents the economic activity that these protocols enable. Users of these protocols “do not extend credit or incur debt, which are the essential characteristics of a loan transaction,” and instead earn interest securely through overcollateralization and free market liquidation, not through lending. While collateralization exists in both DeFi and TradFi, the latter still depends on credit and debt relationships, making DeFi ‘secured loans’ fundamentally different from TradFi. Moreover, DeFi interest rate protocols are permissionless — enabling pseudonymous participation — and employ a “peer-to-pool” model, making it hard or impossible to directly identify borrowers. Because DeFi transactions are conducted on a “peer-to-pool” or “peer-to-protocol” basis, meaning users supply and borrow fungible assets to and from a pool of liquidity stored within the protocol, not to and from specified counterparties, suppliers rely on overcollateralization and liquidation to ensure that they can withdraw their assets at any time, and not on trust of a counterparty.
Grafting the language and concepts of TradFi onto Defi — including by mislabeling DeFi transactions as loans — can lead to misunderstandings and muddy the distinction between DeFi and TradFi, making it difficult for regulators to design appropriate and proportionate frameworks for DeFi. Any comparison of DeFi to TradFi should therefore carefully analyse the different participants, systems, technologies and risks involved.
We broadly agree with the different characteristics of DeFi identified by HMT in the Consultation. We wanted, however, to highlight two of DeFi’s defining characteristics that are particularly relevant from a regulatory perspective and should inform any proposed cryptoasset regulatory framework:
- Decentralised. Decentralisation (as HMT appropriately notes) can exist on a spectrum and in our view is most appropriately defined in terms of various forms of intrinsic network power/control being more or less distributed (we discuss these different forms of network power/control in more detail below). Where a project sits on the ‘spectrum’ of decentralisation is impacted, among other things, by factors such as decisions subjected to cryptoasset holder voting, governance participants, cryptoasset ownership distribution, the scope and extent of the original development team’s involvement, whether authority to alter, pause or shut down the protocol is present, the presence of a multi-signature wallet (“Multisig”) with elevated privileges, the members of the Multisig, the responsibility for addressing security issues, and treasury management methods. Decentralisation should be a critical aspect of any approach to cryptoasset regulation because it can impact the nature, number and geographic distribution of participants involved in a DeFi system (a much larger, distributed, fluctuating body of actors) as compared to any TradFi system.
- Dis-intermediated. Fully transparent/auditable ledgers and deterministic smart contracts enable trustless (or significantly trust-minimised) interactions and so facilitate systems that are resistant to extrinsic influence or control. This underpins two key features of DeFi: (i) the self-custody of assets; and (ii) the ability to transact on a peer-to-peer basis. Together these features enable genuine user autonomy and also change the potential risks which users are exposed to; and so (as with decentralisation) a thorough understanding of DeFi’s dis-intermediation features should inform any approach to cryptoasset regulation.
Decentralisation and dis-intermediation in DeFi have the potential to offer powerful advantages over TradFi, creating robust systems that can enable a more secure, transparent, and efficient financial landscape. Key benefits of DeFi include reduced information asymmetry, increased transparency, faster settlements, enhanced liquidity, innovation enablement, streamlined processes, automation, lower transaction costs, and improved user control. By leveraging these attributes when regulating DeFi, HMT can fulfil its overarching objectives of fostering innovation, encouraging growth and competition while protecting the market and its users. Moreover, DeFi has the potential to benefit a wider range of participants and surpass some of the known limitations of TradFi.
By way of example, the recent collapse of FTX (previously one of the largest centralised cryptoasset exchanges in the world) has exposed the risks and challenges of centralised actors in the cryptoasset space. As an initial matter, customers did not control or self-custody their assets at FTX (and the use of customer funds by FTX remains at issue). FTX was also a highly centralised organisation, with most of its control and decision-making allegedly concentrated in the hands of its founder and former CEO, Sam Bankman-Fried, and other key individuals. FTX also had a close and opaque relationship with Alameda Research, a trading firm also run by Bankman-Fried, which held a large position in FTT, the native token of FTX. FTX offered bundled service offerings, such as derivatives, futures, options, and leveraged tokens, which increased its complexity and risk exposure. FTX faced a liquidity crisis, a possible hack, and criminal charges against Bankman-Fried and FTX’s subsequent collapse significantly impacted many other centralised cryptoasset actors.
By contrast, DeFi networks and systems have demonstrated their resilience and strength during this market shock. As J.P. Morgan noted in a weekly report following the FTX collapse: “while the news of the collapse of FTX is empowering crypto sceptics, we would point out that all of the recent collapses in the crypto ecosystem have been from centralised players and not from decentralised protocols”. Moreover, the turmoil in centralised exchanges wrought by the FTX collapse reinforced the clarion call for self-custody embodied by the crypto ethos of “not your keys, not your coins”, leading market participants to seek out decentralised alternatives.
We note that a large part of HMT’s focus in the Consultation is on centralised cryptoasset actors and intermediaries, and we believe this is appropriate because it is in the context of large centralised actors that systemic risks are most likely to arise, engendered by (for example) the potential for conflicts of interest, anti-competitive behaviours (including market manipulation), and a lack of transparency. Similar risks can potentially exist in the DeFi context where some projects might be less decentralised and/or dis-intermediated because (for example) certain forms of intrinsic network power are concentrated in the hands of a small number of actors. This could lead to potentially harmful concentrations of power within DeFi networks which we believe are an appropriate focus for regulation (and which the disclosure and registration approaches to regulation described below are intended at least in part to mitigate).
