As the turbulent 2022 came to an end with the collapse of Luna/USDT, Three Arrows Capital, and FTX, global regulators finally realized the urgency of regulating the Web3 encryption industry. For example, all walks of life in the United States have gradually formed a unified attitude towards Web3 encrypted assets and technological innovation: accelerate regulatory innovation, not miss any revolutionary opportunity, and ensure that the Web3 revolution happens in the United States! Then, whether it is at the federal or state level in the United States, traditional finance and the Web3 derivative of the Internet-centralized financial CeFi (such as CEX, Wallet service providers, stable currency issuers, etc.) are included in the regulatory framework of traditional finance, and targeted Make legislative supplements based on the characteristics of the Web3 encryption industry based on blockchain.
We can see that regulatory agencies in various countries will shackle CeFi in 2023, but for DeFi, regulatory agencies in various countries seem at a loss, such as the notorious OFAC "one size fits all" sanctions against Tornado Cash. Miles Jennings, general counsel of a16z, responded to this incident with an article "Regulate Web3 Apps, Not Protocols" on September 29, 2022, and proposed a vision for the Web3 regulatory framework: it is meaningful to regulate smart contract agreements, and are the applications that should govern Web3. Since then, a16z has made recommendations for the Financial Stability Board (FSB)'s "Global Regulation of Encrypted Asset Activities" framework on December 15, 2022, including regulatory recommendations for DeFi, arguing that its "Same Activity, Same Activity" should not be adopted for Web3 Risk, Same Regulation” principle, because the current traditional financial regulatory framework is not suitable for decentralized Web3 applications. Recently, on January 11, 2023, Miles Jennings published "Regulate Web3 Apps, Not Protocols Part II: Framework for Regulating Web3 Apps", further in-depth and detailed discussion of the core of the Web3 regulatory framework: enterprises (business) should It is the center of gravity of regulation, not a decentralized autonomous software protocol.
Below, let's first understand the concept, characteristics and advantages of DeFi, so as to better understand the logic of the Web3 regulatory framework in Miles Jennings' article, and then see why a regulatory framework for DeFi should be established from a16z's DeFi regulatory recommendations to FSB , and finally use the regulatory status mentioned in the second article of Miles Jennings to further deepen and refine the understanding of the Web3 regulatory framework (applications should be regulated, not protocols).
1. What is DeFi
The full name of DeFi is Decentralized Finance, that is, decentralized finance. DeFi projects use blockchain technology and smart contracts to realize various functions of traditional financial institutions, such as lending, trading, wealth management, derivatives, asset management, and insurance. The biggest difference between DeFi and traditional financial institutions is that it is decentralized, does not rely on any third-party intermediaries to achieve financial functions, is open and transparent, transactions cannot be tampered with, and can be audited and traced.
Marvin Ammori, chief legal officer of Uniswap, pointed out in the article "Decentralized Finance: What It Is, Why It Matters" that some key features of the DeFi protocol, especially permissionless (Permissionless) and transparency (Transparent), embody the main features of Ethereum. values.
- The "permissionless" feature is open to both end users and developers: anyone with an internet connection in the world can access the DeFi protocol, regardless of race, gender, age, wealth or political affiliation. Additionally, any developer can co-build on top of the protocol with peace of mind as there is no central authority capable of revoking their access.
- "Transparent refers to the inherent auditability of the DeFi protocol: because the DeFi protocol is always open source, all underlying codes are always auditable, all related funds are auditable, and all transactions are recorded in the on the blockchain.
These features of DeFi will unleash great potential in the future, such as: (1) Based on the open source and license-free features of Ethereum application codes, it can lower the barriers to entry for developers and users, such as "exchange aggregation" directly accessed through public APIs (2) DeFi’s transparent bookkeeping and auditability of books means that strict risk assessment and risk management can be achieved, such as setting the ratio of collateral and the degree of leverage; (3) using smart contract custody without any trust endorsement Account, users can be guaranteed at the protocol level, such as MakerDAO's risk compensation mechanism; (4) Blockchain infrastructure can solve real-time settlement and payment problems more efficiently, which is more efficient than traditional finance; (5) Global Liquidity pools and a unified market can provide higher liquidity and higher user access; (6) open and transparent databases and real-time ledgers can provide market participants with more information; (7) DeFi’s "Self-hosting" helps to eliminate intermediary and counterparty credit risks, and can bypass the supervision of CeFi hosting companies such as FinCEN.
At the same time, Marvin Ammori also mentioned that DeFi needs a clear regulatory framework. Regulators are now evaluating DeFi technologies, markets, and participants to determine an appropriate regulatory framework. The goals of regulation are to: ensure adequate transparency for users and regulatory enforcement; target fraud; and protect consumer freedom and privacy. However, in recent years, policy makers and regulators have focused more on the negative aspects of Web3 (such as Bitcoin being used for illegal financing, high-risk investment through Ethereum and early token sales, etc.), often without Recognize the more positive aspects of Web3. The result is that some regulators have misunderstood DeFi (including the role of DeFi decentralization of different participants and this technology based on blockchain and smart contracts), which is similar to trying to make the inventor of SMTP pay for every spam ever sent. Responsible, or make the inventor of HTTP responsible for every illegal website.
