Blog Old

The Right Technology – The Case of Mercury Cash

Posted on by Thiago Tags: , , , , , , ,

Nothing proves the wisdom of choosing the right technology for the right job than the case of Mercury Cash, a hosted-wallet solution for real-time liquidation and transfer of cryptocurrency and fiat assets. Recognizing the importance of being prepared for a new cryptoworld, Mercury Cash set out to explore various blockchain protocols to find the one that can stand the test of the real world.

The real world is full of messy complexities. We may think the mess is unnecessary and we should sweep it all away and usher in a new world order, but we do have to recognize that regulation and corporate law make it possible to protect investors and shareholders.

As someone pointed out regarding the tragic debacle of QuadrigaCX, Canada’s own Mt. Gox, “When was the last time your banker died and you lost access to your money?”

I’d add, “When was the last time you forgot your bank account password and your money became irretrievable?”

Can regulation and corporate legal processes be more efficient? Yes.

Are some of the regulatory requirements onerous or unnecessary? Yes.

But pretending that all regulation is unnecessary is like pretending that protections are unnecessary. Disruption with technology is good, as long as it doesn’t lead to destruction!

Click here to download Mercury Cash Case Study.

Many issuers are finding out the hard way two fundamental truths about how the real world works:

One, transactions don’t exist in atomic silos, least of all in securities; every transaction is connected with others and impacts multiple entities at various points in time in an ever-expanding ripple effect. One buy/sell securities trade requires validation of participants, ensuring protection for all parties, recording changes to captables, distribution of dividends, exercise of rights, filing reports, getting notifications of corporate events, voting, etc., all of it over a long time cycle.

Two, choosing a technology based on hype, popularity, and promise is not the way to go; instead, understand the characteristics of the problem and then identify the technology to solve it effectively.

In the case study, Mercury Cash describes the capabilities that will keep their business processes humming in a fully compliant manner. Most importantly, they found that ERC20-based protocols are inadequate for full lifecycle management of securities. This is not a knock against Ethereum, which is a fine platform for many types of DApps; much of the technology work is praiseworthy. But a Ferrari, no matter how shiny or powerful, cannot sail the high seas.

Many of our clients are coming to the same realization. Interestingly enough, a company could conduct its main business using public blockchain, while managing its security tokens on KoreChain. There is nothing wrong with that – it’s just like transporting a car on a ship. In many conversations with some of these technologists, I point out that the issue is not that ERC is inadequate for securities, just that it’s not the right tool. The same can be said if someone tries to use KoreChain for building cryptokitties.

When many companies are coming to us abandoning ERC20 protocols for various reasons, it validates our own approach to technology: first understand the problem you are trying to solve, then carefully pick the technology stack to solve it. In doing so, some of us have to leave our technology egos behind to move forward.

Click here to download Mercury Cash Case Study.

Meet the KorePartners: Luka Gubo, Blocktrade

Posted on by Oscar Jofre Tags: , , , , , , , ,

 

This post is part of a series of short interviews about the companies and faces that are part of the KorePartners Ecosystem*.

We believe that behind every great company there are people, and behind every person, there is a story to tell.

KorePartner: Luka Gubo, CEO at Blocktrade

Born in: Celje, Slovenia
Based in: Ljubljana, Slovenia and Schaan, Liechtenstein

What was your first job?
 High Frequency Trader at a proprietary trading firm.

How and when did you get involved in the Blockchain industry?
I started reading about Bitcoin in 2015 and mostly dismissed it as an alternative for fiat currencies. In 2016 I read about other Blockchain protocols and immediately saw the potential for disrupting the capital markets – both on the primary market (issuance of securities) and also the secondary market (for post-trade processes).

How do you see the Blockchain scene today?
There was a lot of regulatory uncertainty in past years and I think this will change in 2019. Crypto assets have their place in broader financial markets as a unique asset class where more and more institutional investors will seek uncorrelated returns. On the technology side, I think we will see a lot more use cases where several counterparties are involved – we are focused only on the capital markets, while we see a lot of disruption in banking, payments, transportation and other industries.

What does your company bring to the KorePartners Ecosystem?
Blocktrade is a secondary market for crypto assets with a focus to bring institutional clients to this new market. With the MTF license (pending regulatory approval) we will be able to list security tokens issued on KoreConX and bring necessary liquidity.

What is it about the partnership with KoreConX that most aligns with your company strategy?
KoreConX provides a full suite of services that companies that are issuing (or just tokenizing) their shares on blockchain must have in place when admitting securities to trading on a regulated trading venue. Covering the full lifecycle of these securities (from issuance, reporting, trading, etc.) we can together create a seamless experience for companies and investors. I believe that Blocktrade and KoreConX can together disrupt how the capital markets operate.

*The KorePartners Ecosystem is a group of organizations that follows our governance standards and share with us the same goal: to provide entrepreneurs with the tools they need to grow their business.

Decentralized vs Distributed Systems Part I

Posted on by Thiago Tags: , , ,

Blockchain per se is not about decentralization; rather, it is a distributed system technology. The two terms, decentralized system and distributed system, are often confused, so much so that the term ‘blockchain’ seems almost synonymous with a public, decentralized system.

The usual picture used to show the distinction between decentralized versus distributed systems is the one below:

This picture is inadequate since it doesn’t draw a clear distinction between decentralized and distributed systems. The differences in the pictures are rather arbitrary. A slight re-arrangement of the layout of the nodes might convert a decentralized picture to a distributed one or vice-versa.

Decentralization should be rightly used in the context of decision-making, power, authority, and control. Distributed systems are about geographical diversification of storage or processing. The terms ‘centralization’ and ‘decentralization’ come with the baggage of value judgment and philosophy, while the phrase ‘distributed systems’ has a purely technical connotation.

Centralization is about power, control, authority, accountability, and risk management. Distributed systems are about partitioning, dispersing, or part ownership of storage or computational capacity.

All decentralized systems are distributed practically by definition. However, not all distributed systems are decentralized. Enterprise systems at large companies can be distributed, but the company holds all power and decision-making centrally.

The other point to note is that centralization is not automatically evil and decentralization is not automatically good. It depends on the context and the way an application is implemented.

Similarly, distributed systems are not automatically efficient. Poor architectural choices may provide none of the benefits of distributed systems and may increase vulnerabilities.

Centralization becomes a problem only if participants have an incentive to take unfair advantage and the system—by whatever name we call it—allows such manipulation. We also have to recognize that not all problems can be solved through technology alone. If that were true, there would be no need for partnerships, service-level agreements, intermediaries, and so on. So, the real challenge is to create an architecture that leverages technology in a cost-effective way while delegating the rest of the problems to the human institutions or social networks.

In a subsequent post, I’ll point to different ways of understanding the nuances between the two, including references from both the public blockchain and academic communities. I’ll also discuss the challenges of designing incentives in decentralized and distributed systems.

 

Meet the KorePartners: Kyle Asman, BX3 Capital

Posted on by Oscar Jofre Tags: ,

This post is part of a series of short interviews about the companies and faces that are part of the KorePartners Ecosystem*.

We believe that behind every great company there are people, and behind every person, there is a story to tell.

KorePartner: Kyle Asman, BX3 Capital

Born in: Livingston, USA
Based in: New York, USA

What was your first job?
My first job was as a Bank Teller.

How and when did you get involved in the business industry?
Growing up as a kid down the shore I had a close family friend who was a day trader, and I was fascinated by markets, their pace, their complexity and the impact they had on the world. Billions of dollars are flying around the globe every single second.

How do you see the Financial Markets scenario today?
I see tremendous opportunity that financial markets have created today that wasn’t present five or 10 years ago. You can be in any corner of the globe, and still be a member of the global economy.

In that aspect, is it possible to have an idea of what the next five years will bring?
I think digital currencies will allow a number of new businesses to be created, and wealth to begin accumulating in the emerging markets around the globe. For the first time, I think we are going to see real economic growth and opportunity come from emerging markets.

What does your company bring to the KorePartners Ecosystem?
We bring expertise in PR, Tax, Accounting, and Business Strategy. We have helped dozens of companies over the course of the years. We are proud to be experts in our respective industries, and sharing that knowledge to help grow new businesses.

What is it about the partnership with KoreConX that most aligns with your company strategy?
The KoreConx team shares a similar ethos to BX3 Capital. We are like-minded in that we are both focused on building companies, not just simply turning a profit.