Regulators and academics along with the Web3 and DeFi industry globally have been considering how best to protect against the potentially harmful concentrations of power discussed above (particularly in the early stages of a network’s development) while still facilitating and protecting DeFi’s unique features and ensuring that responsible innovation can continue to take place.
Some examples that are already being explored and could serve as a useful starting point to any Financial Services and Markets Act 2000 (“FSMA”)-based registration and disclosure regime include: (i) a tailored ‘lite’ registration and disclosure regime for cryptoasset issuance by initial development teams (which could serve as a ‘lite’ version of a FMSA-based registration & disclosure regime for cryptoassets); (ii) a safe harbour regime; (iii) self-regulatory approaches; (iv) new technologically-mediated approaches to disclosure such as Disclosure non-fungible tokens (“NFTs”) and Decentralised Autonomous Organisations (“DAOs”).
Before looking at examples of each of these potential approaches in more detail, it is worth noting in what follows that we focus on approaches emphasising disclosure and reporting, rather than authorisation-based approaches. This is driven by the fact that DeFi’s decentralised character gives rise to novel jurisdiction issues, given that the potentially large and constantly fluctuating body of network participants can be operating from multiple (and constantly fluctuating) jurisdictions; for which there is no direct analogue in the TradFi context.
We would therefore caution HMT against implementing an authorisation-based regime in the DeFi context because in our view that would risk: (i) requiring network participants to go through the (potentially complex and costly) exercise of determining whether certain DeFi-related activities in certain jurisdictions require authorisation, thereby potentially creating ‘moats’ where only more sophisticated, well-resourced actors can participate in DeFi systems; (ii) requiring DeFi projects to evaluate potential authorisation requirements across a large (and constantly fluctuating) number of jurisdictions in a way that TradFi projects do not; and (iii) perhaps most importantly of all, compromising DeFi’s inherently permissionless, cross-border nature and so undermining decentralisation and dis-intermediation.
Instead, we believe that a tailored disclosure and registration regime would help to preserve DeFi’s unique features (decentralisation and dis-intermediation) while also reducing information asymmetry, and enhancing transparency and the UK’s attractiveness as a jurisdiction for DeFi entrepreneurs, projects and investors.
38. Do you agree with HM Treasury’s overall approach in seeking the same regulatory outcomes across comparable “DeFi” and “CeFi” activities, but likely through a different set of regulatory tools, and different timelines?
We broadly agree with HMT’s overall approach. We refer to our answer to question 36 above, and in particular would emphasise the fact that any comparison of DeFi to CeFi/TradFi should be approached with caution on the basis that such comparisons are a useful heuristic but do not capture and risk obscuring DeFi’s qualitative differences. We believe that it is possible to achieve HMT’s desired overarching policy objectives — innovation, competition, consumer protection, financial stability and market integrity — in the DeFi context provided any regulatory framework proposed by HMT reinforces (rather than undermines) DeFi’s essential features.
Indeed, it is these essential features that make DeFi a potentially more effective substrate for achieving policy objectives than TradFi — given features like transparency, auditability, decentralisation, and disintermediation can be built in and deterministically enforced by smart contracts in a trustless (or significantly trust-minimised) manner — which, in turn, can create an environment where financial regulations can be applied and monitored more efficiently and effectively.
As we have noted above, opting for a ‘tech-agnostic’ approach in regulating DeFi presents obvious challenges and limitations, such as creating a framework that may not fully recognize or accommodate DeFi’s technical idiosyncrasies, or fails to provide adequate certainty for market participants. To address these challenges, policymakers and regulators should craft adaptive and flexible regulations suited to the unique characteristics of DeFi while working to keep pace with its technological advancements. This approach will help ensure that the regulatory framework remains effective and supportive of DeFi’s future development, ultimately promoting a robust, transparent, and secure DeFi ecosystem, which will evolve with DeFi technology and mature over time. Further details on our suggested approach below.
Tailored Disclosure Regimes
Improved and tailored disclosure in DeFi would be an important first step towards greater protection of DeFi participants. As an initial matter, it is important to recognise that disclosure in equity markets is ill-suited to elicit material information for token purchasers because such disclosure does not “cover a number of features unique to digital assets that would undoubtedly be considered important when making an investment decision”. Instead, traditional disclosures are “designed for traditional corporate entities that typically issue and register equity and debt securities” and “focus on disclosure about companies, their management, and their financial results”. Tailored disclosure regimes exist elsewhere, for example, with respect to asset-backed securities.
Several models for bespoke cryptoasset disclosures already exist. There have been domestic and international legislative proposals, such as European Markets in Crypto-Assets (MiCA) legislation, recent bills in the US Congress, the safe harbour proposals set out below, and other proposals by academics and lawyers including those referred to in this response.
Potential disclosure elements for DeFi platforms could incorporate governance tokenholding data and any changes to this data (like listed equity holdings), and information about admin keys or other centralised controls, their scope, and arrangements. Additionally, such disclosure can include information regarding source code, token economics(e.g., asset supply schedule or protocol governance), information regarding the development team, network development plan, prior token sales, and trading platforms listing the tokens. Another related element could require ongoing reporting of decentralisation efforts. This could encompass a variety of areas, such as the distribution of network nodes or the degree of participation from community members.