2. The Web3 regulatory framework proposed by Miles Jennings (regulatory applications, not protocols)
After understanding DeFi and its characteristics and advantages, it can further help understand the logic of Miles Jennings's proposed Web3 regulatory framework (regulatory applications, not protocols) in the article "Regulate Web3 Apps, Not Protocols". Miles Jennings started from the main factors that contributed to the prosperity of the Internet economy (the government did not regulate the basic protocol, but the application), and believed that the regulatory principles of the Internet should also apply to Web3. The main question is which layer of Web3 should be regulated. Afterwards, combined with the decentralization and objectivity of the Web3 protocol code (the protocol cannot abide by subjective rules, and the protocol cannot abide by global regulations), it is concluded that supervision at the protocol code level is unfeasible and meaningful, and should be more subjective and proactive. Supervision at the application level.
The following is the compiled content, enjoy:
Regulate Web3 Apps, Not Protocols
Many early proponents of the Internet argued that the Internet should remain free and open forever, making it a borderless and unregulated utopia for all mankind. But over the past two decades, that vision has blurred as governments have increasingly regulated online activity. Nevertheless, many of the Internet's underlying communication technologies, such as HTTP (data exchange for websites), SMTP (email) and FTP (file transfer), are still as free and open source as ever.
Governments around the world maintain their commitment to the Internet by embracing the technology as an open source, decentralized, autonomous and standardized protocol. When the United States passed the Scientific and Advanced Technology Act of 1992 (Scientific and Advanced Technology Act), it paved the way for the commercial prosperity of the Internet without tampering with the computer network protocol TCP/IP. When Congress passed the Telecommunications Act of 1996, it didn't interfere with how data was transmitted across the network, but still provided enough regulatory transparency to allow the US to dominate with today's giants like Alphabet, Amazon, Apple, Facebook, etc. internet economy. While no legislation is perfect, these legislative guarantees allowed industry and innovation to grow, giving birth to many of the Internet services we enjoy today.
The main factor that contributed to the prosperity of the Internet economy is that instead of regulating the underlying protocols, governments try to regulate applications, such as browsers, websites, and other user-facing software programs, often called "clients," through which users They come to access the network. And Web3—this next-generation Internet will generate new "clients" such as Dapps, wallets, and advanced decentralized protocols (including value exchange settlement contracts implemented through blockchains and smart contracts). Then the same principle of regulation should be extended to Web3 instead of discussing whether Web3 should be regulated. Supervision is necessary, popular, and guaranteed for users. What really needs to be discussed is: which level of technology should the supervision go to, and it is most meaningful for Web3.
Today, web users can access regulated browsers, websites, and applications through regulated Internet service providers, many of which clients are developed relying on free and open protocols. Governments can regulate by imposing access restrictions on website content, or requiring compliance with privacy rules and copyright norms, such as the US government forcing YouTube to remove terrorist recruitment videos without interfering with Dash (a video streaming protocol).
Regulating the protocol layer is not feasible for the following reasons: (1) Technically speaking, it is impossible for an objective protocol to comply with regulatory regulations through subjective judgment; (2) The protocol must be included in the supervision of different regulatory regulations in various jurisdictions around the world It is impractical, and may even cause conflicts; (3) Considering that the application or client level can subjectively comply with regulatory laws and regulations, it is necessary to re-modify the code of the protocol layer, and it will be counterproductive. Let's explain each reason in more detail.
1. The agreement cannot abide by subjective rules
No matter how well-intentioned a regulation may be, it can be disastrous for an agreement if it requires a subjective assessment.
Take spam, for example. While we all hate spam, what would the Internet look like today if regulation made it illegal for the email protocol (SMTP) to facilitate sending spam? The answer is: not good. Because judging spam is subjective, and opinions change over time. Big companies like Google spend huge sums of money trying to eliminate spam from their email apps or clients like Gmail, and still fail. Also, even if some regulators force SMTP to filter spam by default, since the protocol is open source, malicious actors can simply reverse engineer the filters. Therefore, for spam regulation, banning SMTP is either ineffective or the end of e-mail.
In Web3, we can compare emails to tokens in a decentralized autonomous protocol (DEX). If regulators want to prohibit trading at the protocol level for certain tokens that they believe may constitute “securities” or “derivatives,” they need to clarify how the objective protocol layer can subjectively meet the technical specifications of such classification. Defining whether a crypto asset is a “security” or a “derivative” is subjective and requires an analysis of facts and law, and even the U.S. Securities and Exchange Commission (SEC) is grappling with this issue. Therefore, such subjective classification technical criteria are impossible to achieve.
It is futile to try to embed subjective analysis into the code of the base layer. Just like SMTP, decentralized autonomous protocols like DEX cannot perform subjective analysis and judgment without human intervention. If manual subjective intervention is carried out, it will violate the decentralization and autonomy of the agreement. Therefore, if such regulations with subjective judgment rules are applied to DEXs, it will limit the technological innovation of the entire Web3 and endanger the vitality of all Web3 applications.
