Letter from Steven Hatzakis, Head of Blockchain Expert Committee

/Letter from Steven Hatzakis, Head of Blockchain Expert Committee
Letter from Steven Hatzakis, Head of Blockchain Expert Committee2019-01-10T16:07:33+00:00

Dear BEC Committee Members,

It’s a great pleasure to greet you here formally as we move forward with supporting Financial Commission’s newly launched Blockchain Association, under the Blockchain Expert Committee (BEC) which will help process complaints and develop standards while engaging with Association members on common themes and crypto industry challenges.

2018 was a challenging year for digital assets, yet much was learned and the industry is continuing to evolve rapidly. I am pleased to join you to help lead the BEC towards its mission to support the Blockchain Association, and look forward to engaging with you all in this new year. Below is an overview of the BEC and some further context that can be used as a basis for our discussions and we welcome your feedback and participation.

Dispute Resolution Service

As noted in a recent announcement, the BEC will review and process complaints filed by members of Financial Commission’s Blockchain Association. Such complaints will fall into one or more categories as follows:

Transactional: issues with the speed or actual processing of an off-chain blockchain transaction involving digital assets, on its way to being processed on-chain or internally in the service providers own system. On an exchange, inside an e-wallet or via a forex or crypto broker.

Security:  issues arising from theft due to personal information or ledger entry data being compromised. This could be due to the service providers security systems being compromised or the customer’s own on-chain record being hacked such as due to malicious code existing in the underlying on-chain process.

Investment: cases where customer funds are transferred to a 3rd party for investment purposes: whether to convert fiat funds into digital assets (exchange) and speculate on prices (or for non-speculative consumptive use) or to trade digital assets (transfer) purchased using customer funds, as well as in a token sale (purchase).

BEC Thought Leadership

Financial Commission’s various dispute resolution services, such as the primary one it provides for foreign exchange (forex) markets, has been in use for over five years and the process has steadily been refined.

While that framework will be the foundation for the BEC, it has been adapted for digital assets which have unique characteristics, unlike other asset classes, as digital cash is comparable to a bearer-instrument (i.e. whoever knows the private key, has access/physical possession to the funds). This positive attribute is also one of the causes of challenges to service providers, including the complexity of custody and proper handling and storage and transference of crypto assets.

We welcome BEC fellow member’s feedback and looking forward to expanding on these talking points and gathering responses from Association members, as we focus on the above themes and the three categories in which complaints will fall into. Committee members have access to post their views, related to relevant themes important to the Blockchain Association on Financial Commission’s Expert Opinion column.

Oracles and Human Arbitrators

Dispute resolution solutions are being piloted within blockchain networks across the world, thanks to the use of multi-signature schemes, escrow solutions, and other smart contract-based applications, yet these often rely on external parties such as oracles, which are ultimately fed by human decisions, when a dispute arises and resolution is needed.

While I don’t expect that any one organization or association can solve all the market challenges in the blockchain industry, I am confident that this dispute resolution service that the BEC supports will play an important role to deliver value to members and their end users across the globe, and as the adoption of digital assets continues. Especially, as we focus on the three key categories above, which I expect to be further refined over time.

As this process will steadily evolve, alongside Financial Commission’s other dispute-resolution services for non-blockchain asset classes, we look forward to leading the BEC towards its mission of providing fair and non-bias dispute resolution using Financial Commission’s complaints processing technology and proven framework.

Blockchain Background

Financial Commission first engaged with blockchain technology providers in 2015 and recognized the importance of developing best-practices for crypto exchanges which share many parallels to foreign exchange markets and technology used by forex brokers. However, the added complexity of cryptography-related cybersecurity requirements including crypto asset custody introduce additional challenges.

As a result, the platform technology certification services that Financial Commission offers, expanded into other asset classes and digital assets were a logical next step as many brokers started to utilize crypto trading platforms and offer digital assets through their existing platforms.

Financial Commission also spearheaded the ICO Certification Committee (ICC) last year, which successfully helped two projects launch, by demonstrating their compliance to a list of nearly 200 requirements, ranging from smart-contract audits to extensive organizational due diligence.