Another important aspect of disclosure could centre around the technology component of each network. This could include regular code audits to ensure that the technology is secure, reliable, and able to perform its intended function. Additionally, the governance of the token could be subject to voting audits to ensure transparency in the decision-making process of each network. In some cases, financial reporting could also be required under a disclosure-based regime. This could include the provision of proof-of-reserves to demonstrate that the network has sufficient funds to back its operations, as well as the disclosure of revenue and expenses to provide insight into the financial health of the network.
Mandated disclosures should also include a set of risk factors for the review of participants in DeFi, including risks such as regulatory, cybersecurity, operational, liquidity, smart contract, and interoperability risk. Such risk factors should be informed by guidelines crafted for DeFi that are similar to the European Securities and Market Authority ‘Guidelines on risk factors under the Prospectus Regulation’ and the Financial Conduct Authority’s Prospectus Directive under FSMA, and may be crafted both by regulators or in connection with potential self-regulatory initiatives discussed below.
Potential Safe Harbour Approaches
A potential safe harbour could provide numerous benefits by fostering innovation and flexibility alongside regulatory certainty (and could incorporate elements of the tailored disclosure regime referenced above). It has the added advantage, as compared to sandbox approaches, of providing a clear rules-based framework to the industry that is applicable in the same way for all actors (while sandboxes are typically more discretionary in how they operate and so can often have a more limited scope; although in our view sandboxes do also have their merits). Several proposals have been made along these lines that are worthy of consideration and although they were not drafted with the UK regulation in mind, they are good source of information to guide HMT’s approach: (i) Hester Peirce’s “Token Safe Harbor Proposal 2.0” published in April 2021; (ii) the Responsible Financial Innovation Act (“RFIA”); and (iii) LeXPunk’s “Safe Harbour X/Reg X”. All of these approaches could also include a cross-border or interoperable sandbox approach.
SEC Commissioner Hester Peirce’s Token Safe Harbor Proposal 2.0 provides a time-limited exemption for cryptoassets, affording initial development teams a three-year period to establish their networks as functional or decentralised, while exempting them from US federal securities registration. The exemption would continue to apply provided that the developer (i) complied with anti-fraud rules, (ii) provided semi-annual updates to the plan of development disclosure and a block explorer and (iii) made certain disclosures, including an explanation of governance mechanism for implementing changes to the protocol); a block explorer, and sufficient information for a third party to create tools for verifying the transaction history of the token. Lastly, upon the cessation of the grace period, the developer would be required to draft and disclose an exit report explaining why the network is sufficiently decentralised and the token is not a security (or otherwise register the token as a security).
An analogue of the Token Safe Harbor Proposal 2.0 is the Safe Harbor X proposal by LeXpunK Army — a community of lawyers and technologists who advocate for decentralised and peer-to-peer protocols — published in April 2022, which aims to address three key issues that the authors believe have impeded the adoption of Commissioner Peirce’s proposal:
- The proposal’s focus on tokens without distinguishing between different types of transactions.
- The wide-ranging exemption covering the entire three-year network maturation period.
- The risk of regulatory arbitrage and unfair advantages for traditional or incapable issuers.
SafeHarbor X aims to address these concerns by modifying the approach in three key ways:
- Focusing on exempting “qualifying distributions” of tokens to users and builders, rather than the token itself, allowing regulators to address potential abuses or unanticipated issues.
- Requiring eligible projects to be permissionless, open source, autonomous ‘public goods’ software to qualify for the exemption.
- Mandating an initial development team to be subject to a 12-month post-public-launch lockup for their autonomous crypto tokens, similar to the holding period for restricted securities under Rule 144.
LeXpunK have also proposed a targeted disclosure and registration regime called Regulation X (“Reg X”), which is designed to work alongside the SafeHarbor X proposal by affording projects that are not able to meet its (deliberately) strict requirements. The proposed Reg X offering exemption allows token projects to raise up to $75 million from accredited investors and up to $15 million from non-accredited investors in a 12-month period, subject to certain disclosure,anti-fraud requirements, and trading restrictions. The disclosure requirements include providing information about the network, its purpose, development plan, token economics, governance, risk factors, and insiders. The secondary market beneficial ownership reporting regime would require persons and groups who constitute large holders at the time of offering requiring them to file reports where ownership thresholds are exceeded and exit reports where holdings drop below the reporting threshold. Additional disclosures regarding extrinsically affiliated persons are also expected to be developed under the proposed framework, as well as to comply with certain trading restrictions and reporting obligations.The anti-fraud requirements require projects to comply with the federal securities laws and regulations, as well as adopt a code of conduct and dispute resolution mechanism.
The trading restrictions include limiting the amount of tokens that can be sold by insiders and affiliates in any 90-day period, and requiring them to file a notice of their intended sales with the SEC. The reporting obligations include filing annual and quarterly reports with the SEC, as well as disclosing any material events or changes that affect the network or the tokens.
By contrast to the Safe Harbor 2.0 and Safe Harbor and Regulation X proposals, the Lummis-Gillibrand Responsible Financial Innovation Act (RFIA) aims to establish comprehensive disclosure requirements for ancillary assets and their issuers. It mandates a one-year period following the submission of disclosure, during which issuers must detail their plans to support or discontinue the use and development of the ancillary asset, as well as information about markets and platforms utilising the asset.