2. Protocols fail to comply with global regulations
Even if it were technically possible to build protocols capable of making complex and subjective decisions, it would be impractical to implement on a global scale.
Imagine the following scenario, SMTP allows us to send email to anyone in the world, but if the US government requires SMTP to filter spam, we can assume that foreign governments will do the same. Also, since the definition of spam is subjective, we can also assume that individual governments' definitions will vary. So, even though it is technically possible to build protocols that can make complex and subjective decisions, doing so runs counter to the idea of establishing a standard protocol that is practical on a global scale. It's impossible for SMTP to integrate the ever-changing spam filter requirements of 195 countries, and even if the protocol could, it would have no way of locating which country a user is in, and how to fairly account for conflicting requirements. Adding subjective judgments to protocols would undermine the bedrock upon which protocols are built: standardization.
Rules depend on context. In Web3, securities and derivatives laws and regulations define tokens differently from country to country, and these laws and regulations are constantly changing. DEX cannot establish a global standard for these laws and regulations, just like SMTP cannot restrict access based on geographic location. Ultimately, protocols cannot succeed if they are required to build on ever-changing global regulation.
3. Governance application or client
Now we can see why applications should be regulated and not protocols. Application-level regulation can achieve the goal of regulation without endangering the underlying technology, which has been successfully verified in the Internet era.
Precisely because the early network protocols were open source, decentralized, autonomous, and standardized, they can still be used more than thirty years later. But governments can limit the information passed through these protocols by regulating apps. Or protect the free flow of information as the US does with Section 230 of the Communications Decency Act of 1996. Each country can set its own standards and require browsers, websites, and application businesses within its own jurisdiction to develop products that comply with the standards.
The relationship between protocols and applications in the Internet age is the same as in Web3, so the governing principles for Web3 should remain the same. Web3's applications, such as wallets, Dapps, and other applications, enable users to deposit crypto assets in liquidity pools through lending protocols, purchase NFTs through marketplace protocols, and trade crypto assets on DEXs. These wallets, websites, and applications can be regulated in the jurisdictions they are trying to provide access to, and it is reasonable to do so.
The first generation of the Internet gave us incredible tools in the form of networking, data exchange, email, and file transfer protocols, all of which made it possible for information to travel across the Internet. And Web3 makes it possible to transfer value through the Internet, just as lending and asset exchange have become the native functions of this new generation of Internet. This incredible public good must be protected. As Web3's decentralized finance (DeFi) gradually expands to video games, social media, creator economies, and the gig economy, how regulation creates a level playing field will become even more important. Weighing all factors, the correct approach becomes obvious:
Applications should be governed, not protocols!
3. A16z ’s suggestion to FSB on the DeFi regulatory framework (regulatory applications, not protocols)
On December 15, 2022, a16z made recommendations for the Financial Stability Board (FSB)'s "Global Supervision of Encrypted Asset Activities" framework. regulatory recommendations. a16z believes that FSB should not adopt its "Same Activity, Same Risk, Same Regulation" regulatory principle for the Web3 encryption market, because the current traditional financial regulatory framework is not suitable for decentralized Web3 applications. In the regulatory proposal, a16z compared the difference between CeFi and DeFi, and compared the difference between DeFi protocol and DeFi application, so as to propose a regulatory framework suitable for DeFi (regulatory application rather than protocol), and concluded that traditional CeFi regulatory regulations cannot Conclusions for DeFi.
The following is the compiled content, enjoy:
Financial Stability Board, International Regulation of Crypto-asset Activities: A Proposed Framework–Questions for Consultation
DeFi applications are a vital part of the blockchain ecology. Since the traditional financial regulatory framework aims to eliminate the trust risk of financial intermediaries to reduce possible conflicts of interest or fraudulent behaviors, DeFi is based on blockchain openness, transparency, and code. Open source, auditable and traceable features eliminate the existence of intermediaries in the market, so it seems inappropriate to use the traditional financial regulatory framework to regulate DeFi. Therefore, it is very necessary to formulate a regulatory framework suitable for DeFi to avoid regulatory conflicts and over-regulation. The supervision of DeFi should be aimed at applications rather than smart contract agreements, because applications can be subjectively implemented in accordance with the regulatory regulations of various jurisdictions, while objective smart contracts on the chain cannot.
1. The difference between CeFi and DeFi
CeFi is centralized finance, which is operated by a centralized management team, and users enter the encrypted market through third-party intermediaries such as CeFi. CeFi is usually a traditional corporate legal person. Usually, the decision-making process and operation management are opaque. The company's decision-making represents the interests of a small number of people, and there is a subjective conflict with the interests of market consumers. A typical CeFi is like a centralized transaction such as FTX. Place.
DeFi is decentralized finance. It is composed of software protocols and deployed on the blockchain. It provides users with a large number of non-intermediary financial products and services through smart contracts. Users interact directly with smart contract protocols without any intermediary of trust and endorsement. . Anyone can check and audit the DeFi agreement ledger on the blockchain and the records of the price and quantity of each transaction. For example, Compound, a well-known DeFi lending protocol, has a transparent, immutable blockchain ledger that can publicly check all transaction history.