*The KorePartners Ecosystem is a group of organizations that follows our governance standards and share with us the same goal: to provide entrepreneurs with the tools they need to grow their business.

 

Meet the KorePartners: Michel Aliphon, SME Brokers

Posted on by Oscar Jofre Tags: , , ,

This week we are launching a special series to introduce you to our KorePartners. These are the people and companies who share KoreConX’s governance standards, such as Investor Protection, Compliance, Integration, Security, and Efficiency.

We believe that behind every great company there are great people, and each of those people has a unique story to tell. We will be publishing a series of short interviews introducing who our KorePartners are and what they think about the startup industry, blockchain technology, legislation and more.

 

Michel Aliphon, Managing Director at SME Brokers

Born in: Curepipe, Mauritius.
Based in: Perth, Australia.


What was your first job?

My first job was Futures Broker with a Malaysian based company.

 

How and when did you get involved in the business industry?

I completed my bachelor of commerce degree in Economics and Finance and started my career with Citibank Limited as an Executive Manager in 1994.

 

How do you see the Small and Medium Enterprises scene today?

The Australian SME Scene today is struggling to make ends meet, due to the tightening of monetary policy and the government realizing they need to intervene to assist SME’s to grow to create more employment. About 80% of Australian SME’s are worried about cash-flow.

 

In that aspect, is it possible to have an idea of what the next five years will bring?

Recently, the Australian Federal Government announced a new AUD $2 billion Australian Business Securitisation Fund to help provide additional funding to SME lenders, realizing SME’s are the backbone of the economy and SME’s find it difficult to obtain finance other than on a secured basis.

The new Australian crowdfunding amendment legislation bill passed in 2018, will also assist SME access non-bank funding which will further ease cashflow restrictions placed on SME’s making the next 5 years a better and brighter future for SME’s     

 

What does your company bring to the KorePartners Ecosystem?

SME Brokers bring a nationwide distribution network of qualified and dedicated SME Brokers whose primary role is to assist SME’s with their startup and exit succession plans, making them aware of the many opportunities available through the KoreConX Platform as they expand their business locally, nationally and potentially globally.

 

What is it about the partnership with KoreConX that most aligns with your company strategy?

The ability of the KoreConX Platform to provide SME’s the opportunity to streamline their business processes, preparing for the challenges ahead that come with economies of scale.

KoreChain & KoreContract

Posted on by Oscar Jofre Tags: , , , ,

What is the KoreConX blockchain strategy & why choose KoreChain?

In this video, KoreConX Co-Founder and CEO, Oscar Jofre, and our Chief Scientist/CTO, Kiran Garimella, share the details of our permissioned blockchain. Built on the Hyperledger Fabric, it is secure and governed with the ability to have full lifecycle management of contracts for tokenized securities for global private capital markets.

 

Technologies of Blockchain Part 4: Conclusion

Posted on by Thiago Tags: , ,

In parts 1, 2 and 3, we briefly touched on some of the historical foundations of blockchains from computer science and mathematics, including their sub-topics such as distributed systems and cryptography. Specific topics in either of these categories were consensus mechanisms, fault-tolerance, scaling, zero-knowledge proofs, etc.

Obviously, this brief series doesn’t do justice. The history of computing and mathematics is rich, with many interconnections and dependencies. The goal of this series was to provide just enough to make the point that the technologies that power blockchain (whether public or private) were built on a well-established foundation of various topics with contributions from real scientists in both industry and academia. The graphic below depicts the broad brush-strokes of development, clearly showing how current blockchain technologies are based on a wide spectrum of historical developments.

Technologies of Blockchain – Historical Timeline

Conclusion
As you can see, a tremendous amount of development that took place for almost half a century made the modern blockchain possible. Bringing these technologies together—almost all of them based not on just techniques but deep mathematical foundations—into a cohesive whole in the form of a bitcoin application was no doubt a tremendous achievement in itself

Moving forward, we need to keep in mind the initial motivation for each of these technologies, their strengths, their limitations, and determine how to create different architectures based on business needs. A good example of this is to relax the requirements of anonymity, strengthen safety, incorporate recourse, improve security, and incorporate the enormous complexity of regulatory compliance in securities transactions. Making such trade-offs doesn’t detract from the need for public, decentralized blockchains. On the contrary, this strengthens the use of the blockchain technology ‘horizontally’ across many industries and use cases.

In the near future, we expect to see some innovation in blockchains to improve performance and scalability, which is a special challenge for public blockchains. Along the same lines, there will be new consensus mechanisms going mainstream (such as proof-of-stake). For consensus and validation, blockchain researchers are investigating efficient implementation of zero-knowledge proofs and specific variants such as zkSNARKs.

Read Part 1: The Foundations, Part 2: Distributed Systems and Part 3: Cryptography, Scaling, and Consensus

Technologies of Blockchain Part 3: Cryptography, Scaling, and Consensus

Posted on by Thiago Tags: , , ,

In Part 2, we saw how a simple concept of a linked list can morph into complex, distributed systems. Obviously, this is a simple, conceptual evolution leading up to blockchain, but it’s not the only way distributed systems can arise. Distributed systems need coordination, fault tolerance, consensus, and several layers of technology management (in the sense of systems and protocols).

Distributed systems also have a number of other complex issues. When the nodes in a distributed system are also decentralized (from the perspective of ownership and control), security becomes essential. That’s where complex cryptographic mechanisms come into play. The huge volume of transactions makes it necessary to address performance of any shared or replicated data, thus paving the way to notions of scaling, sharding, and verification of distributed data to ensure that it did not get out of sync or get compromised. In this segment, we will see that these ideas are not new; they were known and have been working on for several decades.

Cryptography

One important requirement in distributed systems is the security of data and participants. This motivates the introduction of cryptographic techniques. Ralph Merkle, for example, introduced in 1979 the concept of a binary tree of hashes (now known as a Merkle tree). Cryptographic hashing of blocks was implemented in 1991 by Stuart Haber & W. Scott Stornetta. In 1992, they incorporated Merkle trees into their scheme for efficiency.

The hashing functions are well-researched, standard techniques that provide the foundation for much of modern cryptography, including the well-known SSL certificates and the https protocol. Merkle’s hash function, now known as the Merkle-Damgard construction, is used in SHA-1 and SHA-2. Hashcash uses SHA-1 (original SHA-0 in 1993, SHA-1 in 1995), now using the more secure SHA-2 (which actually consists of SHA-256 and SHA-512). The more secure SHA-3 is the next upgrade.

Partitioning, Scaling, Replicating, and Sharding

Since the core of a blockchain is the database in the form of a distributed ledger, the question of how to deal with the rapidly growing size of the database becomes increasingly urgent. Partitioning, replicating, scaling, and sharding are all closely related concepts. These techniques, historically used in enterprise systems, are now being employed in blockchains to address performance limitations.

As with all things blockchain, these are not new concepts either, since large companies have been struggling with these issues for many decades, though not from a blockchain perspective. The intuitively obvious solution for a growing database is to split it up into pieces and store the pieces separately. Underlying this seemingly simple solution lies a number of technical challenges, such as how would the application layer know in which “piece” any particular data record would be found, how to manage queries across multiple partitions of the data, etc. While these scalability problems are tractable in enterprise systems or in ecosystems that have known and permitted participants (i.e., the equivalent of permissioned blockchains), it gets trickier in public blockchains. The permutations for malicious strategies seem endless and practically impossible to enumerate in advance. The need to preserve reasonable anonymity also increases the complexity of robust solutions.

Verification and Validation

Zero-knowledge proofs (ZKP) are techniques to prove (to another party, called the verifier) that the prover knows something without the prover having to disclose what it is that the prover knows. (This sounds magical, but there are many simple examples to show how this is possible that I’ll cover in a later post.) ZKP was first described in a paper, “The Knowledge Complexity of Interactive Proof-Systems” in 1985 by Shafi Goldwasser, Silvio Micali, and Charles Rackoff (apparently, it was developed much earlier in 1982 but not published until 1985). Zcash, a bitcoin-based cryptocurrency, uses ZKPs (or variants called zkSNARKs, first introduced in 2012 by four researchers) to ensure validity of transactions without revealing any information about the sender, receiver, or the amount itself.