Both of these proposals should be analysed in the context of US security laws and its unique applications (and, in particular, the classification of cryptoassets for the purposes of US securities laws which has proven to be an extremely complex and somewhat controversial issue in the jurisdiction). The RFIA necessitates extensive corporate information about the issuer, including their history, experience, legal proceedings, and risk factors associated with the ancillary asset. While it shares some commonalities with Hester Peirce’s Token Safe Harbor Proposal 2.0 in terms of promoting transparency and addressing regulatory challenges, the RFIA has a broader scope and encompasses various aspects related to ancillary assets, including ownership information and related person transactions.
HMT could also consider encouraging the adoption of a cross-border sandbox for DeFi. For example, the FCA is part of the Global Financial Innovation Network (“GFIN”) — a collection of 20 regulators from countries including the UK, Canada, USA, and Australia — enabling firms to test innovative financial products, services, business models or regulatory technology. The GFIN model has not proven easy to implement. Indeed, in its first cross-border testing cohort, a total of 38 applications were received with only two firms successfully taking forward propositions to the live testing phase given the failure to implement testing plans that satisfied each jurisdiction’s criteria. Accordingly, it is crucial that any cross-border or interoperable sandbox format be attempted first with jurisdictions that are taking a similar approach to the DeFi space.
Within a cross-border sandbox or collaborative law-making framework, regulators could work together to clarify the treatment of various DeFi components, such as DAO frameworks, decentralisation models, risk factors and other disclosure requirements, KYC requirements, and the treatment of proof-of-stake versus proof-of-work networks.
The safe harbour and cross-border sandbox approaches referenced above can be a valuable addition to any FMSA-based registration and disclosure regime for cryptoassets. Similarly, a RegX type approach serves as an intriguing ‘lite’ version of the same registration and disclosure framework that can facilitate access to capital for innovative DeFi projects. These methods are promising and potentially effective ways to achieve desired policy outcomes while fostering responsible innovation in the crypto space. By incorporating these approaches, regulators can promote the development of new, groundbreaking technologies in the cryptoasset ecosystem in a responsible and compliant manner.
Technologically-mediated approaches to disclosure
Technologically-mediated approaches to disclosure also present new opportunities for developing methods of verifying knowledge for DeFi participants. In his article “Introducing Disclosure NFTs, Disclosure DAOs, and Disclosure DIDs” and “Disclosure, Dapps, and DeFi”, Professor Christopher Brummer introduced two technologically-mediated approaches to DeFi disclosure of particular interest, both of which draw upon DeFi’s unique strengths: (i) disclosure NFTs or decentralised identities (DIDs) and (ii) disclosure libraries.
Disclosure NFTs can be employed to validate a user’s engagement with and understanding of the available disclosures. Users would interact with the available disclosures by reading or navigating through them and then complete tests or games designed to assess their comprehension. Upon successful completion, unique disclosure tokens would be issued, serving as proof that the user has thoroughly engaged with and internalised the relevant disclosures. These tokens, stored in the user’s digital wallet, could offer additional benefits, such as governance rights or access to specific services within the project, further incentivizing users to engage in the disclosure process.
DeFi disclosures could also be linked to unique decentralised identifiers (“DIDs”) tied to a given individual. A DID is a unique text string that links an individual or entity to a set of data (“DID Document”) describing them. This data contains public keys, verification methods, and ways to communicate or interact with them, including network addresses like HTTP URLs. The DID Document acts as an authentication tool for the person or entity and helps build trust in their interactions. Upon completing disclosure comprehension, an individual’s DID could be provisioned with a credential to verify successful engagement. This credential can be stored off-chain in a personal datastore, wallet, or integrated into a digital driver’s licence as part of the individual’s disclosure DID. The information would be self-sovereign, granting the holder control over data access and usage.
Decentralised Apps (“Dapps”) could verify delivery and engagement with disclosure, which may occur off-chain as in the Disclosure NFT example. Once confirmed, users can transact on the Dapp or others with similar risk profiles or disclosures, creating a decentralised, immutable chronological event record providing metadata related to past disclosure engagement.
Disclosure Libraries aim to create a more collaborative and accessible environment for developing DeFi-specific disclosures, built as an online repository. Disclosure libraries could function as a platform where developers, lawyers, and nonprofits come together to access, share, and contribute to open-source disclosures for Web3 applications. These disclosure libraries could also form a repository for DeFi self regulatory initiatives efforts. These libraries would lower the entry barrier for startups, reduce development costs, and foster a culture of transparency, collaboration, and shared expertise within the ecosystem. The LeXpunK github repository on open source law, which includes open source templates and other materials for DAOs, is an example of how such a library could be structured.
39. What indicators should be used to measure and verify “decentralisation” (e.g. the degree of decentralisation of the underlying technology or governance of a DeFi protocol)?
We refer to our response to question 36 above.
As discussed above, decentralisation is most appropriately defined as the distribution of various types of intrinsic network power across participants in DeFi systems. A thorough understanding of decentralisation is essential for crafting an effective DeFi regulatory framework, as the nature and level of decentralisation fundamentally alters the number, nature and distribution of participants, and the way DeFi systems operate.
There are various types of intrinsic network power, including:
Validator Power: The power to read or access a blockchain network’s data. The validator power in open, permissionless blockchain networks is typically quite decentralised because the data is freely available to anyone (but this might not be the case in private, permissioned blockchain networks which we are not considering in our responses here). The more decentralised the validator power, the less likely any single validator can control or manipulate the network, leading to reduced risks of fraud or collusion. Elements that can be assessed to evaluate the decentralisation of validator power include node count and distribution of ownership of these nodes..
