On Protocol Tokens and Securities Law

Warning: these opinions are my own, do not constitute legal advice, and you adopt recommendations entirely at your own risk.

This article addresses the nature of protocols and applicability of securities law to low level protocol tokens such as BTC and ETH. By popular request though I’ll build on the findings here with a following post looking at AppCoins. Will tweet… https://twitter.com/dominic_w.

Counterbalancing Loud Voices

Talk often proceeds in vague but alarmed tones about the risks of tokens being illegal securities. If there is a general thesis — and it is difficult to confirm exact reasoning since exponents often demand $20,000 for a memo when you push them for details — it is that behind all open decentralized networks such as Bitcoin and Ethereum there is in fact a “common enterprise” and that protocol tokens become securities by providing a means to share in profits (i.e. they become something like company stock whose issuance and trading is highly regulated).

They propose that regulated entities adopt the roles of token (securities) issuer for the networks. This would of course make “open” decentralized networks into shams and undermine their purpose by anchoring hosted data in jurisdictions and creating central points of control and failure. Coincidentally, it would also make them goldmines for securities lawyers.

In the past I have regularly attended regulatory roundtables around the world with C level members of government and financial regulators where matters of law and policy have been discussed. At these roundtables, lawyers who professed to be supporters of open networks on panels the previous day can be found lobbying that securities regulations are being infringed, that more regulation is needed, and that quick enforcement actions are necessary!!! Ironically, the regulators themselves are usually far calmer and more circumspect, wishing to observe the industry and gain a deeper understanding of the facts.

My friend Preston Byrne is such a use-securities-law protestor! After working in the UK as an associate lawyer in securitization and derivatives, Preston joined the “private blockchain” platform startup Eris Industries as COO and General Counsel. Preston now seems to vociferously tweet innuendos that all open networks involve securities violations and even sometimes describes them as scams and Ponzi schemes. Coincidentally, Preston still offers legal advice on securities and moreover Eris envisages a world where there are only private blockchains operated using platforms such as theirs. We might guess then that low cost open networks where businesses can easily co-locate and integrate their systems are not his cup of tea…

Of course, our industry does contain bad actors (and Preston correctly calls them out) and as we shall see they may more reasonably expect securities laws to unexpectedly apply to their dubious schemes. What is frustrating is that those in opposition to open networks muddy the waters by deliberately failing to distinguish between dubious get rich quick schemes and exemplary examples of bona fide open network launches such as Ethereum that were guided by extensive legal advice from very senior lawyers and experts.

The fact remains that many (in my experience the great majority) of senior experts believe bona fide open networks and protocol tokens can be designed in ways that stop them being securities schemes. This post is for those interested in launching bona fide open networks the right way.

What Open Networks Involve

The Meaning of “Protocol”

When we say that clients run protocols we mean that in essence they are using something similar to Morse code. That is, clients send messages to other computers in the network and receive responses and decide how to create and interpret the content of messages using some protocol rulebook. Of course, we are interested in protocols that are far more sophisticated than Morse code, which really just involves alternating sequences of long and short beeps. Nonetheless, when you hear the word “protocol” you should really should be thinking beep, beeeep beep…

Satoshi’s revolutionary Bitcoin whitepaper introduced a protocol that allowed a vast network of client computers to collaboratively maintain a currency ledger without servers, even in the presence of clients that actively try and break the protocol and reverse transactions. Speaking from a theoretical Computer Science perspective we might say Satoshi introduced the first “stateful decentralized protocol” in which clients send protocol messages that may modify future protocol interactions for all other clients. For example, once a Bitcoin client sends a message that successfully transfers bitcoins on the ledger to a new address then no other client will be able to send a message transferring the same “coins”.

The state maintained (here the ledger of “coins”) is a virtual construction of the protocol that must be inferred through the sending and receiving of protocol messages. There are no server machines holding authoritative copies of the ledger, and this state really only lives within the protocol interactions being made across the network. Since protocol messages must travel between clients, they may often infer different versions of the state at any one time, and since they typically must converge on agreement the updates they see may be reversed but with rapidly decreasing probability as execution progresses (in the Bitcoin protocol, the more “confirmations” a client sees, the more convinced it becomes of a transaction’s irreversibility).