In the violent volatility of the encryption market in the past year, DeFi protocols have shown sufficient resilience to market pressure. The large-scale explosion in the encryption market is concentrated in CeFi, such as Celsius Network, Voyager Digital, and FTX, while the truly decentralized DeFi protocols, such as Compound and Uniswap, are operating normally. This reflects the advantages of DeFi protocol smart contracts.
2. Regulatory framework for DeFi (governing applications rather than protocols)
The DeFi protocol is a software code composed of smart contracts. It has the function of providing peer-to-peer lending and other financial transactions. The protocol is hosted or integrated on a blockchain such as Ethereum. It has code open source, decentralization, autonomy and anti-censorship. characteristic. Among them, decentralization and censorship resistance have special regulatory and legal significance.
Decentralization has multiple meanings, including governance, decentralization at the legal level (because no one controls the public chain), and decentralization at the software architecture level. a16z pointed out in his article "Principles & Models of Web3 Decentralization" that Web3 applications can achieve legal decentralization (Legally Decentralized) by meeting the following two points: (1) All operational and management information is transparent and available to all (realized by transparent blockchain distributed ledger); (2) no need for additional management efforts of the centralized team to promote the success or failure of the project (realized by smart contracts, decentralized economic model and DAO) .
Due to the fact that no one controls the agreement and the very objective reality of "Code is Law", it is difficult for DeFi agreements to perform subjective legal compliance operations in accordance with the requirements of the traditional financial regulatory framework. In addition, once the DeFi protocol is deployed, it will run permanently on the blockchain and cannot be taken off the shelves like an application. For example, the Tornado Cash protocol can still run autonomously on Ethereum even if the relevant wallet address is sanctioned.
DeFi applications are front-end products built on top of the DeFi protocol, allowing users to interactively access the DeFi protocol. Different from the protocol layer, developers of Web3 applications can subjectively decide whether the application needs to comply with the regulatory laws and regulations of a certain country, or avoid the regulatory regulations and compliance risks of a certain country through flexible design.
3. Traditional CeFi regulations should not apply to DeFi
The traditional financial regulatory framework designed for CeFi should not apply to DeFi, because the two are fundamentally different. For CeFi, regulations are designed to eliminate trust risks in financial intermediaries to reduce possible conflicts of interest or fraud. As for DeFi, blockchain technology has the characteristics of openness, transparency, decentralization, and trustless endorsement, which directly eliminates financial intermediaries in the market, so it naturally solves the problems that CeFi supervision wants to solve, and DeFi is in many ways It is better than the strictly regulated CeFi, such as the openness, transparency, auditability and traceability of the blockchain, which directly solves the lifelong pursuit of the SEC - complete information disclosure. Therefore, it is illogical to apply CeFi regulation on a large scale to decentralized Web3 applications without financial intermediaries. Decentralized Web3 applications have already achieved the goals of CeFi regulation, such as transparency, auditability, traceability, and accountability. Responsibility risk management, etc.
4. Proper regulation can ensure the development of the DeFi industry
This regulatory principle of DeFi (supervising applications rather than protocols) enables smart contract protocols as network infrastructure to continuously improve the Web3 ecosystem and benefit millions of DeFi users. Since DeFi protocols run autonomously on the blockchain, they are open and accessible to anyone around the world, creating unprecedented opportunities for financial inclusion, especially for those whose trust in political authorities and financial institutions has been compromised emerging markets. Latin American countries are leading the world in the use of DeFi protocols, and DeFi is also making progress in some countries in Africa, such as Nigeria and Kenya.
4. Miles Jennings & Brian Quintenz further elaborated on the regulatory framework of Web3 (regulatory applications, not protocols)
On January 11, 2023, a16z's General Counsel Miles Jennings and General Policy Counsel Brian Quintenz published the article "Regulate Web3 Apps, Not Protocols Part II: Framework for Regulating Web3 Apps". The derivative of the framework is also a derivative of the DeFi regulatory framework proposed by a16z for the FSB. It aims to establish a suitable Web3 regulatory framework for Web3, which can retain the innovation and advantages of Web3, and at the same time prevent illegal risk activities from harming consumers.
The article continues the point of view in Part I—applications (enterprises) can customize compliance applications according to the regulatory requirements of the place of operation, while software protocols that are globally common and autonomously operate cannot make subjective judgments based on the regulatory requirements of the place of operation . And around the policy goals of Web3 regulation - reducing the risk of illegal activities, providing strong consumer protection to achieve policy goals, and eliminating behaviors that run counter to policy goals, it is concluded that regulation at the Web3 application level can achieve regulatory goals, At the same time, it promotes innovation at the Web3 protocol level. This regulatory framework is in the best public interest.
At the same time, the article continues the conclusion in Part I that applications should be regulated rather than protocols, and combined with the actual regulatory situation in the Web3 industry: (1) Whether regulation can meet policy goals (such as DeFi because of its decentralized characteristics instead of traditional Financial regulation requires the regulatory goal of eliminating the risk of financial intermediaries, so it is not appropriate to apply the traditional financial regulatory framework to DeFi); (2) the characteristics of Web3 applications (consider whether the application is for profit, consider whether the main purpose of the application is legal) ; (3) The constitutional significance of regulatory regulations (such as freedom of speech, whether the constitutional rights to protect private property are violated due to excessive regulation), to further discuss under what circumstances Web3 applications need to be regulated and under what circumstances do not need to be regulated. Finally, further refine and clarify the core of the Web3 regulatory framework: enterprises (applications) should be the focus of regulation, rather than decentralized autonomous software codes.