Consensus Power: How agreement is reached among network participants on the validity of transactions and the overall state of the blockchain, including the power to write data to the blockchain in what is typically a two step process of (a) proposing a block; and (b) that proposed block being accepted by the other network nodes because it is consistent with the network’s consensus mechanism. Decentralisation in consensus power ensures that no single entity can dictate or manipulate the decision-making process, resulting in a robust and secure network.
Protocol/Client Power: Protocol/client power refers to the control over the protocols and software clients used in DeFi networks. Decentralising protocol/client power through open-sourcing mitigates the risks of single points of failure, monopoly power, or a centralised entity driving the direction of the network without consideration for its users and stakeholders.
Governance/User Power: This pertains to the influence users and stakeholders have over the rules, policies, and decision-making within a DeFi network. A decentralised governance structure, where users have a say in shaping the network’s future, ensures a more inclusive, democratic, and responsive system, which better aligns with the interests and needs of its participants. Related to governance and user power is contributor diversity, referring to the number and variety of developers who contribute to the source code of a DeFi network. A higher contributor diversity indicates a more decentralised software development process and reduces key person or team risk arising from dependence on a single developer or a core team.
We note that there is not yet a standardised or industry-accepted set of standards for evaluating and/or verifying decentralisation, although there have been and will no doubt continue to be efforts to create a standardised framework. The various disclosure approaches outlined in this response would be extremely helpful in this regard by helping to enhance transparency and reduce information asymmetry. As discussed above, we agree with HMT’s observation that decentralisation exists on a spectrum; and we would stress that, although some projects may claim to be decentralised when they are not, this does not mean that no projects are genuinely and substantially decentralised. We refer to our response to question 36 and, in particular, our discussion with respect to the critical role that decentralisation (and dis-intermediation) plays in mitigating potentially harmful concentrations of power in DeFi networks/systems.
Relatedly, we acknowledge HMT’s observation that once certain DeFi networks/systems (or elements or those networks/systems) reach a certain level of decentralisation then they may not be practical to regulate. This is a significant observation because in our view: (i) it highlights that an authorisation-based regulatory approach to DeFi might risk being too inflexible to cater for this type of ‘transition’ as compared to a disclosure-based approach; (ii) it recognises the importance of decentralisation as a critical feature of DeFi networks/systems that qualitatively distinguishes it from TradFi, with different regulatory consequences; and (iii) decentralisation in this manner provides various consequential benefits to DeFi system components (as we have already described above – including increased transparency and reduced information asymmetry) that can ensure desired policy outcomes are still maintained even in the absence (or impracticability) of traditional regulation.
- Chapter 12: Other Crypto Asset Activities (Miners and Validators)
44. Is there merit in regulating mining and validation activities in the UK? What would be the main regulatory outcomes beyond sustainability objectives?
We broadly agree that there could be some merit in bringing certain types of mining/validation activities within the scope of a suitably targeted, light-touch disclosure-based regulatory regime. However, as with any other element of a DeFi network/system, great care has to be taken to ensure the specific technical details and idiosyncrasies are being appropriately taken into account — along with related opportunities and risks — when bringing any regulatory framework to bear.
At the outset, it is important to highlight that mining (in proof-of-work networks) and validation (in proof-of-stake networks) activities take many different forms with different technological implementations. What is consistent across all of these forms is that mining/validation processes typically play an absolutely essential role in the functioning of a DeFi system (and blockchain networks more generally) via a host of processes including, for example, proposing new blocks for addition to the blockchain, choosing which transactions to include in proposed blocks, accepting or attesting proposed blocks, receiving block rewards and/or transactions fees and (taking these various processes together) maintaining network security. These processes are typically embodied in and form an integral part of crypto asset-based incentive frameworks that are deterministically enforced.
Given the vitally important role that mining/validation activities play in DeFi (and other cryptoasset) networks and systems, great care should be taken to ensure that any proposed regulatory approach does not inhibit these activities, and in so doing stifle innovation or create uncertainty for market participants.
It is also important to note that discussing ‘mining and validation activities’ writ large or as a monolithic category risks missing various critical technical, operational, and risk profile differences that should inform the regulatory approach. First and foremost it is important to situate these functions within the specific consensus mechanism and network in question. Proof-of-work and proof-of-stake are two different consensus mechanisms used in blockchain technology. Proof-of-work involves miners solving complex mathematical problems to validate transactions (most notably, Bitcoin), while proof-of-stake involves validators holding a certain amount of cryptocurrency and using it as collateral to validate transactions (NEAR Protocol, Polkadot, Ethereum, etc). The Foundation’s focus will be on proof-of-stake networks, given that the NEAR Protocol is a layer-1 proof-of-stake network.
A validator in a layer-1 network is a key role. Validators stake their cryptoassets in a shared pool and then analyse blocks based on the rules set by the network and receive rewards in the form of network fee for verified transactions. The network rewards can vary based on the amount of cryptoassets staked in the validators pool (generally with the more cryptoassets staked the higher the rewards). Each network determines its own reward and commission fee structure, which is generally enshrined in the deterministic rules of the network.
Consider further the following high-level examples of different types of validation activities:
- Single participant running a validator node. A participant operates their own validator node, contributing their resources to maintain network security and earn rewards in return.
- Delegated staking. Users delegate their cryptoassets to a trusted validator, who then stakes on their behalf, generally sharing the rewards and risks proportionally.
- Pooled staking. Participants pool their tokens together to create a shared validator node, distributing rewards and risks among the group based on each individual’s stake.