Smart Contracts and Trusted Computing

The shared virtual computers of trusted computing networks may look less like protocols, but they remain so. Smart contracts are added to the network state using a “transaction” very similar to those that which moves bitcoins. Once there, their code may be “executed” by other transactions that further update the state, but only in ways defined by the protocol that specifies exactly what each low level software instruction does. Smart contract code looks like normal software code but the nature of its execution is different. A smart contract uploaded into the network state is really extending the underlying protocol. This means that sometimes we can now encode business logic in code that runs as a network protocol.

The Properties of Protocol Systems

The clients talk a common language and are distributed all over the world. There is no center, no authority, and the computing platform the network produces is virtual. A trusted computing network is just a running instance of a stateful protocol that carries its current state in messages and client memories of previous messages. The client computers running the protocol are physical, but the network content only exists within the messages they exchange. Just like the Morse code protocol cannot have a geography, a location or jurisdiction, neither can trusted computing networks and the shared virtual computers contained within them. These are the first fundamentally extranational computational systems.

Protocol Tokens With Value

In Bitcoin the tokens are simultaneously the incentive for the miners and the purpose of the network: a means for sending value directly between entities (man, machine or organization) without need for intermediaries. This is a traditional “cryptocurrency”. Ethereum’s tokens are more multipurpose, and also act as fuel that pays down computation. An open trusted computing network could never function unless computation required supplies of token fuel since otherwise attackers could simply submit infinite computations to tie up the miners with pointless work. Fuel tokens thus provides the key means of mediating participation in the network. Of course, speculators acquire the fuel in the hope rising demand will drive up its price, but this is not their fundamental purpose.

As trusted computing develops, we will see increasingly sophisticated “participation tokens” appear. At the time of writing, the not-for-profit Ethereum Foundation wishes to recommend a protocol update incorporating a new mining design based on “Proof of Stake” (far from popular perception, the foundation is unable to dictate what client software miners run and must always engage in industry lobbying and persuasion to make things happen). In the new design, miners will secure their participation in mining by making large security deposits of fuel tokens (ETH, or “ether”) that the protocol can automatically burn if it detects incorrect behavior. Tokens will also be used as a voting mechanism to coordinate the network.

The chart below shows the rising price of ETH tokens on the markets driven by both demand and speculation. Note that when people talk about possession of tokens, what they really refer to is having control of the tokens using a key, since tokens are completely virtual and exist only within the network protocol instance.

Tokens At Genesis — the “Premine”

A key consideration is that original networks often require years of research, development work and dedication of substantial funds to be brought to life. So although these protocol instances become public goods once running, there needs to be a way to repay the efforts and contributions that made them possible. The model adopted by Ethereum is elucidatory. Here an initial band of early contributors to the project formed around Vitalik Buterin after he had presented his white paper and vision in 2014. These people donated R&D support, general help and money to get the ball rolling, and then scaled out efforts by organizing a “token distribution” that collected donations for a not-for-profit foundation.

Once the foundation judged the different client software implementations ready, it recommend a genesis state to the community where digital receipts provided for donations and early contributions would be converted into initial token allocations. Since the Ethereum client software is open source any group could create another network from a genesis of their choosing. However, the network effects created by cooperation are valuable, and so the worldwide community coalesced around the genesis state recommended by the foundation to launch this major new open network.

The original interface for the distribution is show below. Note that donations were described as “purchases” although they amounted to simple transactions sending bitcoin tokens to the foundation’s address recorded on the Bitcoin blockchain (which acted as receipts). The distribution ran for 6 weeks and early donations, as per any contribution to such a project, were held as more valuable than later ones and hence the “price” slowly increased. Almost a year later, when the client software implementations were ready, the Ethereum Foundation simply drew on its previously declared policy to recommend a script that would construct a genesis state from the bitcoin receipts and other records of contribution.

Ethereum is an example of how people can cooperate across national boundaries to bring a new public good to life, which is hugely encouraging for the future. One day we may see open networks like this being as indispensable as other tools of international cooperation such as the UN. Before proceeding to see how the “genesis state” can be misused and getting around to discussing how this relates to securities law, we should note how the distribution of ETH tokens amongst people and individuals reflected the open nature of the network. In the genesis state 80% of tokens were allocated to those who donated to the foundation in the distribution and only 20% were allocated to the reserves of the foundation and provided as compensation for early contributions. Vitalik Buterin was the largest individual recipient, but received around only 1% of these tokens, far less than the proportion of shares a startup founder would expect to receive.