The following is the compiled content, enjoy:
Regulate Web3 Apps, Not Protocols Part II: Framework for Regulating Web3 Apps
There are two extreme groups on the issue of Web3 regulation. One extreme is to fully apply the existing regulatory framework to Web3. This group ignores the key technical characteristics of Web3 and fails to realize the huge difference between Web3 product services and traditional product services. This perception directly led this group to advocate the regulation of DeFi in the same way as CeFi. Contrary to another extreme claim that Web3 should be completely excluded from the existing regulatory framework, this group ignores the economic reality of many Web3 products and services, trying to escape the regulatory framework that has successfully made the US capital market flourish bondage.
The right path to governing Web3 lies somewhere in between. In this post, we will explore a pragmatic framework for Web3 governance that follows the principles of the previous post - that Web3 governance must only be applied at the application level (programs that provide users with access to protocols), not at the Protocol level (the underlying decentralized blockchain, smart contracts, and network infrastructure).
Put simply: Govern the business, not the software.
Enterprises can customize applications according to the regulatory requirements of the place of operation, but software protocols that are universal and autonomously run globally cannot make subjective judgments based on the regulatory requirements of the place of operation. This is why throughout the history of the Internet, government regulation has always chosen to regulate applications such as email providers (such as Gmail) rather than the underlying protocols of email (such as SMTP). The conflict of global regulatory regulations and the inconsistency of subjective judgments will hinder the ability of software protocols to operate autonomously and interact, making them useless.
During the explosive growth of the internet over the past few decades, it is in the public interest that is best governing applications, not protocols. While the complexity of Web3 technology layers adds challenges to regulation, the regulation of Web3 applications does not need to address illegal activities at the protocol level. Just like we don't regulate SMTP because email can facilitate illegal activities. However, a regulatory framework for Web3 must reduce the risk of illegal activity, provide strong consumer protections to achieve policy goals, and eliminate behavior that runs counter to policy goals—all of which can be done most effectively at the application level.
We believe that the regulatory framework for Web3 should focus on the following three interrelated factors:
l The policy objectives of the proposed regulations must be clear. If a regulation does not serve a legitimate purpose, it should not be adopted.
l Regulation must take into account the characteristics of Web3 applications to determine the scope of regulation.
l It is necessary to consider whether the Web3 regulatory laws and regulations are unconstitutional, and detailed analysis based on facts can provide reference for regulatory law enforcement and judicial opinions.
Based on these factors, our proposed preliminary regulatory framework is as follows (it should be noted that any regulatory implementation and landing will depend on the specific specific environment), and according to our proposed Web3 regulatory framework, the following will be discussed in more detail, so that Gain a better understanding of how and why regulations should apply to Web3 applications.
1. Policy Objectives of Web3 Governance
Regulation should be consistent, as the phrase "same activity, same risk, same rules" seems to apply to many Web3 applications. However, if we observe carefully, we will find that because Web3 has different functions and risk control settings at the application level and protocol level, this statement cannot be applied to all Web3 applications. Therefore, we must clarify the policy goals of regulations to understand whether differences in functionality and risk control require a different regulatory approach to Web3.
A regulation can achieve multiple policy goals, including protecting investors and consumers, encouraging innovation, promoting capital formation and capital market efficiency, encouraging (or restricting) competition, and protecting national interests. Sometimes, however, regulations fail to achieve their purpose. This may be because a regulation exceeds its original purpose, it may be applied too broadly beyond its intended purpose, or it may create unaccounted-for consequences. factors, or it may be that imposing such regulations would curb the value of technological development. In these cases, continuing to enforce a regulation may be done to protect vested interests or to regulate for the sake of regulation, neither of which is acceptable.
A historical example illustrates this point. In 1865, the British Parliament passed a Motor Vehicles Act, requiring road vehicles in cities to travel no faster than 2 miles per hour and requiring a man to wave a red flag in front of the vehicle. While red flag laws may be appropriate in an age of few cars and ubiquitous pedestrians, it would be absurd to be required to enforce them today, and would be very detrimental to the current well-functioning transportation economy. With advances in vehicle technology, road infrastructure, transportation methods, and traffic protocols, this bill is clearly outdated. Likewise, any one-size-fits-all regulatory approach would be as anachronistic as a locomotive bill, given the technological advances Web3 represents. This will greatly weaken the rationality and effectiveness of regulation.