- Custodial staking. Users entrust their tokens to a third-party custodial service, which stakes on their behalf and manages rewards and risks, often for a fee.
- Liquid validator staking. Users stake their cryptoassets through a smart contract, with such staking contributions themselves made freely transferable (often in tokenised form), providing liquidity while still participating in staking.
These (and other) categories of validation activities clearly function very differently and present different potential risks. Across all of these categories however it is crucial to recognise that validation activities are typically controlled by the underlying networks and protocols, which utilise complex technical and cryptoasset-based incentivisation structures. Such structures are generally pre-determined and can be deterministically enforced, providing full transparency to all network participants.
Given the vitally important role that validator activities play in DeFi networks and systems, regulators should exercise great care when proposing any approaches to avoid unduly restraining these activities, stifling innovation, or creating uncertainty for market participants.
Collective Investment Scheme (“CIS”)
One potential source of uncertainty for UK-based DeFi participants in the UK arises in connection with certain types of mining or validator activities and the definition of ‘Collective Investment Scheme’ under section 235 of the FSMA. The definition includes arrangements with respect to property (including money) that allow participants to engage in or receive profits or income that stem from the acquisition, holding, management, or disposal of property, or sums paid out of such profits or income. The arrangements falling under the CIS definition must be such that the persons who are to participate (“Participants”) do not have day-to-day control over the management of the property, whether or not they have the right to be consulted or to give directions. They must also have the following characteristics: (i) the contributions of the Participants and the profits or income out of which payments are to be made to them are pooled, and (ii) the property is managed as a whole by or on behalf of the operator of the scheme.
Presently, it is extremely unclear the extent to which different types of mining and validation activities — particularly pooled validator staking — might fall within the CIS definition. The current definition of CIS may not be suitable for DeFi practices primarily because: (i) it predates blockchain technology and therefore it is unable to address the nuanced aspects of decentralised technology; and (ii) it is a definition unique to the UK which focuses on scenarios where capital or assets are pooled and entrusted to third parties with significant investment discretion, which is not the case in DeFi. Moreover, with the borderless nature of blockchain technology in general, and permissionless nature of DeFi in particular, it would be challenging to pigeonhole validating activities under CIS. Schemes within the scope of s.235 are generally more centralised with a significant potential for abuse of power and conflicts of interest concentrated on a small number of people responsible for investment decisions (amongst other issues), as well as the fact that typically such ‘products’ are highly illiquid and/or carry significant risk.
In the context of pooled validator staking, the risks present in TradFi do not apply because validation activities contribute to network functioning and security, rather than passive capital contribution as is the case under a CIS, and compensation for that work is often pre-determined and deterministically enforced by the relevant network or smart contracts (rather than dependent on the efforts or discretion of others). Indeed, the discretion offered to a manager under a CIS is different to the narrow role of a validator in a proof of stake network that can be deterministically enforced on-chain through cryptoasset based incentivization structures to protect mining and validation function in networks. Regulation should not interfere or jeopardise the inherent on-chain cryptoasset-based incentivization structures that protect mining and validation functions within networks. Also, creating barriers to entry for staking could potentially concentrate validation power into the hands of a smaller number of well-resourced validators, negatively impacting DeFi’s key characteristics: decentralisation and dis-intermediation. We suggest that HMT considers exercising its power to carve-out pooled validator staking arrangements from the CIS definition, which would help promote certainty, encourage decentralisation, and support HMT’s overarching policy objectives.
More generally, in our view any proposed approach to regulating mining and validation activities should focus on addressing potentially harmful concentrations of power – for example, where a large amount of a DeFi network’s consensus power is concentrated in the hands of a small number of actors, sometimes termed ‘validator dominance’. As with the other forms of potentially harmful concentrations of power in DeFi systems, validator dominance can reduce transparency and competition, and also raise consumer protection risks.
A regulatory approach to tackle these potential risks could involve a light-touch disclosure regime targeting validators operating at a certain scale, by way of a business. Disclosure requirements could be congruent with policy principles, ensuring that the regulatory environment remains conducive to the growth and development of DeFi networks and their participants.
The eventual disclosure requirements could be designed by a joint regulator and self-regulatory initiative, and could include: (i) basic information about validators such as their identity, location of nodes, stake amount, uptime, security measures, technical specifications and performance metrics of the validator’s hardware and software; (ii) a standard set of risk factors applying to validators; and (iii) any fees/commission charged by validators. As mentioned above, in order to avoid potentially stifling validation activities or creating barriers to entry for individual network participants, we would suggest that any such regime should only apply to validators operating at scale and by way of a business (i.e. as a service offering to end users).
Maximal Extractable Value (“MEV”)
MEV refers to the profit that network miners and validators can obtain by strategically ordering or including transactions in the blocks they mine or validate within a blockchain network. MEV arises due to the decentralised nature of blockchain networks, where transactions are not processed simultaneously and miners/validators have some degree of control over transaction ordering in a block. HMT has identified MEV as an area of potential consideration.
MEV is a critical component of DeFi systems (and blockchain networks more generally) because it underpins and typically forms an integral part of cryptoasset-based incentive structures which are designed to maintain and reinforce (amongst other things) the security and consensus of blockchain networks. MEV is also a highly nascent issue with very little data to inform the long-term impact of different types of MEV activities and strategies. Any regulation of MEV should therefore be carefully considered.
At a high level MEV-based activities or strategies are typically categorised by industry participants into so-called positive (value-add) and negative (potentially harmful) strategies.
