🚔 Enforcement Arrives — Issue No. 24
/đź—ž News
The U.S. Securities and Exchange Commission (SEC) charged the creator of EtherDelta with running an unregulated securities exchange. EtherDelta is a decentralized exchange (DEX), built with smart contracts on Ethereum, that allows the trading of ERC-20 tokens without counter-party risk. The developer behind the exchange, Zachary Coburn, cooperated with regulators and was handed a relatively lenient fine. He was also required to surrender the money he received when he sold the exchange to an offshore interest late last year. Regardless, this action by the SEC raises enormous questions about what it means to "operate" a platform that is fully decentralized. Link.Implicit in charging Coburn with operating an unregulated securities exchange is the fact the SEC considers some of the tokens traded on the platform to be... unregulated securities. This is yet another indication that the SEC plans to take action against projects that ICO'd during the 2017 craze. Though there were plenty of shady projects popping up in that time, there were also many genuine entrepreneurs trying to do their best amidst regulatory uncertainty. That uncertainty remains, thought the SEC promised to release "plain English" guidance on ICOs sometime "soon." Link.
As for EtherDelta case, it's helpful to understand a bit about how the exchange works. There are three components to its architecture, as Coburn once laid out in a Reddit post. First, orders on the exchange are executed on-chain by smart contracts-- no third party ever holds or controls the tokens. Second, users interact with the service through a web based UI. Finally, there is an off-chain order book server that stores and matches orders that must be cryptographically signed by the users. If they're not properly signed, they won't subsequently be valid in the smart contracts. The order book server is actually optional, as the contracts themselves allow for on-chain order lists. Utilizing the server allows users to avoid gas fees without introducing counter-party risk. Link.
While I don't usually write about regulatory issues, this one is fascinating and important because of the way it intersects with the technical aspects of DEXs and smart contract platforms more broadly. Prior to the launch of Ethereum, the world had never seen something like EtherDelta-- an "app" where the business logic was no longer in control of the person who created it! Regulators are in uncharted territory on these issues.
It seems clear enough that Coburn went far enough across the line to give the SEC a valid case. Whats completely unclear is where that line actually is. If EtherDelta didn't have a centralized order book, would Coburn have been guilty? If the smart contracts had not given Coburn any fees for the trades, would that have changed anything? If Coburn had not created and hosted the web-based GUI for interacting with the contracts, would he be in the clear?
If someone else had created an alternate site for interacting with EtherDelta, as is completely feasible from a technical perspective, would they also be guilty? More broadly, if you write and deploy Solidity code that enables some illegal behavior, are you responsible for that behavior? What if you write and release the code, but don't deploy it? If someone else eventually does-- who is responsible then?
None of these questions have clear answers right now, and as a developer that's unnerving. Might I run afoul of the SEC for simply writing and publishing some Solidity code? This thought has crossed my mind as I've dug into the EtherDelta case, and I'm sure I'm not the only one. That alone ensures this action will have a chilling effect on innovative decentralized platforms being developed in the United States. I expect to see more projects move to other jurisdictions. I also expect to see noteworthy future projects launched pseudonymously, in the spirit of Satoshi himself. It turns out Mr. Nakamoto knew what he was doing by staying in the shadows.