技术视角:证券型通证需要专属的区块链吗?
Should There Be a Blockchain for Security Tokens?
作者:Remi Gai
编译:Aaron Lau Ran Wei
八维研究院原创,转载请注明出处
一、介绍
Security Token的产业链条目前虽然仍处于初级阶段,但已有不少的创业公司把它看成是可用来彻底革新传统金融生态系统的工具。从传统资产到通证化资产的过渡涉及到对技术和合规性的一系列要求,使得当中的通证化过程比过往简单地按照ERC-20协议执行的爱西欧更复杂和高维。
在这份研究里,八维资本将讨论把证券通证化的各种要素以及相应的挑战,评估不同解决方案的优缺点,并围绕未来几年相关产业链条将如何演变这议题来陈述我们的观点。
首先,一个资产的通证化应该能够在区块链上展示以下关键属性:
1. 标示资产:作为资产的虚拟化表示。
2. 资产的所有权:资产所有者的身份。
3. 资产合规性规则:管理资产所有权和交易的一套监管和合规性规则。
其他的优质属性还包括隐私性、可编程性、治理权、可披露性、流动性和可扩展性。智能合约引入了可编程性,使得一些更复杂的资产,如债券、商品或衍生品等等的编译变得可能。比如说,对房地产投资信托(tREIT)进行通证化会涉及一个可交易单位内的一系列房地产债务和股权资产问题。有了智能合约,当中复杂的动态比如风险,再平衡,债务违约就得到了技术支撑,而不是单单只能处理所有权。
目前,隐私性和合规性似乎是启动STO的最主要挑战。传统金融证券是由中心化的管理机构监管及控制,并严格遵循像GDPR,SWIFT和FINRA给出的相关规章内容,以保障投资者的隐私和利益。根据司法管辖区的不同,投资者必须通过严格的KYC认证和反洗钱(AML)流程才能合规、合符资格地投资和交易证券。然而,由于加密货币具有无国界性、点对点、公开性和去中心化的性质,通证化资产和合规性之间就存在些摩擦。
比如加密货币带有匿名性,其中投资者的地址并不直接反映他们的真实身份。但是,FINRA和SEC要求投资者的身份是可被知晓的,而且相关公司或交易所会定期报告其交易和持股情况。在通证化证券的领域,通过KYC和AML的合格投资者名单将不得不依赖第三方去将其真实身份与其地址联系起来。只有这样,投资者的地址才能一如自动符合指引要求的那样,能用在投资和交易上。另一个例子是,德国的法律要求由德国发行的通证化资产数据只能在德国和德国关联方之间进行交易,而不能离开其司法管辖区,但这就与目前公有链上遍布各地的数据节点存储相矛盾。此外,投资者的隐私井无法完全保障,因为所有的交易及通证持有记录在链上都是可见的和可追溯的。
要从旧有系统过渡到通证化系统,这些挑战都需要被解决。现时一些发行平台正提供证券通证化的解决方案。我们将它们分为三类:基于以太坊上协议的方案、以太坊上的侧链方案,及证券型通证区块链的方案。接下来,我们将分析这些解决方案的优缺点,并讨论未来相关的可能演变。
二、基于以太坊上协议的方案
目前,最前沿的Security Token发行平台,尤其是Securitize,Polymath和Harbour,它们正在现有的以太坊基础上构建他们的解决方案。而STO必须通过它们自身的通证化协议,分别是DS-协议,ST-20和R-Token才能发行。这些项目的进行有如存在一个中心化组织,并需要与验证KYC和AML等合规性的相关第三方组织共同运作。
以太坊于2015年发布,是第一个也是安全性已被验证的具有智能合约的区块链,这使得在区块链上编译更复杂的应用成为可能。在现有的区块链上发行STO自然有它的好处,比如可以更充分地协同利用目前不同的协议、工具、开发者社区资源和优秀的智能合约功能。智能合约也可用于定义交易规则、治理规则以及股息机制。