Some of these proofs and indeed the transactions themselves could be implemented by automated code, popularly known as smart contracts. These were first conceived by Nick Szabo in 1996. Despite the name, it is debatable if these automated pieces of code can be said to be smart given the relatively advanced current state of artificial intelligence. Similarly, smart contracts are not quite contracts in the legal sense. A credit card transaction, for example, incorporates a tremendous amount of computation that includes checking for balances, holds, fraud, unusual spending patterns, etc., with service-level agreements and contractual bindings between various parties in the complex web of modern financial transactions, but we don’t usually call this a ‘smart contract’. In comparison, even the current ‘smart contracts’ are fairly simplistic.

Read Part 1: The Foundations, Part 2: Distributed Systems and Part 4: Conclusion

Lessons To Be Learned From The SEC’s Recent Penalties for ICO Companies

Posted on by Kendall Almerico Tags: , , , ,

The Securities and Exchange Commission recently brought their regulatory hammer down on several ICO-related companies. After months of public statements from officials and rumors of numerous subpoenas and investigations, the SEC sent a strong and undeniable message to companies that have held unregulated initial coin offerings, and to those who are considering it.

Don’t do it.

There are lessons to be learned from these recent regulatory actions. These lessons confirm what I have been preaching in my securities law practice to all of the coin/token/crypto companies I have been talking to or representing: Follow the existing securities laws to raise capital selling tokens or be prepared to suffer some extreme consequences. In this article, I will dig into the story of Carrier EQ, also known as AirFox, whose story is a perfect illustration of the dangers a company faces when they hold an ICO without following securities laws.

I am going to get into a lot of specific facts because what AirFox did is so common in the ICO world, so we can all learn from their mistakes. I will also explain in layman’s’ terms what happened to AirFox as the SEC reviewed their offering, in an effort to provide a “heads-up” to companies that still believe they can get away with holding an ICO in the United States without going through the SEC. It appears that AirFox did not receive very good advice in their ICO, and despite all the recent warnings and negative publicity, I still have ICO companies contacting me wanting to use these same methods (“But I’m selling a utility token!”) that got AirFox in trouble.

Two things are obvious after this SEC enforcement action:

  1. You cannot call what you are selling a “utility token” and have securities laws magically not apply to your offering (see Lesson 7 below), and
  2. Unless you can definitively prove what you are selling is not a security, you need to follow securities laws in your offering.

The AirFox ICO

AirFox is a U.S. company that sells mobile technology that allows prepaid mobile phone customers to earn free or discounted airtime or data by interacting with ads on their smartphones. From August to October 2017,[1]AirFox offered and sold blockchain-issued digital tokens called AirTokens in an ICO where the company raised about $15 million to create a new international business and ecosystem. AirFox told potential ICO investors that the new ecosystem would include the same functionality of AirFox’s existing U.S. business (allowing prepaid mobile users to earn airtime or data by interacting with ads) and would also add new features such as the ability to transfer AirTokens between users, peer-to-peer lending, credit scoring, and eventually using AirTokens to buy and sell goods and services other than mobile data. In the ICO, AirFox stated that AirTokens would potentially increase in value as a result of AirFox’s efforts, and that AirFox would provide investors with liquidity by making AirTokens tradeable in secondary markets.

Any advisor who even has a basic understanding of securities law would look at this and say “Hey, AirFox, you are selling securities. You are selling tokens to the general public, that you are alluding to an increase in value, to finance a new business.” Apparently, AirFox’s “crypto advisors”[2] and lawyers (if they had any) did not bother to Google “what is a security?”[3]

The SEC Penalties

On November 16, 2018, the SEC instituted “cease and-desist proceedings” against AirFox. This means, in laymen’s terms, that the SEC told AirFox to “Stop Breaking The Law!” because the SEC is about to come in, and effectively shut their company down with penalties. As a result, AirFox reached a settlement with the SEC so they could have some hope of continuing in business. The settlement requires AirFox to:

· Pay a $250,000 fine,

· Inform each person that purchased AirTokens of their right to get their money back if they still own the tokens or if they can show they sold them for a loss,

· Issue and post a press release on the company’s website notifying the public of the SEC’s order, containing a link to the order, and containing a link to a “Claim Form” for investors to get their money back,

· File the appropriate paperwork with the SEC to register the AirTokens as a class of securities — this means the AirFox now must follow all securities regulations and ongoing reporting requirements as to these tokens — an extremely expensive requirement, and

· Deal with a lot of other ongoing reporting requirements related to these penalties to keep the SEC informed.

In essence, the SEC made AirFox pay a large fine, forced them to return up to $15 million back to investors, publicly admit on online and in the press that they broke the law, and be subject to a ton of time-consuming and expensive paperwork (disclosing information like audited financial records that investors typically need to decide if a stock is a good investment ).

How many companies that held an unregistered ICO could financially stay viable with the imposition of such penalties? My suspicion is that there are very few.

What do we learn from the AirFox settlement?

1. The SEC is going to follow the Howey test[4] at least as a baseline to determine if a token sold in an ICO is a security. AirTokens were “securities” under the Howey test because people buying the tokens would have had a reasonable expectation of obtaining a future profit based upon AirFox’s efforts, including AirFox revising its app, creating an ecosystem, and adding new functionality using the proceeds from the sale of AirTokens.

Lesson: If your token offering cannot pass muster with a well-known 76-year old Supreme Court ruling, you are selling securities.

2. If you sell tokens that are securities, you have to either (a) register the securities with the SEC or (b) qualify for one of the well-known exemptions from registration such as Regulation D or Regulation A when you sell the tokens. In other words, follow existing securities laws. AirFox, like many ICO companies, did neither of these things, which is illegal.

Lesson: This isn’t rocket science. Either file an S-1 and register your token offering or be sure you qualify under one of the exemptions from registration (like Regulation A) before you sell any tokens to anyone.

3. The SEC is going to read your “white paper”[5] and review everything[6]related to your token offering. With AirFox, the SEC specifically noted that “in September 2017, AirFox explained to prospective investors in a blog post that the ‘AirFox browser is still considered ‘beta’ quality and will continue to be improved over the coming months as we execute on the AirToken plan.’” This blog post helped the SEC satisfy one of the Howey prongs of what constitutes a security: Money from the token sale was being used in a common enterprise for the company raising capital to build their business.

Lesson: Follow securities laws in all offering documents, marketing materials, media interviews, and everything whatsoever associated with the token offering.

4. AirFox’s white paper informed investors that 50% of the proceeds of the offering would be used for engineering and research and development expenses. In AirFox’s whitepaper, the company proposed a potential timeline of development milestones which covered from August 2017 through the second quarter of 2018.[7] Again, the company’s own documentation showed they were selling securities under Howey, by explaining that the company was going to use the funds from the token sale to fulfill their business plan.

Lesson: If you are using the funds from the token offering to build your business, follow your business plan, or build your ecosystem the tokens will be uses in, you are probably selling securities.

5. In its ICO, AirFox raised approximately $15 million by selling 1.06 billion AirTokens to more than 2,500 investors. The number of investors is important: A company selling securities is required to register their equity securities under “Rule 12(g)”[8] if the class of securities was held of record by more than 2,000 persons and more than 500 of those persons were not accredited investors. In other words, if you sell securities to 2,001 total investors, or 501 non-accredited investors, you have to be registered with the SEC.[9] With more than 2,500 investors, AirFox would be subject to these expensive registration requirements, if their tokens were considered to be securities.

Lesson: Watch the number of investors in your offering. Even when you are selling tokens that are clearly securities, you must pay attention to the rules surrounding how many investors you are allowed based on the laws applicable to your offering.

6. AirTokens were available for purchase by individuals in the United States and worldwide through websites controlled by AirFox. The company is based in the United States. The websites selling the tokens in the U.S. were controlled by the company. This all subjected AirFox to the jurisdiction of the SEC.

Lesson: If your company does business in the U.S., or wants to touch the U.S. investor market, you need to follow U.S. securities laws. If you are not a U.S. company[10], and do not sell or market at all to U.S. investors, most of this article may not apply to you at all.

7. The terms of AirFox’s the ICO required purchasers to agree that they were “buying AirTokens for their utility as a medium of exchange for mobile airtime, and not as an investment or a security.” In other words, AirFox assumed they could agree with their token purchasers that they were selling a “utility token” and not a security. It doesn’t work that way. Calling something a “utility token” and saying it “is not a security” is meaningless to the SEC. As the SEC notes “at the time of the ICO, this functionality was not available. Rather, the AirFox App was a prototype that only enabled users to earn and redeem loyalty points, which could be exchanged for mobile airtime. According to the company, the prototype was “really just for the ICO and just for investment purposes so people know . . . how it’s going to work” and “[did not] have any real users” at the time of the ICO. Despite the reference to AirTokens as a medium of exchange, at the time of the ICO, investors purchased AirTokens based upon anticipation that the value of the tokens would rise through AirFox’s future managerial and entrepreneurial efforts.”