And although the ICC project had recently ended – given the regulatory complexity of token sales across jurisdictions, much was learned from that process, and now the BEC together with Financial Commission’s Blockchain Association, is the next-generation solution which fits perfectly with its existing member-based dispute resolution services available today.

Competing Narratives

There is profound interest in Blockchain technology around the world, yet there is also a profound amount of hype. From simple schemes to highly complex scams, in between, there are multitudes of competing narratives as to blockchain’s potential and purpose, and it can often be hard to differentiate one project or solution from another.

Projects and their owners can also suffer from imposter syndrome on one side of the extreme, and be underrated, while on the other side of the spectrum there are a multitude of projects more comparable with grandiose delusional disorder, where claims are made about breakthrough inventions.

The rush to make a ‘working’ product doesn’t always define success, such as if the result is like a “Rube Goldberg machine” and unnecessarily complex. Yet the paradox here is that many crypto processes are necessarily complex for the sake of maintaining cyber security that cryptography can provide.

Add the profound difficulty even for industry professionals to agree on token classification, as definitions are being framed and re-contextualized, including argued in court and proposed in new political bills. The below rudimentary chart is an example (not to be relied on for accuracy) of how tokens could be classified:

Discussions about token classification are often the focal point of arguments between academics, lawyers and industry figures, such as comparing private and public blockchains and various hybrid approaches. However, end users suffer the most from lack of information, leaving them most at risk for navigating the blockchain landscape and crypto assets. This includes the user experience when using complex software, to access digital assets which are highly complex financial products.

As I am writing this article today, I was just reading a medium article from Sarah Gregory about Coinbase Learn, which lists five major themes that beginners had the most questions about. Education is probably the biggest opportunity within the era of digital assets and making that knowledge part of the user experience and platform interface (is the goal).

Optimizing for Security (Consumer Protection)

Blockchain technology service providers and developers face a multitude of challenges as well, whether offering a non-custodial wallet, distributed Application (dApp) or brokerage exchange technology, decisions related to UI/UX can often be critical, such as in cases when security and privacy are not given first priority, above all else.

For example, a major browser company – Opera, just launched a crypto wallet as a native feature in its mobile browser app, yet appears to have given priority to the user-experience over security in its initial iteration, by allowing users to access the wallet and its functionality, before assuring that the wallet recovery phrases have been duly backed-up by the user, as other apps will quiz users before they can log into the wallet to ensure a back-up has been made.

https://twitter.com/shatzakis/status/1073194285045039104

Such a subtle nuance, in terms of the ordering or sequence of steps in a customer journey, can be the difference between funds that are recoverable versus permanently lost.

The dilemma is that the most secure process might be the least friendly and lead to bad customer experience, whereas a smooth user-experience that doesn’t prioritize security can also lead to bad customer experience in the event funds are lost or unrecoverable.

In both cases, a consumer might seek remedy for feeling wronged about their interaction with the service. We believe the opportunity rests within prioritizing security while educating consumers, and that starts with project stakeholders including marketers who are responsible for communications with the public, as well as product designers.

Token Sales, ICOs and Security Tokens

In addition, entrepreneurs seeking to use blockchain technology as a means to raise non-dilutive financing must understand the responsibilities they undertake to the project’s underlying token holders, where funds raised must be used to build products that will benefit those users.

And in the case of a security token, founders should be honest with the investors as to whether the token is just a permanent digital stock certificate, or if the underlying project has the intention and plans – at its beginning – to eventually become a public utility and decentralized, where the project founders would divest away their interest and the token could transition into a commodity (such as in the case of Ethereum, Bitcoin and other public-blockchain crypto assets).

A great example of integrity in such a case is where the Basis project decided recently to return investors funds after not being able to design their stable coin token mechanics in a manner that would be compliant with the regulators. In cases where funds raised are not via a securities offering, the onus on founders is even higher to keep token holders in mind, even if they have no rights on paper (where funds obtained are akin to a donation to a non-profit foundation) the community expects founders will use the proceeds for the best interest of the protocol development.

This is where the subject of governance becomes tricky, but this helpful diagram below that I came across from this article on Medium breaks down the differences between human versus machine-driven governance.