The Dark Side: How Genesis Allocations Are Abused

Apparently not bona fide:

Although most speculators in crypto tokens have become quite savvy, cowboy operators can often still attract those with less knowledge of the industry. The advent of revolutionary decentralized technology has created a febrile atmosphere where people are easily tempted to make unwise choices. In that sense, the current situation bares superficial similarities to previous crazes such as the Dot Com Boom, or the Railway Mania of 1840’s England. Naturally, many are tempted to think that application of national securities laws designed to control such activity provides a solution.

As we shall see, general application of securities law to open networks such as Bitcoin and Ethereum does not however make sense, and even if existing securities laws could be adjusted, applying national laws to protocols run internationally by client computers that are inherently without geography and controllers — that are fundamentally just beeping to each other — would be harmful and unfair.

Note again however that the situation is arguably much clear with respect to supposedly open networks that are really just shams and facades for opportunists, or which are honestly run but really just the puppet of commercial organizations.

Securities Definitions: Do Protocol Tokens Match?

How Federal Law Defines Securities

At the federal level, the findings of a 1946 case involving citrus groves provide the primary means to test whether a scheme involves securities. The defendants in the case were the W. J. Howey Company, which owned tracts of lemon groves in Florida, and Howey-in-the-Hills Service Inc, which provided lemon grove cultivation services. Mr Howey wanted to raise money to finance future developments, so decided to divide half his acreage into uniform lots and offer them for sale. He then promoted these lots for sale together with a special contract that allowed buyers to lease the land back to his service company for 10 years, and get a warranty deed entitling them to a share of the profits generated from the cultivation of the land.

The case made it to the U.S. Supreme Court and their findings created the “Howey test”. This determines if schemes constitute an “investment contract” and therefore qualify as a security under the federal definition. According to the test, an investment contract is “a contract, transaction or scheme whereby a person invests his money in a common enterprise and is led to expect profits solely from the efforts of the promoter or a third party, it being immaterial whether the shares in the enterprise are evidenced by formal certificates or by nominal interests in the physical assets employed in the enterprise.” This is very broad, but let’s break it down! The investment prong requires the investor commit assets to an enterprise in a manner that may subject them to financial loss. The main inquiry concerns what the buyers were offered or promised.

What matters is whether the buyers entered into a contract on the hope of financial gain. “The test … is what character the instrument is given in commerce by the terms of the offer, the plan of distribution, and the economic inducements held out to the prospect.” The court has defined “profits” as “either capital appreciation resulting from the development of the initial investment … or a participation in earnings resulting from the use of investors’ funds.” Promised returns may be fixed or variable and promoted as low-risk or “guaranteed”.

The test was defined in terms of principles to prevent people exploiting loopholes: “It embodies a flexible rather than a static principle, one that is capable of adaptation to meet the countless and variable schemes devised by those who seek the use of the money of others on the promise of profits.” Justice Powell clarified the definition in Tcherepnin vs Knight, 1967, saying “[I]n searching for the meaning and scope of the word ‘security’ … form should be disregarded for substance and the emphasis should be on economic reality.”

As you likely guessed from the foregoing, Howey lost his case. Although the service contract was “optional”, his marketing stressed the superiority of leasing to Howey-in-the-Hills. Buyers leasing back their land lost all access to their lots, which were not separated from each other (i.e. the assets where commingled in a “common enterprise”) and it was clear that the buyers were mostly out-of-state business people and professionals who never intended to use the land themselves — in short, they hoped to profit from the efforts of the service company (the “promoter or third party”) and if it failed they would be subject to financial loss since the land was otherwise useless to them. The combination of the land sales contract, warranty deeds and service contract were declared an “investment contract” and thus an unregistered/unauthorized security.