This quotation from the SEC is important for two reasons:

· It makes it clear that the AirTokens violate the Howey test. Investors purchased AirTokens anticipating that the value of the tokens would rise through AirFox’s future managerial and entrepreneurial efforts. That is, almost literally, the definition of a security contract from Howey — someone investing in a company where the company’s efforts will increase the value of the investment.

· More importantly, the SEC seems to have cracked the door open a little. The SEC specifically set out several reasons why the AirTokens are securities and not “utility tokens” …but what if those reasons did not exist? What if this ICO had taken place later, and the following facts had been in existence:

(a) At the time of the ICO, the tokens’ functionality was available,

(b) The app was a not a prototype but was fully functional,

(c) The app had real users at the time of the ICO,

(d) The tokens were being used onlyas a medium of exchange at the time of the ICO, and

(e) Purchasers of the tokens had no anticipation that the value of the tokens would rise through the company’s future managerial and entrepreneurial efforts, because the tokens were not allowed to be traded on an exchange or otherwise.

While the marketplace for such tokens would not likely yield nearly $15 million in purchasers like in AirFox’s ICO, it seems that the SEC mightentertain characterizing tokens in the scenario[11] above as not being subject to securities laws.

Lesson: You can’t call what you are selling a “utility token” and have securities laws magically not apply to you. What you call your tokens is irrelevant to the SEC’s legal analysis.

8. AirFox’s whitepaper described an ecosystem to be created by the company where AirTokens would serve as a medium of exchange and that the company would maintain the value of AirTokens by purchasing mobile data and other goods and services with fiat currency that could be then purchased by holders of AirTokens and that the company would buy and sell AirTokens as needed to facilitate the purchase and sale of goods and services with AirTokens. In other words, the investors in the tokens would, again, be relying on the future efforts of AirFox, clearly one of the Howey prongs that make the AirTokens clearly securities under the law.

Lesson: If you are relying on the future efforts of the company selling the tokens to give the tokens value, the tokens have failed one portion of the Howey test.

9. Prior to the ICO, AirFox communicated to prospective investors that it planned to list the tokens on token exchanges to ensure secondary market trading. Obviously, liquidity in any investment is a huge part of the investment decision by a purchaser, and AirFox made it clear (a very common trait in unregulated ICOs) that their tokens would be traded on crypto exchanges, so buyers could sell them and potentially make a profit. This satisfies the “investment” arm of the Howey test. If investors have a reasonable expectation of profit from being the tokens, the tokens are very likely securities.

In fact, in the middle of the ICO, AirFox announced that it was reducing the token supply from 150 billion to 1.5 billion without changing the anticipated market cap “to alleviate concerns raised by many current and potential token holders and token exchanges who prefer each individual token to be worth more.”

Imagine a tradition initial public offering of stock, where the IPO company suddenly changed the number of shares of stock available but kept the valuation of the company the same. “Hey, those shares you first-in buyers got for $20 are now worth $2000 each because we decided to sell 1/100thof the number of shares.” This kind of market manipulation would likely end of with a few people in federal prison.

Lesson 1: If you tell purchasers of your token that the tokens are going to be traded and that you are going to do things to make the tokens more valuable for these investors, you are selling securities, without any question.

Lesson 2: Changing the material terms of a securities offering in the middle of it = bad idea.

10. The SEC noted the following interesting bit of information. Following the ICO, AirFox attempted to list AirTokens on a major digital token trading platform, and answered an application question that asked, “Why would the value increase over time?” AirFox’s response was “As time lapses the features and utility of AirToken will go up as we continue to build the platform. As of today, the people are able to download our browser to earn and purchase AirTokens to redeem mobile data and airtime across 500 wireless carriers. Over the next two years, the utility of the token will expand and therefore, more people across the world will need to have AirTokens in their possession to participate on our platform and ecosystem.”

Lesson: The SEC reads and reviews everything, including interactions a company has with third-party companies.

11. AirFox offered and sold AirTokens in a general solicitation to potential investors. This means AirFox advertised the ICO to the general public and solicited investments from anyone willing to send them money. In the securities world, general solicitation is limited to certain types of securities under certain exemptions, and allowing any investor to purchase securities, regardless of their accredited status, is not allowed in most cases.

Lesson: If you are going to advertise your token offering (and how else would you get the word out and find investors?) you need to follow securities laws and regulations related to general solicitation.

12. Through a “bounty” campaign, AirFox provided “free” AirTokens to people (crypto advisors) who helped the company’s marketing efforts. AirFox entered into an agreement with a crypto advisor who had previously led similar ICO promotions by other companies. This crypto advisor received a percentage of the AirTokens issued in the ICO in exchange for his services, recruited other people to translate AirFox’s whitepaper into multiple languages and to tout AirTokens in their own internet message board posts, articles, YouTube videos, and social media posts. More than 400 individuals promoted the AirToken initial coin offering as part of the bounty campaign. These individuals also received AirTokens in exchange for their services.

While the SEC did not specifically address this point in their ruling, I would not be surprised to see some regulatory or legal investigation undertaken against these crypto advisors. Depending on several factors that there is not enough publicly available information to know for certain, it is possible these crypto advisors may have conducted illegal broker-dealer activities subject to various regulations. The advertising and marketing of securities is highly regulated and based upon the representations made by those who were paid “bounties” by AirFox, it is also possible that some of these individuals did not follow existing laws and regulations as to how such advertising should be conducted.

Lesson: Follow all securities laws and regulations related to marketing, and only deal with advisors who understand and follow securities laws. When interviewing advisors, ask them about their experience in token offerings that were done in compliance with SEC regulations, not their experience with unregulated ICOs.

13. AirFox aimed its marketing efforts for the ICO at digital token investors rather than the anticipated users of AirTokens.

· AirFox promoted the offering in forums aimed at people investing in Bitcoin and other digital assets, that attract viewers in the United States even though the AirFox App was not intended to be used by individuals in the United States.

· AirFox’s principals were interviewed by individuals focused on digital token investing.

· In a blog post, AirFox wrote that an AirToken presale was directed at “sophisticated crypto investors, angel investors and early backers” of the AirToken project and in a pre-sale, prior to the public offering, AirFox made AirTokens available to early investors at a discount.

AirFox made no effort to market the ICO to the anticipated users of AirFox tokens — individuals with prepaid phones in developing countries. Instead, AirFox marketed the ICO to investors who “viewed AirTokens as a speculative, tradeable investment vehicle that might appreciate based on AirFox’s managerial and entrepreneurial efforts.”

Lesson: If you are going to claim you are selling “utility tokens” in an offering, you should sell those tokens to the ultimate users of the tokens. If you do not, you are likely selling securities to speculating investors, and your argument of selling “utility tokens” falls apart very quickly.

Conclusion (The Final Lesson)

I’ve been talking to (and in some cases, actually representing) token and crypto companies ever since the DAO decision when the floodgates opened to companies realizing that the only safe way in the U.S. to issue a digital asset, token or coin is to follow securities laws. It’s not that hard. Every mistake AirFox made was avoidable, and everything they did to violate well-established securities laws could have been avoided if they had received good advice. Selling investments to U.S. citizens is one of the most highly regulated industries in the world. To think a company can avoid following these well-established laws and regulations just because of a new technology, and because “everyone else is doing it,” is ridiculous.

Can I start openly selling cocaine online to anyone who wants to buy it because I keep the records of the sales on a distributed ledger and track each kilo on a blockchain? No, and nobody would be so stupid to try.[12]

This is not that difficult. The final lesson is: If you want to sell tokens without following securities laws to the U.S. market, you need to be 100% certain they are not securities, and that is going to be very difficult to do in most cases. If you and your advisors are not 100% certain that what you plan to sell is not a securitiy, get advice from reputable securities counsel before you do anything.

Once more thing: if you find yourself creating arguments to get around parts of the Howey Test rather than being able to definitively prove your tokens do not fit the Howey definition of a security, then the SEC is most likely going to disagree with you, and deem your tokens to be securities.