另一方面,以太坊上的地址带有匿名性,其中通证持有者的身份被隐藏,这导致和合规性要求之间的摩擦。要解决这问题,发行平台必须通过以下方式去验证投资者实际拥有其对应的地址:1)要求投资者提交其地址并链接回他们的电邮。2)平台直接为投资者创建地址。3)利用地址验证工具(像Vertalo提供的那样),要求投资者通过Metamask进行微交易来验证地址的所有权。在所有投资者都经过验证后,已批准的地址列表(即白名单)将包含在用于通证发行的智能合约中,符合指定条件的投资者可以进行投资、交易或其他交易许可。至于之后的投资者的新增或减少,智能合约须通过各种机制以进行更新。
此外,由于以太坊是通用的区块链,它并没有专门为ST而设的功能。在以太坊可以通过ERC-20表示部分所有权,以及通过智能合约实现限制转让和简单的股息机制。然而,为了适应旧有系统、标准的证券法和更为复杂的用例(如债务、衍生品、披露和投票),这还可能额外需要大量的再开发工作,特别是考虑到原生智能合约的设计基础限制。
而且智能合约自身也是自我受限的,因为部署更复杂的用例往往需要更复杂的智能合约,因而成本更高。另外其可移植性也受到了限制,因为Solidity不能用到其他区块链的智能合约上。从整个STO的规模化来看,不管是在进行交易方面、构建新功能方面,还是系统在提供信任方面都可能会受到影响。
三、以太坊上的侧链方案
目前已经存在一些以太坊侧链解决方案,包括POA Network、Loom、Skalelabs等,但我们还没有看到侧链只专注于ST。侧链是一个单独的区块链,使用双向挂钩连接到其母区块链,最终在母区块链和侧链之间以预定比值实现资产的可互换性。
专门用于以太坊上的侧链可能是个有趣的替补方案,因为它可以在某个隔离的环境下进行某些特定的计算,然后再将结果返回主链。由于并不是每个流程都需要全在链上进行,因此诸如披露、合规性、投票/治理、外部资源的整合等等都可以通过侧链实现,从而在安全使用以太坊的同时使得主链在某程度上更具可扩展性。此外,围绕隐私性的问题也可以通过侧链来解决。而且创建侧链的成本、时间和精力也远远低于去创建新的区块链。侧链还允许加密货币间的交互性。例如,发行人可以在主链上主推某些通证之前,先在侧链上进行相关的测试。
侧链的缺点出现在其安全性的要求方面。侧链需要他们自己的矿工,如果没有足够的算力支撑,那这些链原则上很脆弱。因此在最开始我们就需要足够的矿工来帮助确保侧链的安全。此外,主链和侧链之间还需要指定公证。这个被指定的中心化公证有权锁定和释放通证,从而具有潜在攻击或被贿赂的风险。
四、证券型通证区块链的方案
以证券型通证为重点的区块链可以帮助解决围绕隐私性和治理权的一些最基本挑战,以及改善信任问题和可扩展性。Ami Ben David曾参与Securitize的项目、同时亦是Spice VC的联合创始人兼董事总经理,他是「为证券型通证创建区块链」这想法的主要支持者。他最近推出了他的新项目Ownera,该项目提供了一个专注于证券型通证的、新式的区块链基础架构。
这架构牵涉到由金融和商业实体相关的专家(例如有美国证券交易委员会资格核准的)组成的节点,他们了解证券的法律后承,并被授权进行所有权管理、KYC、KYA以及交易项目。在所有权证明系统中,所被选择的初始节点负责进行KYA(KYA是一整套完整的文件,从法律层面定义了链下资产的所有权、通证持有者的权利),节点将资产文件上传到区块链并将所有相关的交易写入区块里。作为帮助验证其交易的回报,节点将从相关资产里一直获得奖励。在架构里,只有初始节点才能访问细节,从而考虑了投资者的隐私性问题。持有者和资产还可以根据需要来管理其所属的隐私级别。此外,让特定节点验证交易使更高的交易速度成为可能,这就提供了更具可扩展性的基础设施,用以支持像传统交易所(如纳斯达克)所需的大量交易需求。