Applying regulation to protocols (rather than Web3 applications) leads to equally absurd results. Just like the car brought faster mobility, the new computing paradigm brought by Web3 technology also brought new network functions (such as lending, transactions, social media, etc.). The ability to transfer value at the speed of the Internet is an extremely powerful raw capability, and one that is still in its infancy. If regulators impose judgment requirements on Web3 protocols and impose globally conflicting regulatory requirements (such as restricting the trading of certain judgment-requiring assets, such as securities or derivatives, or censoring speech categories), then the legality of regulation Regulatory requirements may put development teams through a centralized process to create the illusion of Web3 protocol governance command and control. While regulators are understandably looking for centralized control and accountability, the governance of blockchain protocols is often globally distributed and decentralized, otherwise undermining the functionality and utility of Web3 protocols.
To be truly "technology neutral," regulation should not limit or impair the technology it is intended to regulate. This is the fundamental reason why governance should only apply to Web3 applications, since they are run by enterprises, which can abide by subjective rule-making, while the underlying protocol as software code cannot. A similar point should be held further down the technology stack to protect the underlying functionality of the blockchain (e.g. validators, miners, etc.). Regulation that destroys the value of technology is not so much a law as Ruddism (referring to a blind impulse to resist new technologies and new things).
Decentralization is one of the advantages of blockchain technology, which has significant implications for regulation. Critics often scoff at decentralization as an excuse, but blockchain decentralization is real and a big deal.
Consider the difference between CeFi and DeFi. In the world of CeFi, many regulations aim to eliminate the risk of financial intermediaries that need to trust endorsements. The purpose is to reduce the occurrence of potential conflicts of interest or fraud, especially when one has to trust others to deliver money or assets ( See: FTX & Alameda, Celsius, Voyager, 3 AC, MF Global, Revco, Fannie Mae, Lehman Brothers, AIG, LTCM, and Bernie Madoff). In the world of DeFi, traditional financial intermediary services are eliminated, and there is no need to trust any financial intermediary. Therefore, the real DeFi, through the decentralization, transparency and trustless endorsement brought by blockchain technology, eliminates most of the risks that many CeFi regulations are designed to solve. By removing trust and reliance on financial intermediaries, DeFi can keep users away from the centralized risky behavior that is prevalent in CeFi, and does a better job than any "self-regulation" or "public regulation" system in CeFi. In other words, it makes sense to apply CeFi's "red flag behavior" supervision to DeFi, or to say: don't be evil.
Therefore, it is illogical to apply all CeFi regulations to Web3 applications that do not provide similar intermediary services. Furthermore, any regulatory intervention would be counterproductive. Regulatory intervention will prevent DeFi from achieving the reasonable policy goals pursued by many financial regulations, such as openness and transparency, auditability, traceability, responsible risk management, etc. Such regulation should be firmly resisted.
Nonetheless, due to the multiple policy objectives of regulation, it is difficult to exclude all regulation from Web3, even in the intermediary-focused regulatory areas replaced by DeFi such as financial services. Consider, for example, the difference between "broker" (BD) regulations under the U.S. Securities Act and "introducing broker" (IB) regulations under the U.S. Commodity Derivatives Act. One purpose of the BD-related regulation is to protect investors from the inherent risks of intermediaries who custodize investor assets, while the IB-related regulatory rules focus on how conflicts of interest can cause intermediaries to influence transactions, in the absence of custodial investor assets. Down. Although the decentralized feature of Web3 technology eliminates the custody requirements of BD-related regulations, this alone may not eliminate the requirements of IB-related regulations, especially when DeFi applications make decisions on behalf of users (such as routing transactions).
Consider the regulations that restrict the offering and sale of securities and derivatives in the United States. These regulations serve multiple purposes, some of which have not been replaced by decentralization or Web3 technologies, such as those related to investor protection. If the same risks and considerations apply to centralized and decentralized businesses and technologies, the default position may be that regulations should be consistent unless there is some overriding legitimate policy purpose. For example, it might be said that a centralized business (a centralized exchange like Coinbase) should be banned from earning commissions on securities and derivatives transactions, but another decentralized protocol (a decentralized exchange like Uniswap) should be allowed. Trading Agreement) earn commissions on these same types of transactions. Such a regulatory approach may lead to a significant competitive advantage for DEXs over CEXs and will lead to regulatory arbitrage. Therefore, this difference in regulatory approach needs to be justified by a compelling policy purpose, such as promoting decentralized innovation (which we discuss further below).
The examples above are just the tip of the iceberg when it comes to the range of regulations that may apply to Web3 applications. However, it should be clear from the above cases that effective regulation should have clear policy goals, appropriate regulatory scope, and productive effects. Taxonomies and classification issues like the one above are the bottom line of analysis: how DeFi works must be understood at a granular level. What every good-hearted regulator learns as they embark on their blockchain learning journey is this: superficial essential similarities between traditional and blockchain finance belie deep operational, organizational, and functional differences.
2. Features of Web3 applications
The characteristics of a Web3 application determine the risks that this application may pose and should therefore be used to determine whether and to what extent regulation should apply. For example, many Web3 applications may not be fully trustless because they host users' assets, mediate users' transactions, market or advertise certain assets, products or services to users. Applications with these characteristics are most likely to require regulation, as they are more likely to pose legacy centralization risks to users, and would also be inconsistent with policy objectives if not regulated. In addition to the risk characteristics of centralization, in the case that Web3 technology does not hinder the purpose of regulation, two important characteristics of Web3 applications also affect whether it should be regulated: (1) whether the application is operated by the enterprise for profit ; (2) Whether the intended main purpose of the app is to circumvent regulation (that is, whether the main purpose is legal or illegal). We will analyze many other factors in future articles, but for now, start with these two.