[1]It is important to note these dates. One month before the AirFox ICO, in July 2017, the SEC announced that it viewed the tokens offered by The DAO, an ICO that raised more than $150 million in 2016, as securities. This ruling was widely reported and sent shockwaves through the “unregulated” ICO industry. It would be hard to imagine that those advising AirFox were not aware of the DAO ruling when they started their ICO one month later.

[2]Some “crypto advisors” are persons (nearly always without a law degree) who advertise that they have “helped companies raise millions” in other ICOs (none of which followed U.S. securities laws). They often have influence in the ICO community and on ICO review websites where, in many cases, the review of an unregistered ICO is based on how much money you pay the website.

[3]Or, their advisors Googled it, read the Howey test, and decided “Let’s make like an ostrich and ignore the obvious.” Advisors to ICO companies should not take the attitude of “but everyone else is doing it and raising millions of dollars so it must be okay” or, my favorite, “there are no rules for ICOs, these are unregulated!”

[4]SEC v. W. J. Howey Co., 328 U.S. 293 (1946). The “Howey Test” is the U.S. Supreme Court’s definition of what a security is and has been the law for 76 years. In a nutshell, the four-part Howey Test determines that a transaction represents an investment contract if a person (a) invests his money (b) in a common enterprise and is (c) led to expect profits (d) solely from the efforts of the promoter or a third party.

[5]A “white paper” in the ICO world is a document that explains the business and the offering. In most cases, these documents are heavy on technical language regarding the tokens and blockchain but offer little to no guidance on the financial health of the business and rarely disclose all the risks of investing in the offering. In many cases, these “white papers” are not even close to what a securities lawyer would draft for any securities offering. But, many ICO companies apparently are advised to believe their white paper, with its page of legal disclaimers copied from other white papers found online, will magically protect them from any securities laws repercussions.

[6]The SEC will look at a company’s white paper, any other offering documents, websites, social media, media interviews, and any other online or offline matter related to the offering. If it is publicly available, the SEC is going to review it. Even if it is not publicly available, the SEC may subpoena it. In the AirFox case, the SEC noted that AirFox talked about prospects for development of the AirToken ecosystem on blogs, social media, online videos, and online forums and even gave a specific example of quotes from AirFox’s principals making claims in a YouTube video.

[7]These are typical White Paper 101 inclusions in an ICO. A breakdown of what the funds will be used for (which is actually a normal part of a securities law compliant offering document) and a timeline. While there is nothing wrong with these disclosures, the problem is that these white papers rarely discuss the risks involved with the offering, and almost never disclose anything about the financial condition of the company — staples of a compliant securities offering.

[8]17 CFR 240.12g-1

[9]There are notable exceptions to this rule under certain exemptions from registration, including under Regulation A, as amended in the JOBS Act.

[10]Without getting too technical, if you are a New York City based company, with offices and employees in Manhattan, who sets up a shell company in the Virgin Islands that has no office or employees and you run that company out of New York, you are not being clever and avoiding the fact that the SEC is probably still going to consider you a U.S. company. All you have done is sent up a red flag.

[11]There are other factors to consider, as Howey is just part of the analysis as to whether something is, or is not, a security. But, for illustrative purposes, this section of the SEC’s analysis is very helpful for companies considering a token sale, because it illustrates a potential path to a token not being subject to securities laws, and the possible ability in very narrow circumstances to sell a token outside of securities laws.

[12]Okay, someone might be dumb enough to try. Never underestimate the stupidity of some people. The TV show America’s Dumbest Criminals filled three years of episodes with people who might have tried this. For the record, if a stupid criminal tries this, and says it was my idea, please remember that they are, as noted, a stupid criminal and do not believe them.

Disclaimer (because I am wearing my lawyer hat): Kendall Almerico is a securities lawyer who represents companies raising capital in JOBS Act offerings (Regulation A in particular) and companies that want to sell tokenized securities in a compliant manner through a security token offering. This article does not contain legal advice and should not be relied upon bu anyone for legal advice. It is simply the opinions of Kendall Almerico interpreting certain matters that were recently in the news. Do not rely on this article for legal advice as every situation is different. In all cases, consult your own attorney or advisors.

There, I said it.

Technologies of Blockchain – Part 2: Distributed Systems

Posted on by Thiago Tags: , , , ,

We saw in Part 1 that linked lists provide the conceptual foundation for blockchain, where a ‘block’ is a package of data and blocks are strung together by some type of linking mechanism such as pointers, references, addresses, etc. In this Part 2, we will see how this simple concept gives rise to powerful ideas that lay the foundation for distributed systems.

What happens when one of the links in the linked list or one of the computers (aka, ‘nodes’) in a distributed system falls sick (and responds slowly), gets taken down (‘hacked’), or dies? How does the full list (or chain) recover from such tragic events? This brings us to the notion of fault tolerance in distributed systems. Once changes are made to the data in one of the nodes (blocks), how do we ensure that the same information is consistent with other nodes? That introduces the requirement for consensus.

Pushing the analogy of the linked list a bit further, algorithms that manage linked lists are carefully designed not to break the list. Appending links to the end or the front, for that matter, is an easy operation (we just need to make sure that the markers that indicate the start and end of the list are updated correctly). However, removing a link (or member of the chain) or adding one is a bit trickier. When it is necessary to remove or insert into the middle of the list, it’s a bit more complicated, but a well-understood problem with known solutions. We won’t go into the specifics in this article because the intent is not to describe these operations but to convey a high-level historical perspective.

In distributed systems, fault tolerance becomes a very important topic. In one sense, it is a logical extension to managing a linked list on a single computer. Obviously, in real-world applications, each of the nodes in a distributed system are economic entities that depend on other economic entities to achieve their goals. Faults within the system must be minimized as much as possible. When faults are inevitable, recovery must be as quick and complete as possible. Computer scientists began studying the methods of fault tolerance in the mid-1950s, resulting in the first fault-tolerant computer, SAPO, in Czechoslovakia.

Besides fault tolerance, when information needs to be added to the distributed system (a bit like adding, deleting, or updating the elements of a linked list), the different parties must agree. The reason for agreement is that the data that goes into the ‘linked list’ is data that arises out of transactions between these parties. Without agreement, imagine the chaos! My node would record that I sent you $90 while your node would record only $19! Or, if I send you payment for a product, I expect to receive the product. There should be agreement, settlement, and reconciliation between the transacting parties. A stronger requirement in distributed systems is that once the parties agree to something, the data that is agreed upon cannot be changed by one of the parties without the concurrence of the other party or parties. The strongest version of this requirement is ‘immutability’, where it is technically impossible to make any changes to data that is agreed to and committed to the chain.

Fault-Tolerance and Consensus

Distributed systems, therefore, require fault-tolerance, consensus, and immutability in varying degrees, depending on the needs of the business. Mechanisms for fault-tolerance and consensus evolved since the early days. Notable developments are:

  • Byzantine Fault Tolerance (BFT) by Lamport, Shostak, and Pease in 1982, to deal with situations where one or more of the nodes in the distributed system become faulty or malicious.
  • Proof-of-Work (POW), first described in 1993 and the term coined in 1999, which is a technique for providing economic disincentives for malicious attacks. A precursor idea of POW was proposed in 1992 by Cynthia Dwork and Moni Naor, as a means to combatting junk mail—a problem that was already a significant nuisance way back in 1992!* Their solution was to require a sender to solve a computational problem that was easy enough for sending emails normally but becomes computationally expensive for sending massive amounts of junk emails.
  • Hashcash, a POW algorithm, was proposed by Adam Back in 1997. This was used as the basis of POW in bitcoin by Satoshi Nakamoto in 2008, which brought awareness of POW to a much wider audience.
  • A high-performance version of BFT, called Practical Byzantine Fault Tolerance (PBFT), by Miguel Castro and Barbara Liskov, in 1999; and so on.
  • Paxos**, a family of consensus algorithms, has its roots in a 1988 work by Dwork, Lynch, and Stockmeyer, and first published in 1998 (even though conceived several years earlier) by Leslie Lamport.
  • Raft consensus algorithm was developed by Diego Ongaro and John Ousterhout. Published in 2014, it was designed to be a more understandable alternative to Paxos.

State machine replication (SMR) is a framework for fault-tolerance and consensus is a way to resolve conflicts or achieve agreement on the state values. SMR’s beginnings are in the early 1980s, with an influential paper by Leslie Lamport, “Using Time Instead of Timeout for Fault-Tolerant Distributed Systems” in 1984.