Ownera还计划提供一个包含监管用附加组件的开源监管库,涵盖每个地区、资产类型等的特定规定。任何资产都可以选择启用哪些规定,从而节省了不同协议得自己走一遍各自的流程的工作量。此外,相关使用者亦不用再忙于支持不同的发行协议,而是可以直接使用证券型通证的专属区块链了。在区块链层次上专门针对证券型通证进行优化的新共识模型是可被编译,而不是像现有那样得在区块链的基础上再搞一些新的共识机制。
虽然新式区块链听起来可能是个更好的解决方案,但新式区块链需要花费大量的精力和时间来构建,这意味着在构建任何相关的应用程序之前还可能得先等个数年时间。新的区块链还需要为自身设计新的加密货币以激励网络上的参与者。当中的通证经济学必须被设计及定义清楚以确保系统的可持续性。另外,当新式区块链一旦被部署,相关的可行性和安全性也将随着时间推移而被检验。当然,开发者社区及工具的开发也须从零开始。
五、结论
目前大多数解决方案都是建基在以太坊上协议的方案,另外也有一些新项目正在开发以ST为重点的区块链。由于我们正处于STO革命的早期阶段,所以我们认为上文提到的隐私问题需要在不同的阶段、经过一定时间才能得到解决。最开始,隐私的解决方案很可能是链下的,严重地依赖于可信赖的中心化管理机构。这些机构可以访问投资者的信息并将其保存在本地。此后,基于侧链的隐私解决方案可以将数据进行切分,从而将它们从整个公有网络上隐藏起来。最后,隐私解决方案可以直接在更专门的证券型通证区块链上实现,并允许持有者与相关资产其隐私访问级别可被管理及控制。
到目前为止,在发行方面的方案都是基于以太坊的协议(用于更简单的通证化用例上)。虽然我们认为未来会出现更多更专门的区块链,但这并不意味着以前基于以太坊的协议是没有价值、或者终将被淘汰。例如如果成功实施了ZKP(零知识证明)技术或Bulletproof等隐私解决方案,那么公链的隐私问题也可能在未来得到解决。参与相关工作的公司包括Zcoin和Ernst&Young(EY Ops Chain Public Edition prototype)。如果现有协议被证明为更好的,也可以尝试被移植到不同的区块链上。比如说Securitize的第一个协议想用于以太坊,而且他们还计划将其模型架构移植到其他的分布式记帐系统。
顺带一提,Union Square Ventures最近引入了一种有趣的关系理论以解释技术架构和应用程序之间在发展过程里存在的相互刺激。而我们认为ST亦将以类似的方式发展: 像是在特定的垂直领域(例如房地产)出现突破性的应用,从而激发新协议或区块链的开发,从而用于相关应用的规模化。
这个过程将在与证券相关的不同垂直领域里不断重复。而随着时间的推移、随着不同用例的开发被充分探索和理解,一个更为强大、可扩展的、适合所有协议或区块链的平台将会出现,大概相当于证券界的AWS。
目前,我们仍处于建立证券型通证生态系统的早期阶段。其中在发行方面的不少方案都仍在开发和测试中。我们认为从技术和监管角度来看,STO的生态系统至少需要4年时间才能实现增长和成熟,从而实现从传统证券系统到通证化系统的一个可持续的过渡。在生态变得更加成熟之前,大多数ST的早期用户将更多的来自加密货币圈而不是传统的金融圈。随着明年不同的STO及交易所的推出,我们预测在缺乏流动性方面和实施更复杂的用例及证券法方面,将使我们更实在一些,并减少对STO的炒作和整体期望。随着时间发展,更有效的技术和新的规定将出现,并有助于推动来自传统的参与者的增长和接受程度。
Should There Be a Blockchain for Security Tokens?