2.1 For-profit and non-profit
If Web3 technology is not a substitute for regulatory policy goals, then there is a strong presumption that such a business should be regulated if it is run by a business for profit, regardless of whether the Web3 application is a decentralized protocol . First, the very fact that an app is run by a business for profit can put users at risk. For example, if such an application facilitates certain types of financial transactions, there may be an inherent conflict of interest in operating a business to profit from those transactions. Second, if regulations are inappropriate and fail to prohibit businesses from profiting from illegal activities, then such regulations are actually encouraging the promotion of such illegal activities and may lead to the increase of such illegal activities. For example, allowing businesses to charge commissions on illicit trades in tokenized securities or derivatives could lead to an increase in such illicit trades, which would be contrary to the policy objective behind such regulation (to reduce the prevalence of such trades), assist The laws of law and abetment make this argument a central tenet.
Nonetheless, a more flexible regulatory approach to for-profit Web3 applications may be justified due to the benefits that Web3 technologies bring. In particular, since Web3's decentralized protocols augment the native capabilities of the internet and are available to anyone, they can effectively serve as public infrastructure (similar to SMTP/email). A flexible regulatory approach to for-profit Web3 applications could drive the growth of these protocols, facilitate development, and even allow developers to self-finance by operating for-profit applications. Conversely, onerous regulation of entry or regulation of scale will prevent this technology from realizing its full future potential. Requiring developers to register under an overly onerous regime, or obtain expensive, time-consuming licenses, to deploy a front-end website that provides access to a decentralized protocol would greatly limit the development of Web3 innovation in the United States. Thus, there would be a strong public policy argument in favor of protecting nascent Web3 applications from regulation to incentivize the development and adoption of Web3 infrastructure in the United States.
The case for not regulating Web3 applications is stronger if they are not run by businesses for profit. For example, many Web3 applications operate as social public goods (i.e. as purely non-custodial communication and consensus software interacting with decentralized protocols). These Web3 applications may not raise the same concerns as above, because if no one is profiting, there is less or no incentive to create a conflict of interest or encourage operators to facilitate illegal activities. As noted above, the goal of any Web3 regulatory framework should be to reduce the risk and restraint of illicit activity, not to eliminate the possibility of it occurring. Therefore, if Web3 applications are not run by businesses for profit, they should resist as much as possible the shackles of regulation that would undermine an important policy goal of promoting innovation in the United States.
2.2 Main purpose
Even if a Web3 application is not for profit, its primary purpose may be important and may have significant implications for regulation. If the app is specifically designed to facilitate regulated activities, it can be assumed that such apps should be regulated. In fact, many such applications may already be regulated, even if they are merely front-end websites that display blockchain information and assist users in interacting with such blockchains. For example, through its enforcement actions, the CFTC has determined that certain communication systems are swap execution facilities (SEFs), administered by a centralized entity, established for trading derivatives, and that provide enhanced functionality consistent with the SEF definition, and should be regulated. The point is, however, that other similar communication systems that feature SEFs have not been identified as SEFs because they were not established to facilitate derivatives transactions even though such derivatives transactions were conducted on such communication systems.
Based on these examples from the CFTC, one might see the difference between regulation of a front-end built specifically for derivatives trading protocols (such as the much-maligned Ooki protocol) and a decentralized exchange capable of permissionless listing and trading of any digital asset. Exchange front-ends (such as the Uniswap protocol) are regulated differently, while simple blockchain explorers (such as Etherscan) should be regulated most permissively. This different regulatory treatment makes sense, as the main purpose of the Ooki frontend is purportedly to facilitate illicit transactions in the US, while the main purpose of the Uniswap frontend and Etherscan is to facilitate activities that are legal in nature.
However, even if an app is specifically designed to facilitate regulated activities, it may be in the public interest to exempt the app from regulation. For example, if the trading of digital assets is regulated in the United States, and all exchanges are required to register, there are good reasons why this regulation should not be extended to the full scope of an application that specifically provides users with a decentralized exchange protocol (assuming It is not operating for profit or in an early stage of development). In particular, the decentralized nature of the protocol and the nature of the application implementation may remove many of the risks that regulation was originally intended to address (per the previous section), and the potential societal benefits of enabling unfettered transactions on the Internet may Significantly exceeds all regulatory policy objectives.
Finally, regardless of whether a Web3 application is for profit or its primary purpose is legitimate, all applications should continue to be governed by the existing legal framework, with many being subject to new narrow consumer protection requirements. First, there is value in maintaining the existing legal framework for fraud and other prohibited malicious activities. But enforcement action against operators of protocols or applications that have not engaged in malicious activity violates fundamental concepts of due process and justice. Second, consumer protection regulations, such as disclosure requirements, can help inform users of the risks of using a particular DeFi protocol, while code audit requirements can protect users of an application from malfunctioning smart contracts of the underlying protocol. However, any such requirements will also need to be tailored to enable Web3 applications and their developers to comply with, if not control over, the decentralized protocols they provide access to.