- Positive (value-add) MEV strategies. These strategies are generally seen as beneficial or neutral to the network and its participants. They involve miners/validators extracting value without negatively impacting other users or the overall ecosystem. Examples of so-called positive MEV strategies include: (i) transaction prioritisation (transactions with higher fees are prioritised, which helps maintain a free market and the network’s incentivisation system); and (ii) arbitrage (exploitation of price differences across different cryptoasset markets, contributing to market efficiency).
- Negative (potentially harmful) MEV strategies. These strategies can potentially have adverse effects on the network and its participants, raising (amongst other things) consumer protection risks. They involve miners extracting value at the expense of other users or manipulating the network in a way that undermines its trustworthiness and efficiency. Examples of so-called negative MEV strategies include: (i) identifying lucrative transactions and replicating them before they are finalised on-chain, thereby capturing that value; and (ii) front-running (deliberately placing transactions before and after another transaction in an attempt to influence pricing of relevant cryptoassets).
There are already various efforts underway by industry participants to attempt to mitigate so-called negative MEV strategies, including:
- MEV Auctions (e.g. Flashbots). Flashbots is a research organisation that focuses on addressing the negative externalities of MEV. They have introduced a system called MEV-Geth, which enables miners to participate in sealed-bid auctions for transaction ordering rights. Users can submit their transactions directly to miners along with a bid representing the tip they are willing to pay. This system creates a more transparent marketplace for MEV, reducing the likelihood of potentially harmful strategies.
- Fair Sequencing Services (“FSS”). Fair Sequencing Services is a proposal to modify the way transactions are ordered within blocks. Instead of miners having complete control over transaction ordering, an FSS provider would decide the order based on predefined rules or algorithms that aim to reduce the potential for negative MEV strategies. FSS can be combined with other solutions like commit-reveal schemes, where users submit encrypted transactions that are revealed and processed only after a specific time, reducing the possibility of potentially harmful MEV strategies being deployed.
- Transaction Privacy Solutions. Privacy-enhancing technologies, such as zero-knowledge proofs and confidential transactions, can help obscure transaction details and make it harder for miners to identify and potentially exploit MEV opportunities.
As we identified above, MEV can play a vital role in DeFi networks and is a complex, nascent area. There is also very little data regarding the impact of different MEV activities/strategies and the potential issues to which they give rise. Therefore at this stage we do not believe any regulatory intervention by HMT would be wise or desirable (although that does not mean there may not be scope for regulatory intervention in the future). Instead, we would suggest that HMT continues to monitor the MEV environment and consider revisiting the area once there is more clarity regarding the longevity and impact of different MEV activities and strategies.
45. Should staking (excluding “layer 1 staking”) be considered alongside crypto asset lending as an activity to be regulated in phase 2?
Staking refers to a range of activities that involve locking up crypto assets in DeFi platforms or applications to earn rewards, such as provision of liquidity, yield farming, or other token-based incentives. These staking activities differ from layer 1 staking, which as described in more detail in our response to question 44, is the process of securing a blockchain network by validating transactions and creating new blocks. Staking in DeFi platforms or applications often involves complex mechanisms and contracts that expose participants to various types of risks, such as counterparty risk (the risk of default or fraud by the other party), liquidity risk (the risk of not being able to withdraw or exchange the staked assets), market risk (the risk of price fluctuations or volatility), and technology risk (the risk of hacking, bugs, or errors in the platform or application).
So-called cryptoasset ‘lending’, on the other hand, involves the ‘lending’ and ‘borrowing’ crypto assets through platforms that use digital assets as collateral (we would emphasise again – as already noted in our response to question 36 – that any comparison of DeFi to CeFi/TradFi (and the use of TradFi terms to describe certain DeFi processes) should be approached with caution on the basis that such comparisons are a useful heuristic but do not capture and risk obscuring DeFi’s qualitative differences). This activity allows borrowers to access capital without selling their crypto assets and enables lenders to earn interest on their idle assets. However, cryptoasset lending also entails risks, such as collateral risk (the risk of insufficient or devalued collateral), platform risk (the risk of insolvency or failure of the platform), and regulatory risk (the risk of non-compliance with existing or future regulations).
Given the significant differences in the nature, risks, benefits, and potential systemic implications of both staking (excluding layer 1 staking) and crypto asset lending, it is essential to thoroughly examine these aspects before deciding whether they should be regulated in tandem in phase 2. Factors regulators should consider include:
- The types and levels of risks associated with these activities and how they can be mitigated or managed by the participants or the platforms.
- The degree of investor/consumer protection required in each case, considering that some staking and lending platforms might lack strict know-your-customer (KYC) and anti-money laundering (AML) processes or adequate disclosure of information and terms and conditions.
- The potential impact of these activities on the broader financial ecosystem and whether they could contribute to systemic risks or financial instability by creating interdependencies, contagion effects, or market distortions.
- The accessibility and transparency of staking and lending platforms for different types of investors, such as retail or institutional investors, and whether they provide fair and equal opportunities and treatment for all participants. By considering these factors, regulators can make an informed decision on whether staking, excluding layer 1 staking, should be considered alongside crypto asset lending for regulation in phase 2.
We do not think that consumer-based permissionless staking for network security should be regulated in the same way as staking in DeFi platforms or applications. Consumer-based permissionless staking for network security is a simpler and more transparent activity that involves locking up cryptoassets in a blockchain network to secure its operations and earn rewards. This activity does not involve complex mechanisms that create additional risks for the participants. Moreover, consumer-based permissionless staking for network security does not pose significant systemic risks or financial stability concerns, as it is decentralised and distributed across many nodes that validate transactions and create new blocks. Therefore, we believe that consumer-based permissionless staking for network security should be treated differently from staking in DeFi platforms or applications for regulatory purposes.