Author:Remi Gai
Introduction:
As the hype for Initial Coin Offerings is weakening, the attention is now shifted toward the Security Token (ST) industry. The ST industry is currently at its nascent stage, in which many startups are trying to revolutionize the traditional financial ecosystem. The transition from traditional assets to tokenized assets involves a set of requirements on both technological and compliance perspectives, making the tokenization process more complicated than simple tokenization through ERC-20 like we’ve seen for ICOs in the past. In our research, 8 Decimal Capital will discuss the various components and challenges in tokenizing securities, evaluate the pros/cons of other solutions, and create a thesis around how the space could evolve in the next couple of years.
From a fundamental perspective, a tokenized version of assets should be able to demonstrate these key properties on the blockchain:
The underlying asset: the virtual representation of the asset.The ownership of the asset: the identity of the asset owners.The compliance rules of the asset: the set of regulatory and compliance rules governing the ownership and transaction of the asset.
Other desired properties include privacy, programmability, governance, disclosure, liquidity, and scalability. Smart contract introduced programmability, allowing the implementation of more complex assets, such as bonds, commodities or derivatives. For example, Tokenized real estate investment trust (tREIT) involves a series of real estate debt and equity assets in a single tradeable unit. In this case, smart contracts can support for complex dynamics such as risk, rebalancing, debt defaults, in addition to just simple ownership on the blockchain.
Currently, privacy and compliance seem to be the major challenges in launching STOs. Financial securities are currently regulated and controlled by centralized authorities, following strict regulations such as GDPR, SWIFT, and FINRA, who ensure the privacy and protection of investors. Depending on the jurisdiction, investors have to go through strict Know Your Customer (KYC) and Anti-Money Laundering (AML) processes to be compliant and eligible to invest and trade securities. However, due to the borderless, peer-to-peer, transparent and decentralized natures of cryptocurrency, some frictions exist between tokenized assets and compliance.
For instance, cryptocurrency uses pseudonymization, in which the investors’ addresses are not directly reflecting their real identities. However, FINRA and SEC require that the identity of the investors are fully known and their transactions and holdings are reported periodically by the companies and exchanges. In the tokenized securities space, a list of eligible investors who passed KYC and AML would have to depend on third parties to connect their real identities to their public addresses. Only then, the investor addresses are valid for investments and trades as they are approved at the code level and automatically compliant. Another example is that German laws require the data of tokenized assets issued in Germany to be traded among German parties and cannot leave the jurisdiction, which contradicts the way data is currently stored across nodes around the world on public blockchains. Moreover, privacy isn’t completely available to the investors because all the transactions and token holdings are visible and traceable on public blockchains.
These challenges will have to be solved for the legacy system to transition into a tokenized system. Currently, a few issuance platforms are offering solutions for tokenizing securities. We have divided them into 3 categories: Protocols on Ethereum, Side-chains on ethereum, and a Security Token blockchain. Next, we will analyze the pros and cons of these different type of solutions, and discuss how the space could evolve.
1) Protocols Built on Ethereum:
Currently, the most advanced Security Token issuance platforms, notably Securitize.io, Polymath and Harbor, are building their solutions on the top of existing blockchains, with Ethereum being the most utilized blockchain. STOs are issued through their token standards, respectively DS-Protocol, ST-20, and R-Token. These projects are operating as centralized entities and working with third-party compliance validators for KYC and AML.
Ethereum, released in 2015, is the first and most proven secure blockchain with smart contract capabilities, allowing for more complex use cases to be implemented on the blockchain. Issuing STOs on the top of an existing blockchain does have its benefits, such as having access to the interoperability among different protocols, existing tools, developer community, and smart contract functionalities. Smart contracts can be used to define trading and governance rules, as well as dividend mechanisms.