In summary, the Howey test determines a scheme to be an investment contract by looking for four key elements:

  1. An investment of some consideration
    Justice Murphy used the term “money” but arguably subsequent case law has expanded the concept to include other considerations of value (including, potentially, cryptocurrency).
  2. Into a common enterprise
    The meaning of “common enterprise” has never been properly clarified, but most federal courts test for “horizontal commonality” where money or assets from multiple investors are pooled and they share in profits and risk in some proportion. Be warned though, that courts have also used “vertical commonality” too, so you really need to look into this carefully.
  3. In expectation of profits
    Which as described above, can be in the form of capital appreciation, participation in earnings, interest or even guaranteed cash returns. Only the expected return of profits to investors is relevant; pyramid and Ponzi schemes are therefore covered even though no real profits are generated by the underlying enterprise.
  4. Derived solely from the efforts of the promoter or a third party
    This means the efforts of the promotor or third parties must be primarily responsible for determining the success of the enterprise (or more specifically with respect to the previous element, the expected profits).

The Risk Capital Test of Some States

Frustratingly, this additional test is vaguer than Howey, and the California Appellate Courts, following the California Supreme Court, have avoided establishing formal formulas to test the facts of cases. This is necessary to provide leeway in application since, as we shall see, it is very open to interpretation. The California Court of Appeals thus found “[t]he ‘risk capital’ test is … not applicable in all situations”, but then omitted the means for determining exclusion.

The risk capital test derives from the Silver Hills Country Club v. Sobieski case in which developers in Marin County bought land with the plan of building a country club. To raise money for construction, they sold charter memberships that would provide purchasers free reign of the club without yearly fees. At the federal level the Howey test would not classify the memberships as securities since purchasers only sought the benefits of free membership rather than financial return. But the California Supreme Court still found they were securities by creating a new state-level risk capital test that considers only:

  • Whether funds are being raised for a business venture or enterprise;
  • Whether the transaction is offered indiscriminately to the public at large;
  • Whether the investors are substantially powerless to effect [sic] the success of the enterprise; and
  • Whether the investor’s money is substantially at risk because it is inadequately secured.

The court specifically stated that the “act extends even to transactions where capital is placed without expectation of any material benefits”. Generally speaking, California courts only determine that schemes do not involve securities if investments are sufficiently collateralized and/or investors are actively involved in the venture. The act otherwise broadly condemns transactions involving raising “funds for a business venture or enterprise; an indiscriminate offering to the public at large where the persons solicited are selected at random; a passive position on the part of the investor; and the conduct of the enterprise by the issuer with other people’s money.”

The purchasers of Silver Hills Country Club memberships had no control over the success of the club’s construction, planned launch or operation and were entirely passive. The membership deals were widely marketed for sale, and the failure of the scheme would have resulted in the loss of investor money in the sense that the expected rewards of club membership would not materialize. For these reasons, the memberships were considered securities.

Potential Impact to Decentralization

A particular concern is that decentralized protocols draw participants from all around the world. Since there are 196 countries worldwide, participants in schemes are thus exposed to risks arising from large numbers of different regulatory regimes. The U.S. regulations are particularly onerous, and in addition to Howey the risk capital test adopted by 16 states should be considered. On a positive note, where schemes pass without being classed as involving securities in the U.S. they will most likely also avoid the ire of other regulators around the world. For this reason, unless you have the resources to examine each country’s regulatory regime in turn, a reasonable strategy is to focus on analyzing concerns wrt the U.S. system.

The Case for Protocol Tokens being Securities

1. An investment of some consideration

Bitcoin-class. Since launch only requires miners around the world to run free open source client software, nobody has solicited investments. However, the protocol itself still requires miners to continuously perform expensive computations in order obtain bitcoin rewards. This involves capital outlay on computing hardware and substantial ongoing electricity costs. Could these expenses actually be investments into the scheme?

Ethereum-class. A not-for-profit foundation is formed to promote the protocol. To acquire the necessary funds, donations are accepted on the promise the foundation will later recommend a network is launched where the genesis state allocates participation tokens in proportion to the size of contributions. Could these donations really be considered investments into the scheme?

2. Into a common enterprise

Bitcoin-class. At any one moment, the protocol instance is maintained by a vast network of client computers. Could this in fact be some kind of common enterprise where the computing equipment and bitcoin assets of individual users comprise the common asset pool?

Ethereum-class. Supporters of the protocol send donations (arguably investments) to a not-for-profit foundation, which collects them together thereafter disbursing funds to developers, lawyers, PR personnel, conference operators and other actors with the aim of promoting the protocol. Could the foundation in fact be the common enterprise? Or more precisely, could “investors” worldwide who made donations collectively be the common enterprise and the not-for-profit foundation their sham proxy?