3. Significance of the Constitution
Regulation of Web3 has potential constitutional implications, and there is every reason to believe that the courts will ultimately defend Web3. While today's constitutional arguments in defense of Web3 focus on the single issues raised, they all herald a series of debates about the nature of individual, collective, and state sovereignty, as well as important national and global laws.
Now, consider these trends and corollaries. While they are framed by the U.S. Constitution, they are largely similar to those of other constitutional and international legal frameworks:
- Many people believe that the First Amendment protects software developers because code is speech. So is the right to trade in cryptocurrencies included in the First Amendment? Does freedom of association include a fundamental right to on-chain privacy?
- Many also believe that the Fourth Amendment may protect DeFi protocols from having to meet the burden of using intermediaries to collect KYC information or meet regulatory compliance. Do people have the right to security in their on-chain identities, games, social networks, and assets from unreasonable searches and seizures (e.g., by expanding the global civil asset recovery regime)?
- Recent case law further suggests that without specific mandate from Congress, it may be unconstitutional for regulators to expand their jurisdiction to cover Web3 rulemaking. What would a multi-agency collaboration to ensure constitutional norms, transparency, legitimacy, and ultimately effectiveness look like? This applies not only to the SEC and CFTC, but also to the US Treasury, Federal Reserve, FTC, DOJ, and regulators around the world.
All of these discussions are realistic and raise basic civil rights issues. In any case, however assertive these constitutional challenges may seem, their impact remains uncertain. It would therefore be foolish for players in the Web3 industry to refuse to participate in the development of policy, or to reject all regulation on the grounds that the Constitution will protect Web3, even though that protection may not ultimately materialize. Web3 industry players must work with policymakers and regulators to shape regulatory policy and rely solely on the courts to uphold constitutional rights against specific excessive overreach.
Given the potential for constitutional challenges, the governance of Web3 needs to be carefully crafted. Otherwise, policymakers’ well-intentioned efforts to provide industry with regulatory transparency may inadvertently create greater uncertainty as unconstitutional. Furthermore, rulemaking by regulators needs to be taken seriously and openly addressed on the basis of a complete cost and benefit analysis, rather than being regulated through opaque enforcement actions or mirrored within broader existing regulatory statutes.
4 Conclusion
Effective governance of Web3 applications is a major undertaking. This requires a reassessment of existing regulatory schemes, a deep understanding of Web3 technologies, and a delicate balance of policy goals. Doing these things is critical. If Web3 applications are still subject to the existing regulatory framework of existing traditional businesses, and there is no room to re-evaluate the differences in Web3 technologies, then the development of the Internet in the United States will stagnate. Outdated “red flag laws” must be revisited, and new regulations must be implemented to meet policy goals.
This process must begin by establishing clear policy goals for Web3. Importantly, these goals need to be tailored so that the societal benefits created by Web3 technologies far outweigh their costs. This does not require eliminating the possibility of Web3 technologies being used for illegal activities, but it does require measures aimed at reducing the risk and disincentive of illegal activities. Subsequent installments in this series will explore how to further curb illicit activity, as well as other important topics related to Web3 policy, including discussions of specific regulatory initiatives, the differences between applications and protocols, and the importance of US leadership.
Ultimately, leveraging Web3 technologies and their ability to transfer value at Internet speeds will lead to many new forms of native Internet functionality and the creation of millions of new Internet businesses. Doing so, however, requires careful application of regulation to support innovation and limit the creation of unnecessary gatekeepers. To achieve this goal, policymakers, regulators, and Web3 players should continue to engage in respectful, open, good-faith, and thoughtful discussions.
5. Write it at the end (regulatory application, not protocol)
After the above long speeches, I believe that I have some understanding of the Web3 regulatory framework proposed by a16z. But the question I have been thinking about is: Does the decentralized application of Web3 (more specifically DeFi) really need to be supervised by government agencies, and whether this violates the original intention of our ideal Network State. For the DeFi economic system in the Web3 world, innovative technologies such as on-chain auditing, DAO regulatory governance, and privacy applications can all become an innovative way to deal with Web3 regulation. The future is bright, LFG!
——END——
This article is for reference only and does not constitute legal advice. I hope this article will be helpful to you.
Reference:
Marvin Ammori, Decentralized Finance: What It Is, Why It Matters
https://future.com/what-is-decentralized-finance/
Miles Jennings, Regulate Web3 Apps, Not Protocols
https://a16zcrypto.com/web3-regulation-apps-not-protocols/
a16z, A Proposed Framework for International Regulation of Crypto-asset Activities
https://a16z.com/wp-content/uploads/2022/12/Andreessen-Horowitz-%E2%80%94-Response-to-FSB-RFC-12.15.2022.pdf
Miles Jennings and Brian Quintenz, Regulate Web3 Apps, Not Protocols Part II: Framework for Regulating Web3 Apps
https://a16zcrypto.com/regulate-web3-apps-not-protocols-part-ii-framework-for-regulating-web3-apps/