(source: Medium)

Comparing the traditional structure of the firm with the complex structure of public blockchains and their initial project sponsors can be seen in this graphic I created in response to a Tweet by one of Ethereum’s core developers, Vlad Zamfir:

Standards and Leadership

2018 was an amazing year when it comes to how the broader blockchain industry self-organized and adapted to establish and explore various best-practices. Numerous self-regulatory initiatives, such as The Brooklyn Project (which I support) and lobbying groups and crypto associations gained momentum and engaged with regulators and other stakeholders.

And while scams evolved too, along with hacks and malicious actors, market participants learned the hard way and became more nimble when assessing white papers and opportunities. This is a positive sign that users are maturing, yet many were left with a bad taste in their mouth after getting burnt by overhyped token-sales.

Thankfully, many high-quality news and research reports from sites such as Messari Crypto, The Block, Coindesk, and others including venture capital investment firms, provide data for the industry to assimilate, where the expectation is that any bias in the data has largely been removed from the final content (and disclosures are made where ‘potential’ conflicts of interest exist).

At Reink Media Group (RMG) where I lead ForexBrokers.com, at the group level our ethos is “People before profits” which is reflected in the quality of research and reputation RMG brands have established in the industry, including StockBrokers.com, and investor.com, to name a few.

Self-promo aside, in the era of self-regulation in any industry, beyond innovation, integrity is what helps forge market leadership, especially in a bear market when profits disappear and brand loyalty is tested.

As crypto assets were battle-tested in the bear market of 2018, this helped lead to newer standards and rules and regulations as well as laws in different parts of the world related to blockchain, and as companies focus more on product development, instead of marketing and token sale hype. The need for balanced communication and transparency are key.

Financial Commission is ideally positioned to cater to the crypto exchange and wallet community, given its experience working with online brokers and platform technology developers.

The inclusion of wallet providers and Dapp developers is a natural extension of markets to cover, as these components are integral “layer-two” parts of the eco-system, just as crypto trading is, whether trading the underlying or a derivative.

Identifying the behaviour of market leaders in these three areas including exchanges, wallets and Dapps, helps provide a basis for talking points with members, whether related to private key custody, security, privacy, compliance, and other blockchain and fintech themes.

Open-Source and Commercialized IP

Distinguishing from open-source, closed-source and mixed-source technology is another important part of helping users understand where transparency is crucial, whereas, in other cases where it is not mandatory in parts of an application that is not security-dependent.

For example, many providers may wrap a closed-source UI around an open-source blockchain solution, which enables them to monetize their app while protecting their IP, and so long as the open-source components are transparent and visible, security can be audited, even as the closed-source parts are hidden (provided that nothing security-dependent happens in the closed-source section that cannot be verified to remain safe).

As companies fund the development of open-source protocols and applications, such as via Gitcoin (a project I support) transparency becomes a prerequisite throughout the technology stack, and public scrutiny helps the vetting process, such as to avoid hacks like the recent Bitcoin Private exploit uncovered by Coinmetrics.

This vetting process must extend to any 3rd party libraries that software depend on, which can become vectors for malicious code to be introduced if a rigorous process is not in place, such as the Event-Stream npm package which recently affected a major wallet provider’s software with malware. These events can be hard for some to distinguish from sophisticated phishing also carried out through various vectors such as the messaging channel in the Electrum wallet which was used recently by a hacker to dupe users for at least $1m in crypto, after they were prompted to download a fake update.

https://twitter.com/shatzakis/status/1078417393658011648

For code that is public, examining repositories on sites such as Github is an important part of the open-source process, here is a great example of how Bitcoin Core does it, by Jameson Lopp. In the age of digital assets, beyond licenses, the user agreements which governs the relationship between client and software has literally become the code (see Open Law for examples). But until we get to that future state of automation, dispute resolution still largely relies on human experience and discretion, and it is my hope that the BEC will help support that process as technology evolves even if eventually replaces the need for human discretion in the process. Until then there is still much work to do.

Association member resources

To learn more about membership benefits with Financial Commission’s Blockchain Association, click here. The BEC has gathered recent research reports including from academics, media, venture capital firms, and nation-state regulators across the globe, for the purpose of building a repository of information resources for the BEC and the Blockchain Association members.

Sincerely,

Steven Hatzakis

Head of the Blockchain Expert Committee