In Part 3, we will do a high-level review of mechanisms designed to keep distributed systems secure, consistent, and able to handle large volumes of transactions.

Read Part 1: The Foundations, Part 3: Cryptography, Scaling, and Consensus, and Part 4: Conclusion

*Their paper, “Pricing via Processing or Combatting Junk Mail”, begins with a charming expression of exasperation: “Some time ago one of us returned from a brief vacation, only to find 241 messages in our reader.”

**No known relation to the blockchain company, Paxos.com

Technologies of Blockchain – Part 1: The Foundations

Posted on by Thiago Tags: , ,

Blockchain is not just a single technology but a package of a number of technologies and techniques. The rich lexicon in the blockchain includes terms such as Merkle trees, sharding, state machine replication, fault tolerance, cryptographic hashing, zero-knowledge proofs, zkSNARKS, and other exotic terms.

In this four-part series, we will provide a very high-level overview of each of the main components of technology. In reality, the number of technologies, variations, configurations, and considerations of trade-offs are numerous. Each piece in this puzzle was motivated by certain business requirements and technical considerations.

In this first part, we look at the origins of the ‘chain’ and the most important technological advancement that makes blockchain (and all e-commerce) possible, i.e., the Internet.

While there have been genuine innovations within the last decade, blockchain’s underlying technologies are mostly quite old (in computer science time scale). Let us unpack a typical blockchain to trace out the origins of the constituent technologies. In this short post, I’ll only point to a very small (some may say, infinitesimally small) subset of the historical origin of technologies that make the modern blockchain possible. I’ll make no attempt to trace the development of these concepts from origin to the present time (that would fill up several books). The fact that blockchain’s technologies have a long and respectable history should help us gain confidence that blockchain, as a technology, is not some fly-by-night, newfangled idea cooked up by the crypto fandom.

What is less certain and much more controversial is the economic justification for blockchain (or at least some types of blockchain), ranging from the unrealistic expectation that it is a panacea for all of humankind’s ills (most optimistically, for social and economic inequities), to the total and premature dismissal of blockchain in its entirety.

The Beginnings

At the conceptual heart of blockchain is the ‘chain’. By definition, the links of the chain are, well, linked. It’s a list of data elements or packets of information (in blockchain, these are called ‘blocks’) that are linked. A blockchain is, therefore, a type of linked list.

The concept of a linked list was defined by pioneers of computer science and artificial intelligence, Alan Newell, Cliff Shaw, and Herbert Simon, way back in 1955-56.

In the early days of computer science, data and processing power lived on individual computers. Soon, people wanted these computers to ‘talk’ to each other. The grand idea of an Intergalactic Computer Network was put forth by J. C. R. Licklider as early as 1963. Unfortunately, even after half a century of rapid development, we have achieved only a planetary-wide Internet so far. An ‘intergalactic’ network is still a few years away!*

These ideas and the need to connect dispersed computers gave rise to wide-scale distributed systems in the 1960s-70s, with the advent of ARPANET and Ethernet. Technically, these linked computers are not necessarily treated in the same way as a traditional linked list that lived on one computer, but the conceptual idea is similar. When data and computational power get dispersed, layers of management, coordination, and security become increasingly important.

Blockchain would not exist without the Internet, which itself would not exist without TCP/IP, developed by Bob Kahn and Vint Cerf in the 1970s and ‘80s. Along the way, some scientists managed to have some fun too. They carried out an April Fools prank in 1990 by issuing an RFC (1149) for IPoAC protocol (IP over Avian Carriers, i.e., carrier pigeons). The punch line was delivered in April 2001 when a Linux user group implemented CPIP (Carrier Pigeon Internet Protocol) by sending nine data packets over three miles using carrier pigeons. They reported packet loss of 55%. A joke that takes a decade to pull off is practically Saturday night live comedy in Internet time scale!

In part 2, we will see how the extension of the concept of linked list on the Internet leads to distributed systems, the attending challenges, and their solutions.

*We first need to take care of a minor detail: find or colonize alien planets in this and other galaxies.

Forking – the New ‘F’ Word in Blockchain

Posted on by Thiago Tags: , , , , ,

Forking seems to be an integral part of the Blockchain architecture. This is due to Blockchain’s decentralized nature and the need to establish systemic trust among multiple participants (who are generally unknown to each other and therefore untrustworthy by definition).

To most of the non-technical population and a fair amount of the technical population as well, the forking phenomenon can be baffling and sound like a soap opera. The reasons for forking range from upgrades to the blockchain (for implementing some technical features such as expanded block size), migration of signatures to extended blocks (the SegWit fork on bitcoin), and disagreements on how to handle errors or losses.

To the extent that a chain relies on decentralization, operational forking is inevitable, since all transactions need to be validated and accepted by everybody or by a quorum. The volume of transactions can become huge. The way miners select transactions from the pool to validate and create blocks results in non-determinism. Different validators end up working on different blocks, causing little sub-chains to sprout like weeds in a garden. Eventually, one of the blocks wins out and its branch becomes the official continuation of the chain.

What happens to the other sub-chains? They wither and die. This is an integral part of the technology and perfectly proper, since it is a result of the inherent non-determinism in the generation of transactions and in the selection of transactions to validate. Remember, there is no central authority that coordinates all this, hence the need for a process of continual discovery of the most valid block and the most valid corresponding branch of the chain.

Unfortunately, regardless of the technical necessities, all this sounds like the result of squabbles in the blockchain community. The major forks in the Bitcoin and Ethereum communities, such as Bitcoin Cash and Ethereum Classic, are indeed serious disagreements with proposed changes. Besides the ever-present threat of malicious intent, these disagreements occur between well-meaning participants. In traditional centralized systems (whether software or not), these disagreements also exist, but they get resolved one way or the other before deploying the solution to the users. In some dispersed systems, such as professional associations, the protocol for change management is well-established. However, disputes occur in public blockchains while the chain is “in production” and participants can steer the chain to express their preference. It’s a bit like giving uncooperative front-seat passengers their own steering wheels.

Decentralized systems are double-edged swords, or should we say, spiny hedgehogs? Decentralization brings freedom from central authority. Whether this is viewed as good or bad depends on the issue at hand. But the one thing decentralization guarantees is a lot of debate, some chaos, sometimes no resolution, and (hopefully less often) a break-away of a splinter group in the form of a forked chain.

Decentralization is not necessarily good for everything, every time, and everybody. When pushed to the mat, most people would rather give up privacy for security and safety. Similarly, I suspect most would choose control and certainty over change, chaos, and confusion. As they say in the Six Sigma community, variance is worse than a bad mean. The possibility of forking in blockchains introduces an element of uncertainty that is less in users’ control or understanding than the uncertainty of change driven by a centralized governing body.

Blockchain is not one tool. The right flavor of blockchain must be applied correctly to the appropriate problem. Just as you can’t eat soup with a fork, you can’t deal with the soup of regulated securities with a forked chain, or more accurately, with a spoon that you don’t own or control, and which can splinter into a fork at any time.

Difference between Crypto and Security Token

Posted on by Oscar Jofre Tags: , , , , , , ,

Is there a difference between cryptocurrency and a security token?

The answer is yes, there is a big difference. And it is time we get these right so the thick fog around this topic can begin to clear up. It is very important to understand how each of them is very different from each other.

You probably read or hear these two words every day and in most cases in the wrong context. Before we get into the difference lets make one thing clear.

Crypto or Cryptocurrency is an alternate (i.e., non-fiat) CURRENCY
Security Token is an EQUITY POSITION IN A COMPANY

All over the web, there are many discussions, blogs, articles, and tweets on using blockchain. Of course, many of them follow to the extraordinary words “Crypto”, or “Cryptocurrency” and “Security Token”.

I am amazed by the number of people who use these two words interchangeably, yet they are so different as stated above. Let’s have a look at each one in more detail.

What is Crytpo or Cryptocurrency?
Wikipedia has a clear definition: “A cryptocurrency (or crypto currency) is a digital asset designed to work as a medium of exchange that uses strong cryptography to secure financial transactions, control the creation of additional units, and verify the transfer of assets.”

Crypto or Cryptocurrency is just a currency. Other examples of currency are Dollars, Euros, Pesos, etc. These currencies are traded worldwide by currency traders. Nowadays we have the introduction of digital currencies such as Bitcoin, Ethereum, Litecoin, etc. Wikipedia has put together a list of these digital currencies.