Figure 1: Pros and cons of protocols built on Ethereum
On the other hand, addresses on ethereum are under pseudonyms, in which the identity of the token holders is hidden, causing friction with compliance. To solve this problem, issuance platforms have to verify that the investors actually own the addresses themselves by 1) Asking the investors to submit their addresses and link back to their email 2) Create an address directly for the investors 3) Utilize an address verification tool (like the one provided by Vertalo), in which the ownership of addresses are verified by asking investors to conduct micro-transactions through MetaMask. After all the investors are verified, the list of approved addresses (whitelist) is included into a smart contract for the token issuance, specifying the list of eligible investors for investing/trading as well as other trading permissions. For any new addition or subtraction of investors, the smart contract will have to be updated through various mechanisms.
Additionally, Ethereum is a general purpose blockchain, which doesn’t have functionalities specifically catered towards the needs of STs. Ethereum can easily represent fractional ownership on the blockchain through ERC-20, as well as transfer restrictions and simple dividend mechanisms through smart contracts. However, adapting to the legacy system, standard securities laws and more complex use cases such as debt, derivatives, disclosures, and voting would require a significant amount of coding efforts to bypass the challenges from the constrained code-semantics of smart contracts. Moreover, smart contracts have limitation in size due to the higher cost of deploying larger smart contracts for more complex use cases and limitation in portability as Solidity cannot be carried over to other blockchains’ smart contracts. This could impact the overall scalability for conducting transactions, building new functionalities, and providing trust in the system.
2) Side-Chain Built on Ethereum:
While we haven’t seen a side-chain focused on STs, some existing Ethereum sidechain solutions include POA Network, Loom (👽 Dilanka @ LOOM / @mcu11inan), Skalelabs (Jack O’Holleran / Chadwick Strange), etc. A sidechain is a separate blockchain that is attached to its parent blockchain using a two-way peg, that enables interchangeability of assets at a predetermined rate between the parent blockchain and the sidechain.
Specialized side-chains on ethereum can be an interesting alternative, as it can offload specific sets of computation to isolated environments then reflect the results back to the main-chain. As not every process needs to live on-chain, components such as disclosures, compliance, voting/governance, and integration with external sources can be achieved with a side-chain, making transactions more scalable while utilizing the security of Ethereum. Additionally, the challenges around privacy can be solved on side-chains. The cost, time and effort of creating a side chain are also much less than creating a new blockchain. Side chains also allow cryptocurrencies to interact with each other. For example, an issuer can test out the tokens on the sidechain, before pushing them on to the main chain.
Figure 2: Pros and cons of side chain built on Ethereum
Some of the cons of side-chains are around the requirements for its security. Sidechains need their own miners, and without enough mining power, they could be compromised. Therefore, there’s an initial requirement for an extensive network of miners to help secure side-chains. Additionally, a federation needs to be assigned by the side-chain developers to serve as an intermediate point between the main chain and the side-chains. This designated centralized group has the power to lock and release tokens, creating a risk for attack or bribery.
3) A Blockchain Focused on Security Token:
A Security Token focused blockchain can help solve some of the fundamental challenges around privacy and governance, as well as improve trust and scalability. The co-founder and managing director of SPiCE VC, who also previously launched Securitize, Ami Ben-David, is a major proponent of the idea of creating a blockchain for Security Tokens. He recently introduced his new project, Ownerna, which offers a new blockchain infrastructure solely focused on Security Tokens.
The nodes are composed of experts who are financial and commercial entities (for example. SEC approved in the US), understand the legal ramifications of securities, and authorized to do ownership management, KYC (Know-Your-Customer), KYA (Know-Your-Asset) and transactions. In the proof-of-ownership system, the chosen primary node takes care of KYA, a full set of documents that legally define the ownership of off-chain asset and the rights of token holders, stakes its reputation, uploads the asset onto the blockchain and writes all the transactions to the blocks. In return, the primary node is rewarded with the asset’s lifetime revenues for helping validate its transactions. This way, only the primary node can access the details, allowing for privacy for the investors. Owners and assets can also manage their privacy level as needed. Additionally, having specific nodes validating transactions can allow for higher transaction speed, providing a more scalable infrastructure that can support a larger volume of transactions required in traditional exchanges such as Nasdaq.