3. In expectation of profits

Bitcoin-class. It is undeniable that bitcoin miners hope to profit from their investments in computation (a consideration of value) by receiving bitcoins.

Ethereum-class. The token distribution process run by the foundation makes clear that the purpose of tokens is to pay for computation and to participate in activities such as mining and voting. However, anticipating the future success of the network, speculators are undeterred by warnings about the risks of investing in protocol tokens. Arguably, a large portion of the donations are made by speculators that wish to secure allocations of tokens in the genesis state. Their expectation is that these will grow in value thus delivering profits.

4. Derived solely from the efforts of the promoter or a third party

Bitcoin-class. Although miners certainly earn the bitcoins they create, they and hope the value of bitcoins will increase generating even more profits for them. These profits will ultimately be related to the success of participants around the world growing demand for the network by building new applications and evangelizing. Arguably, the rise in price is entirely due to the efforts of others.

Ethereum-class. Those making donations (investments) to the foundation expect it to disburse collected funds appropriately and ensure a successful international open network is launched. Expected profits will be entirely dependent on the efforts of the foundation.

Risk capital test.

Bitcoin-class. n/a

Ethereum-class. Numerous companies made donations to the foundation because they hoped to build systems on the resulting network. However, their role until the network is launched is passive and they are dependent on protocol designers, software developers and eventually a community of miners to launch it. If the foundation fails to do its work properly they will fail to receive the expect benefit of the network and therefore their capital is at risk.

Analyzing the Securities Case

1. An investment of some consideration

Bitcoin-class. The claim that miners are investing in a securities scheme by purchasing computing equipment and expending electricity is surely spurious. Nearly every process that generates objects of value through physical processes such as manufacturing, farming or real mining involves investment in equipment and ongoing operational costs. For example, a farmer invests in a tractor then purchases fuel to power it with the hope of generating wheat (whose price he also hopes will increase on the markets). A court would feel this is a better way of explaining the Bitcoin-class miners’ actions.

Ethereum-class. Donations to a not-for-profit foundation are more easily argued to be investments. The fact is that some speculation is inevitable, and the fear would be the speculators could change how the scheme was seen. Luckily, application of Howey and subsequent case law relies heavily on the examination of substance. To determine substance, courts will frequently examine the promotional materials associated with an instrument in determining whether it is a security. Where materials promise great returns or guaranteed income without work, courts typically find the instrument to be a security subject to federal securities regulations (yes, the promoters of The DAO may be wincing at that). But it also works the other way too.

If the foundation is very careful to promotes that tokens should only be used to participate in the network, for example by using them as fuel for computation or as security deposits for the purposes of mining, and strictly eschews claims or innuendo about potential appreciation in value that might tempt investors and speculators and instead warns of the various risks and failure modes possible, the substance of a token distribution should not be affected by cynical speculators.

2. Into a common enterprise

Bitcoin-class. To find client computers around the world communicating using an open protocol to be a common enterprise, a court would have to find common characteristics with previously defined common enterprises. Since client computers cooperate using a complex low level protocol and their owners are unknown to each other and have no ways to communicate themselves, it would have to be argued they were coordinated by a foundation, core developers or thought leaders on social media.

But the argument would be wholly fallacious. At least in the case of a genuinely open and decentralized network, there are no controllers, even though there are influential actors. This is absolutely manifest by the machinations of the industry, where key players continuously try and fail to exert influence, act against each others interests and remain locked in power struggles. These competing actors are distributed around the world and without any kind of leadership or legal structure it is not even clear where the common enterprise would be said to exist. It would be similar to saying that users of the HTTP protocol are part of a common enterprise since the interoperation makes e-commerce possible.

Ethereum-class. Again, once the network were running it would be hard to claim the foundation was the hub of a common enterprise due to its inability to control participants. At risk of covering the same ground again, I will first mention Ethereum’s recent network fork to address The DAO hack, where the Ethereum Foundation played little role in affairs and campaigning fell to numerous individual actors including the author who ran a petition to try and consolidate community support that took weeks to rally. When the fork was eventually adopted, ongoing disagreements resulted in a network split and the emergence of a new “Ethereum Classic” chain and community, completely disproving the idea community participants are controlled by the foundation.