Currencies are regulated by a securities commission or foreign exchange agencies. The rules around who can purchase currency and trade them are very simple. In most cases, it is required to be 18 years or older. ID Verification, AML (Anti Money Laundering), and some basic KYC (Know Your Customer) will be done. Not more than this is required to purchase a currency.

For trading, the platforms will need to be registered with commissions and/or regulators in their country to legally operate the exchange. This financial regulator is regulating the currency, transfer, and trading business.

What is Security Token?
In 2017 we saw the emergence of companies issuing tokens to raise capital. In countries such as USA and Canada, regulators have been very clear on this form of capital raising.

When a company offers a token from their company for an investor to invest in, the goal is for the token to trade and gain in value. Security agencies, including the SEC in the USA and the CSA in Canada, have made it clear that when companies are conducting a token offering in which the token has the ability to trade and gain in value, it must be issued as a security token.

Security Token is a tokenized security that is issued by a company. The security represents an equity position in the company. In order to issue the security, the company must comply with regulations as to how it can market the offering, who it can attract to invest in their company, reporting requirements, trading restrictions, and custodianship (Transfer Agent) requirements.

For a company to issue a security token it must:

  • Determine what jurisdiction (countries) it wants to attract investors from
  • Determine what exemption to use to offer their security token to investors (accredited or non-accredited investors)
  • Determine trading restrictions per jurisdiction and exemption
  • Determine reporting requirements per jurisdiction and exemption
  • Determine Transfer Agent requirements per jurisdiction and exemption
  • Determine if Broker Dealer is required per jurisdiction
  • Determine what regulated ATS Secondary Market is available for trading

As you can see it’s clear how different these two are from each other and there should be no confusion going forward.

Here is how the two can come together and be used in the proper context. You can use cryptocurrency to invest in a security token offering by a company. But that can only happen as long as the company has agreed to accept this form of digital currency, the investor meets regulatory requirements, the company can offer their securities in the country (Jurisdiction) of residence of the investor, and if the company is using a broker-dealer, the dealer is also prepared to accept that form of payment.

Joining Hyperledger to Revolutionize Tokenization of Private Securities Globally

Posted on by Thiago Tags: , , , ,

We are thrilled to announce our membership in the Hyperledger Project. This was a carefully thought-out decision, but given the nature of our business, a fairly easy one to make.

Our roots are in providing managed compliance-related services to private companies globally. Building on this experience and success, we are well into executing on our vision of revolutionizing the tokenization of private securities. The revolutionary nature of our journey is in providing an environment for security tokens that ensures full compliance, safety, and complete lifecycle management. Investor protection has always been our unrelenting focus. We look to the business requirements to drive the selection, design, and deployment of technology.

Hyperledger, with its roots in the Linux Foundation and Apache culture, gives us access to a community of dedicated practitioners and researchers in technology. Fabric, in common with the other Hyperledger projects, is all about enterprise-class applications. Anything involving money had better be serious business.

One of the most critical aspects of finance is the safety and security of transactions. Legitimate participants in the financial markets may be frustrated by the inefficiencies of regulation, but they welcome the protections offered by such regulation. Fabric chose not to create its own native cryptocurrency. This avoids the dependence on crypto-mining and its attendant issues of fraud, forking, fictitious participants, and losses. By avoiding commingling of payment mechanisms (which include legitimate cryptocurrencies) with securities instruments, we can keep our economics clean. We can also avoid confusing currency regulation with that of securities regulation.

The architecture of Fabric includes several characteristics that are highly-desirable for financial transactions: modularity, performance, scalability, and security. It also helps that many financial institutions have adopted Fabric and over 400 applications are in development on it. All this is certainly a confidence-booster.

In a series of posts, I’ll cover the various aspects of Fabric, the philosophy behind the KoreToken protocol, and how KoreChain’s business functionality fits into this solid foundation.

KoreSummit is honored to have Mr. David Weild IV as its keynote speaker

Posted on by Oscar Jofre Tags: , , , , , ,

The first KoreSummit event just got even more interesting. We are thrilled to announce Mr. David Weild IV, the father of the JOBS Act, as our keynote speaker. Weild is currently CEO and Chairman of Weild & Co.

He also gathers the expertise of the most competitive stock markets, as he was a former Vice Chairman and executive committee member of NASDAQ, and spent years running Wall Street investment banking and equity capital markets businesses.

Weild will speak at 1 p.m. at the KoreSummit New York. This is an invite-only event. Seats are limited, but you can still apply to attend here: https://koresummit.io/apply/

KoreSummit – an opportunity to learn about what is a fully compliant Security Token

Posted on by Oscar Jofre Tags: , , , , , ,

Security Token – and all the technology and buzzwords that go with it – is not an easy topic. Search these terms online, and you can get lost in a labyrinth of links, manuals and definitive guides. Above all, you will find many experts that will guarantee this is the next big thing and they know all about it.

The complexity surrounding the security tokens is second only to the importance it carries in the financial world. It can indeed be the next big thing. If companies get the foundation and development of security tokens right, this has the potential to bring down the market as we know today.

Which only adds more pressure to get to the right information. Take, for instance, the thousands of ICO that emerged with the blockchain phenomena. Thousand of investors thought they were well informed and ended up victims of scams.

If you want to invest in the blockchain, by buying security tokens or offering it through your own company, you better listen to experts. That is why events such as the KoreSummit, in which renowned professionals share their insights with the public, are so important.

No wonder this is an invite-only event. This is exclusive information that you may not get elsewhere. All aspects around the new KoreToken protocol, including the KoreChain, Hyperledger Fabric, and Security Tokens will be discussed with the public.

Usually, you would pay a significant fee to access this type of information. But the KoreSummit is for free, in the same spirit of the KoreConX platform.

You can apply for the event here, and our team will review your application.

Hope we can meet there.

Top Questions a Securities Lawyer will Ask an STO Issuer (in USA or Canada)

Posted on by Oscar Jofre Tags: , , , , , , ,

Security Token Offering is a serious business. The days of the ICO are over. These are clear messages not only from the SEC and other regulatory bodies but also from thoughtful and experienced professionals. The SEC, in particular, is delivering this message mainly through regulatory actions and the position of SEC Chairman Jay Clayton. Most recently, a federal judge ruled that the U.S. securities laws may cover ICOs, giving the Feds a much-needed victory in their battle against fraud and money laundering.

Regardless of the nuances and the debate, what should be clear to issuers who have legitimate businesses or startup plans is that investors, as well as issuers, require protection. If anything, legitimate issuers should welcome such scrutiny and regulation which ensures the market is kept free of bad actors and questionable affiliations.

However, companies considering a security token offering need to be prepared to respond to questions that their securities lawyers will ask. To this end, we reached out to top lawyers to learn which information is crucial to them when a client reaches out for advice on their Security Token.

The professionals that contributed to this list are Sara Hanks (CrowdCheck Law, LLP – USA); Ross McKee (Blake, Cassels & Graydon, LLP – Canada), Lewis Cohen (DLX Law, LLP – USA); Rajeev Dewan and Kosta Kostic (McMillan, LLP – Canada); Alessandro Lerra (Lerro & Partners – Italy), and Alan Goodman (Goodmans, LLP – Canada).

Below is the list of items on which lawyers and other advisors will be focusing. There is no particular order, but you should be ready when contacting your securities lawyer or advisors to make sure you are prepared. This list is subject to change as the market develops.