Ownera also plans on offering an open-source regulation repository containing regulation Add-Ons, each covering a specific regulation per country, asset type, etc. Any asset can choose which regulations to enable, saving the effort for different protocols that go through this process themselves. Additionally, exchanges can save energy from supporting different issuance protocols separately by directly supporting the Security Token blockchain instead. New consensus models can also be implemented to be optimized for Security Tokens at the blockchain level, instead of creating artificial consensus mechanisms on the top of existing blockchains.
Figure 3: Pros and cons of Security Token focused Blockchain
Although a new blockchain might sound to be the better solution, the creation of a new blockchain will take significant effort and time to be built out, meaning that it can take years before any applications are built out. A new blockchain would also require the design of a new native cryptocurrency to incentivize network participants, in which the token economics will have to be well defined to ensure sustainability. Also, once deployed, the viability and security of the new blockchain will also have to be tested over time. Furthermore, the development of the developer community, and tools would also have to start from nothing.
Conclusion:
Most of the current solutions are protocols built on the top of Ethereum, and some new projects are looking to develop an ST-focused blockchain. We believe that the privacy issue will take time to be solved in different phases, as we are in the early stage of the STO revolution. First, privacy will most likely be off-chain, heavily relying on trusted centralized authorities that have access to the investor information and keeping them stored locally. Next, privacy solutions based on side-chains could help segregate data into different sets, hiding them from the public network as a whole. Finally, privacy can directly live on-chain on a more specialized Security Token blockchain, which can allow owners and assets to control their privacy access level.
Figure 4: Evolution of privacy for Security Tokens
As of now, the issuance solutions offered are protocols based on Ethereum, allowing for simpler use cases of tokenization. Although we believe that a more specialized blockchain will eventually appear, it doesn’t mean that previous Ethereum-based protocols are not valuable and will go out of use in the future. For instance, the privacy issue in public blockchains might also be solved in the future if privacy solutions such as ZKP (Zero Knowledge Proof) technology, or Bulletproof are successfully implemented. Some of the companies who are exploring ways to implement ZKP on Ethereum include Zcoin Project, and Ernst Young (EY Ops Chain Public Edition prototype). The existing protocols can also transition to different blockchains if they prove to be better. For example, Securitize’s first protocol implementation will work over the Ethereum blockchain, but they also plan on transferring its architectural model to additional distributed ledger systems.
Figure 5: Evolution of Apps and infrastructure from Union Square Ventures
On a side note,Union Square Ventures recently introduced an interesting relationship theory between infrastructure and applications. We think that the space will evolve in a similar way in which breakthrough applications in specific verticals, for example, real estate, will appear first to disrupt the space and inspire for a new protocol or blockchain to be developed to allow for similar applications to be built at scale. This process will be repeated among different verticals that are related to securities. Over time, the one size fits all protocol or blockchain will emerge as different use cases are fully explored and understood, providing a more powerful and scalable platform that would be the equivalent of AWS for securities.
Figure 6: Hype cycle of the Security Token industry
As of now, we are still in the early stages of the Security Token ecosystem, in which different issuance solutions are still being developed and tested. We believe that it will take at least another 4 years for the STO ecosystem to grow and mature from both a technical and regulatory perspective, allowing for a sustainable transition from the traditional securities system into a tokenized system. Until the space becomes more mature and viable, the majority of the early adopters of STs are going to be from the cryptocurrency space rather than the traditional players. As the different STOs and exchanges launch next year, we predict that the lack of liquidity and challenges around implementing complex use cases and securities laws will bring us closer to the reality and decrease the overall hype and expectations around STOs. Over time, more efficient technology and new regulations will appear and help drive the growth and adoption from the traditional players.