Stronger arguments can be made that the foundation was a common enterprise during the launch phase of an Ethereum-class network when a accepted donations: does not some organization in a regulated jurisdiction accept and pool donations (the investments) and apply collected funds to launch a valuable network then distributing the fruits of its efforts (the profits) by recommending allocations of participation tokens in proportion to contributions. Even though the foundation itself is a not-for-profit organization, regulators must look for the substance and “economic reality”. Arguably here the foundation looks more like a common enterprise, but when we poke harder things again begin to wobble.

Firstly, the foundation can only recommend to the community some genesis state that contains initial token allocation reflecting donations and contributions. This is highly material, because as the network software is open source, the community can take the software and launch their own network with a different set of allocations. The value is thus not transferred from the foundation to those allocated tokens, but rather created for those allocated tokens by the community as a whole when it adopts the recommended genesis state. Clearly then, the foundation cannot be a common enterprise that distributes profits to investors.

Secondly, to create a foundation in a highly regulated jurisdiction such as Switzerland, it will be necessary to clearly state a mission that will be carefully examined before not-for-profit status is granted. Thereafter, the authorities will continue to monitor the foundation to ensure that its actions conform to its mission. If, therefore, a foundation is created to promote an Ethereum-class protocol, this is the role it must indeed perform. Clearly, this is very different from promoting the value of protocol tokens to benefit investors. Again, this indicates that a genuine not-for-profit foundation in an open network is different from a common enterprise in substance.

3. In expectation of profits

Bitcoin-class. While Bitcoin miners of course hope to profit from their investments in equipment and electricity through generating tokens, it is also clearly the case that this is more analogous to farming or mining than investing (even if they do hope the value of their tokens will increase in the same way a farmer hopes the market price of wheat will increase).

Ethereum-class. The primary purpose of the Ethereum-class protocol tokens is to facilitate participation in network activities including computation, mining and voting. Therefore, although unavoidably there will be some speculators who acquire protocol tokens because they expect them to appreciate in value, the substance of a bona fide scheme is provision of participation rights rather than expected investment returns.

4. Derived solely from the efforts of the promoter or a third party

Bitcoin-class. The process of mining involves arduous key management and systems administration. For this reason it would be absurd to claim gains derive solely or even significantly from the efforts of a promoter or third party.

Ethereum-class. If speculators acquire allocations of participation tokens by making donations to the foundation during the distribution and simply sit on them, any later appreciation in their value will clearly be derived solely from the efforts of others. However, courts examining the facts of a case must look to the fundamental substance of the situation. If the network involved is truly open and created for bona fide reasons, the primary purpose of the tokens is participation in network activites, and many token holders are participating (such as building smart contracts systems that will require computational fuel to run or configuring mining operations), speculation will not be the substance of the system.

The reliance on substance rather than form means that even more sophisticated tokens that generate returns may not be viewed as being like securities if they are designed appropriately. For example, the concept of a Proof of Stake system that allows protocol tokens to be “locked” to a mining identity in such a way that they produce steady returns might sound like dividends (returns generated by a security). But as long as the protocol disburses these returns only upon correct performance of mining responsibilities, they would not depend solely on the efforts of others and instead have the substance of remuneration.

Risk capital test.

Ethereum-class. Those donating to the foundation place their capital at risk in the sense that if the project fails they may not gain the benefits of the network they were expecting to launch. Assuming that the foundation collecting donations was found to be raising money for a “business or venture”, will it fail the capital test? Recall that California courts determine schemes do not involve securities if investments are sufficiently collateralized and/or investors are actively involved in the venture. In the network launch process, the community transforms contribution receipts directly into token allocations on the foundation’s recommendation, and this requires the foundation to hold very little collateral (perhaps only enough for some social media communications). To be sure, the foundation might aim to be running a test network while it collects donations to prove it is always in a position to trigger the launch of the network those making donations expect to see.


PROTIP: Dominic is just a geek entrepreneur with a longstanding interest in scalable protocols and cryptography for decentralized systems. Develop a deep understanding yourself, but always include a lawyer in your adventures.

President/Chief Scientist DFINITY