46.What do you think the most appropriate regulatory hooks for layer 1 staking activity would be (e.g. the staking pools or the validators themselves)?
Please refer to the comprehensive answer to question 44 above.
 See note 1.
 CFTC v. FTX Trading Ltd. et al., 1:22-cv-10503-PKC, SDNY, paras 56-62 (available here). See also, e.g., Sandali Handagama, CoinDesk,, FTX Violated Its Own Terms of Service and Misused User Funds, Layers Say, 10 November 2022 (available here),
 See, e.g., Lang Mei, Nasdaq, 5 January 2023, Learning the Hard Way: The FTX Debacle Once Again Demonstrates DeFi’s Strengths (available here) (“[b]lockchain analytics platform Nansen has reported a double-digit percentage increase in DeFi users in the aftermath of the FTX collapse”).
 Kennedy and Crypto, Chair Gary Gensler, 8 September 2022 (“[g]iven the nature of crypto investments, I recognize that it may be appropriate to be flexible in applying existing disclosure requirements. Tailored disclosures exist elsewhere — for example, asset-backed securities disclosure differs from that for equities”) (available here).
 In the past year, a few CeFi entities (Alameda, Celsius, Voyager etc) failed due to lack of reserve funds and transparency (among other things). In the Bankruptcy report filed re FTX, the major pitfalls of the exchange were based on its lack of appropriate controls, concentrated power, and commingled funds which also led to poor accounting and lack of reserves.
 See note 11.
 Safe Harbor X, LeXpunK-Army, 7 March 2023 (proposing a rule that would provide an exemption for the distribution of autonomous cryptoassets to users and builders of autonomous software systems, based on the Token Safe Harbor Proposal 2.0, but with some modifications and additions, such as requiring semi-annual updates, an exit report, guidance on decentralisation criteria, and clarifying the definition and scope of autonomous cryptoassets and autonomous cryptosystems). These safe harbour proposals would operate to effectively provide projects with conditioned routes to compliance, based on each project meeting various requirements (including disclosures, smart contract audits, and degree of decentralisation) (available here).
 17 CFR § 230.144. Rule 144 under US securities laws allows for the sale of restricted securities under certain conditions one of which is a holding period. See SEC, Rule 144: Selling Restricted and Control Securities, 16 January 2013 (available here).
 See note 11.
 See Mayer Brown’s comments on the Lummis-Gillibrand bill referring to ‘ancillary assets’ as: ‘An ancillary asset includes any “intangible, fungible asset that is offered, sold, or otherwise provided to a person in connection with the purchase and sale of a security through an arrangement or scheme that constitutes an investment contract” but, importantly, does not include assets that have debt or equity-like characteristics’” (available here).
 Model law consultations and proposals can serve as guidance or inspiration for other jurisdictions that are considering similar reforms or initiatives. COALA created a model law for DAO’s, organising industry players, academics, and regulators to collaborate on the language. The intention is to work with local governments to allow adoption of the Model Law. See, e.g., Model Law For Decentralised Autonomous Organizations, Constance Choi, Primavera De Filippi, Rick Dudley, Silke Not Elrifia, Coalition of Automated Legal Applications (COALA), 2021 (available here).
 The Edinburgh Decentralisation Index is a proposed framework for measuring and comparing the degree of decentralisation in different blockchain systems. The framework consists of four layers: network, protocol, governance, and application. Each layer has a set of features that capture different aspects of decentralisation, such as node distribution, consensus mechanism, upgrade process, and smart contract functionality, and is assigned a score from 0 to 5 which is then aggregated (available here). Also, Consensys has analysed metrics of decentralisation on the Ethereum mainnet, including network size, node diversity, node geography, client diversity, miner diversity, gas usage, gas fees, and transaction volume. Another analysis computes the distribution of mining power in Bitcoin and Ethereum using three metrics (Gini coefficient, Shannon entropy, and Nakamoto coefficient) and three granularities (days, weeks, and months), while the so-called decentralised quotient measures decentralisation by calculating the number of nodes by the number of validators or miners in a blockchain network (available here).
 See note 23.
 See note 23.
 The NEAR Protocol has recently launched the Blockchain Operating System (“BOS”), which serves as a single platform that developers can build into and users can interact on, including by browsing and discovering Web3 products such as crypto exchanges, non-fungible token (NFT) galleries and social networks. The BOS will be compatible with all blockchains (currently supporting NEAR Protocol and Ethereum Virtual Machine chains), with NEAR protocol acting as the common entry point. The BOS offers a decentralised and composable and front end framework for building, launching, and using dApps, while leveraging common user experience frameworks such as profiles, notifications, and searching. With BOS, the NEAR protocol is transitioning from being only a layer 1 blockchain to a cross-chain solution aiming at lowering the barriers of entry into Web3. For more information on the BOS, see, e.g., Near Protocol Announces the Blockchain Operating System, NEAR Foundation, 2 March 2023 (available here);
 See ‘MEV’ section below.
 For an excellent, detailed discussion of MEV, see Evan Zinaman, Where the Rubber Meets the Road: A MEV-aware, Functionalist Review of OFAC Risk ‘On the Base Layer,’ 29 April 2023 (available here).