The Fall of Plato's Crypto Republic

The anger post Great Financial Crisis which first raised its voice with the Occupy Wall Street movement is at least in part behind the excitement behind DeFi. The argument goes like this: by putting people in control of their money, and eliminating middlemen, we will achieve a Utopia of financial freedom, and the money unlocked from the intermediaries will flow into the hands of the people. Rules and regulations, in this vision, are paternalistic, legacy shackles that simply serve to perpetuate the status quo. Know-Your-Customer and Anti Money-Laundering screening and credit scoring are just obstacles to keep out the unbanked. Limitations on registration of securities and their solicitation impede the flow of capital and enrich those fortunate enough to be able to invest in an IPO or a hedge fund. Requiring disclosures for option trading or use of margin and limitations on leverage take powerful tools out of the hands of the many but leave them in the hands of the few.

There is an element of truth to this. Regulations can form a competitive moat. Just as the rules that dictate what a paralegal or nurse practitioner may or may not do vs. a lawyer or a doctor are positioned as customer protections but not coincidentally also protect the higher salaries of those professions, investor protections also restrict who can and cannot participate in finance, and on what terms. My concern is that people animated by a desire to slash the protections of the few are rather casually throwing away the lessons learned in decades of regulation and legal precedent. Front-running, spoofing, pump-and-dump, fraudulent issuance, aggressive selling of eye-watering leverage levels and all the rest are not innovations or unique to crypto trading. We seem to be stuck between a rock and a hard place here: which do you prefer, abuse of the credentialed few or abuse by many charlatans? Is this really the only choice?

Unfortunately, relying on the recent idea that “code is law” is not enough. Code, like the law itself, is mutable. Whatever governance you put in place, whether conventional or decentralized, at the end of the day a person will commit a line of code, a code reviewer will sign off on it to merge to the main branch, and perhaps a security auditor will review it subsequent to that. As Vitalik Buterin pointed out, limited participation in governance token voting makes this particularly problematic. Want to blow an economist’s mind? Tell her that in tokenomics you can vote on the inflation rate. Her very next question will be: how much does it cost me to rig the election? Developers are not benevolent philosopher-kings, and pretending like a developer will behave like one in the face of what could be tremendous financial temptation is dangerous. When code is law and money is programmable, the power to alter the code is everything.

Again, this problem is not new. In a capitalist democracy with weak protections against using money to influence politicians, monopoly profits can be used to fund changes to the law that protect or even extend the monopoly. Governments can even use financial repression to reduce their debt burdens. Think capitalism is the problem here? Prefer Communism? In a society with an all-powerful state, the value of influence over the state’s decisions is incredibly high. It is worthwhile to outright buy a sinecure as a civil servant for the corrupt dividends that will surely accrue to your position over the years. There is a reason the Chinese Communist Party resorts to extreme violence, up to and including execution, to try and discourage corruption, and yet they still cannot stamp it out. The rot is pervasive when the money you can make from changing the law helps you make even more money.

That the law is encoded in a smart contract, in the face of that reality, is neither here nor there.

What, then, is the answer? Clearly regulations based on laws dating from the Great Depression need to be updated, though many of the rules are already sufficient to support enforcement action against the worst abuses. There has to be plenty of room to experiment, but there can be a balance: by clearly stating what is out-of-bounds and subject to enforcement action and identifying areas where they are still exploring and want to see how innovation plays out. An example: I think most AMM-driven swap exchanges on DeFi deserve a sandbox for innovation; I don’t think margin trading or derivatives deserve much room at all at this time, because combining illiquidity, volatility and leverage is a recipe for disaster both for markets and individuals. I could be wrong and various national regulators may draw lines in different places, but the lines should neither wall off all of DeFi nor allow financial abuses to run rampant.

Greater personal accountability for software developers in fintech is worth exploring too, though. Some years ago FINRA started requiring that developers of algorithmic trading systems in the U.S. be registered as traders. This recognized that the power dynamic between a trader and a software developer can be problematic: if told to code up a subtle change to allows for front-running, an unlicensed developer may not even recognize the regulatory implications of the change, and if he or she does, may not have the leverage to push back. By connecting that developer’s license to the code in much the same way a civil engineer signs a blueprint, you eliminate both the “I did not know any better” defense and give that developer a reason to say no. If you could be sanctioned and even banned from the industry for saying yes, you have a much stronger position: nothing focuses the mind like the prospect of a hanging.

I am very nervous about a blunt or literal application of this idea, especially given the professional association problem mentioned previously. You risk putting a great deal of friction in fintech and create artificial scarcity of licensed developers which will surely enrich the licensed few to a degree but will compound the already tight market for talented developers. Part of the magic of software development is it still retains much of its apprenticeship culture from the early days, and while computer science degrees dominate hiring they are not a professional credential that blocks access to the industry.

There are however ways to apply the concept with a lighter touch with some ideas from blockchain itself. Smart contract deployment could incorporate a digital signature mechanism linked to an on-chain digital identity. Each signer — developer, code reviewer, security auditor— could add his or her signature to the contract at deployment time. Unsigned contracts might require higher gas fees or at least be flagged prominently in block explorers. DAO-based non-profits working in partnership with regulators might emerge which provide independent auditing and classification of incidents involving specific smart contracts, highlighting the linkage to those who signed it. Like FINRA’s BrokerCheck, such a DAO might even offer a DApp which lets you look up an individual and see all the incidents linked to his or her work, or look up a smart contract and see who stands behind it.

In a more radical form, employers of protocol developers might even stake governance or utility tokens against a smart contract linked to their digital identity and an oracle providing independent confirmation on incidents. Penalties — similar to slashing of ill-behaved validators on blockchain — could be applied automatically in case of serious incidents. A developer’s employer might even create a smart contract that automatically unlocks two years post-deployment to allow for retroactive claw-backs. If the developer, reviewer or security auditor’s work was sound and the DeFi protocol thrived, the now-appreciated tokens could at that point be exchanged for stablecoins or other tokens, offering that person a bonus for his or her professionalism.

This model, built on transparency, personal accountability, incentives, self-regulatory organizations and blockchain technology might offer us a way forward. And a way forward is truly needed: the prize on offer is a more efficient, more broadly accessible and more functional financial system that manages trillions of dollars in digital and real world assets safely and securely. With such a solution, or one like it, the philosopher kings could retire to sit under their fig trees and vines, their services no longer required to ensure the integrity of the financial system.