  1. What jurisdiction is your company incorporated in and in what jurisdictions is your company doing or will do business?
  2. In which countries are you planning to offer your security token?
  3. Is the company already a public reporting issuer anywhere or are any of its other classes of securities already listed on an exchange?
  4. Will you be conducting a Direct Offering or a Broker-Dealer Offering?
    1. If a Direct Offering, how will you manage all of the regulatory requirements (including “Know Your Client” requirements)
    2. If you aren’t using a Broker-Dealer and you are selling to retail investors, how will you comply with the requirements of states that require you to register yourself as an issuer-dealer?
  5. Will this be for accredited investors only or will it also be made available to non-accredited investors?
  6. How do you plan to confirm or verify accredited investor status?
  7. How do you plan to confirm or verify investors are not on prescribed lists?
  8. Do you have a method to establish the suitability of the investment for an investor?
  9. What securities law exemptions do you intend to rely on for each jurisdiction you want to sell your security token?
  10. What documentation or certification will investors be required to sign?
  11. What is your investor record-keeping system and how do you plan to handle regulatory reporting of the distribution of securities tokens?
  12. What are the tax implications of the sale of the token for both the issuer and the investor?
  13. If ongoing tax reporting (e.g., FATCA) is required, how will that be handled?
  14. Which blockchain is the token going to be created on?
  15. Does the client understand the differences between public blockchains and closed or permission blockchains?
  16. Does the platform already exist?
  17. Do you know which Security Token Protocol you would like to use?
  18. Does the Security Token Protocol manage the lifecycle, custodianship requirements, and corporate actions of the security token?
  19. Does the Security Token Protocol have the capabilities to be managed by a regulated Transfer Agent?
  20. Has the smart contract code for the token been audited by a code audit firm?
  21. What level of assurance does the code audit firm give in terms of their work?
  22. Is the Security Token Protocol implemented on robust, highly-secure, and enterprise-class technology platform?
  23. Does the blockchain for the STO prevent cryptocurrency fraud, unauthorized mining, and forking?
  24. Does the blockchain for the STO provide guaranteed legal finality for securities transactions?
  25. Does the blockchain for the STO provide for recourse with forking or technical intervention in case of errors, losses, or fraud?
  26. Is there a utility element in the token?
  27. Is the security token coupled with a cryptocurrency?
  28. Does the blockchain have a well-defined and published governance model, and are you confident that the governance processes and governing entities are credible?
  29. Does the blockchain have adoption and recognition from financial institutions?
  30. Will the tokens be immediately delivered to the purchasers?
  31. What is the stated purpose of the offering and what is the business of the issuer?
  32. Is the number of tokens fixed or unlimited? Is there a release schedule for future tokens?
  33. How many tokens, if any, are being retained by management?
  34. Will the tokens have a fixed value?
  35. How many security token holders do you expect?
  36. Are you aware of the requirements for a Transfer Agent?
  37. What are the rights of security token holders?
    1.  Voting?
    2. Dividends?
    3. Share of revenue/profits?
    4. Wind up the business?Will the purchasers be seeking a return on their investment or are they buying the token for other purposes?
  38. Will the purchasers be seeking a return on their investment or are they buying the token for other purposes?
  39. What is the exit strategy for the company?
  40. Does your company currently have a Shareholders Agreement?
  41. Does the company have a board of directors?
  42. Do you have financial auditors?
  43. Do you intend to list the tokens on any secondary markets and are those markets in compliance with regulatory requirements that apply to securities exchanges?
  44. Following issuance of the tokens, are any lock-up periods required or advisable with respect to the token?
  45. Are there any requirements that the tokens may only be traded with persons in (or outside) certain jurisdictions?
  46. Once any lock-up period has concluded, where will the tokens be able to trade?
  47. How will any applicable resale restrictions be implemented and complied with? How will subsequent sellers and purchasers of tokens be made aware of these resale restrictions?
  48. How are any requirements for the tokens to trade on a given market or alternative trading system being handled?
  49. Does the company intend to provide ongoing reporting to investors and if so, how will that be handled?
  50. Will the blockchain be used to facilitate any additional levels of transparency?
  51. What social media platforms are you using?
    1. Telegram
    2. Twitter
    3. Facebook
    4. Medium
    5. LinkedIn
  52. Do you know what limitations on communication or other requirements (such as legending or delivery of an offering document) apply to social media communications?
  53. Are you planning set up a “bounty” or similar program that offers free tokens?
  54. Will you be using airdrops?
    1. How are recipients selected and what do recipients need to do in order to receive airdrops?
    2. Have you made sure the airdrops comply with applicable securities law?
  55. Do you have a white paper?
    1. Has the whitepaper been released?
    2. Does the whitepaper include a clear business plan?
    3. What statements, representations, or comments have been made by management in the whitepaper, any other publication, or orally, about the future value or investment merits of tokens?
    4. Should the whitepaper be characterized as an offering memorandum and if so, does it have the prescribed disclosures and notices?

We hope this can assist you in preparing for your security token offering (STO). Obviously, for those who have already raised their money, tokenizing their securities will require some of the same questions.

Life of a Company

Posted on by Oscar Jofre Tags: , , , , , , , , , , ,

I know, the title is odd. But the goal is to show how a company is formed and what is required for it  to be maintained. What most of the public sees is only related to sales or marketing, never the insides of the corporate structure or management.

The first step each of us make is to incorporate our organization, and we are provided with the company’s papers, also known as theMinute Book”.

The Minute Book
For entrepreneurs, board directors, management, lawyers, auditors, shareholders, and broker dealers, the Minute Book is a lifeline. It is the historical log of all the key decisions and corporate actions made in the company.  Now, some of you will go to your lawyer and get a Minute Book binder, and some will go online and construct your binder.

One very important thing about your company’s Minute Book is that there is only ONE original and you must protect it. At the same time, you are required to provide access to your lawyers, auditors, board directors, shareholders, and anyone who is doing due diligence on your company.

What do you get in your Minute Book:

        • Certificate of incorporation – this provides a unique number to your company
        • The official date of incorporation in your jurisdiction
        • Bylaws: the rules you must follow in operating your company, such as
          • Number of directors
          • How many shares you can issue and class of shares
          • How to conduct board meetings
          • How to conduct shareholders meetings
          • Quorum for board and shareholders meetings

     

  • The Minute Book also has many other tabs for you to insert the ongoing corporate actions in the company.
  • The Minute Book is a living document and it requires that you update it as you are conducting your corporate actions. Those actions need to be recorded in your Minute Book and properly documented, so in the future when you are going through due diligence—for financing, acquisitions, going public, or opening a bank account—this information will be ready so you can move forward.Here is a list of some of the corporate actions your Minute Book needs to have. Some of these corporate actions will be in different sections of your Minute Book depending on how many documents are created.
          • Appointing director
          • Appointing officers
          • Notice of Shareholders Meeting
          • Opening a commercial bank account
          • Appointing auditors
          • Granting options
          • Accepting new shareholders
          • Accepting a loan, debenture, SAFE
          • Name change
          • Merger
          • Acquisition


      For each of these corporate actions, you will need directors’ resolution and/or shareholders’ resolutions and, in some cases, agreements, government filings, and regulatory filings. All of these documents will need to be stored in different sections within the Minute Book.

      This is important to know because as your company grows, more and more of these documents start to add up and the historical tracking becomes even more challenging to maintain.

      If your records are not up to date or properly recorded you will spend thousands and thousands of dollars to get those completed so that you can proceed with a transaction such as raising capital, loan, merger, acquisition, going public, etc.

      Along with managing all the corporate documents, you are also required to manage, report, and track all your shareholders on a timely basis. Depending on which exemption you used, the company would be required to provide quarterly,semi-annual, or annual reporting to your shareholders.

      I know all this might seems overwhelming. Welcome to being an entrepreneur! There are no shortcuts, but there is a way to do it so you are not burdened by all this and end up spending thousands of your hard earn money to fix issues when they emerge.

      As a fellow entrepreneur, I felt this pain. Having all these documents and no central place that everyone (board directors, shareholders, lawyers, auditors, regulators, etc.) could access 24/7, created further strain on my time.

      For a long time, I found apps that did only one thing but were not able to do all that I needed to meet my fiduciary obligations as an officer and director of my company.  It was very frustrating, but finally, in 2015 we launched the world’s first all-in-one platform—yes, an all-in-one platform—that takes care of everything I described above and so much more.

      Once you have a secure and centralized platform to bring your stakeholders, you have the assurance to meet your obligations and focus on growing the business rather than managing paper.

      No more duplicating your efforts – only do it once and KoreConX takes care of the rest.

      As you grow, the platform provides even further enhancement, so if you are a one person company or a company with 500,000 shareholders or more, KoreConX is your all-in-one platform.

KoreChain – Interactive Item – Compliance

Posted on by Kore

Functional Layer – Compliance

Allows broker dealers to manage their due diligence requirements from issuers including full transparency on the entire application, review and listing (if subscribed to KoreConX Capital Markets), and includes reporting. Perform all your know your client (KYC), anti-money laundering, ID verification, suitability through our Compliance feature and even track online payments. Client reporting functionality (monthly, quarterly, annual) is also built in. Keep your broker dealer audit ready and organized at all times.

For issuers, manage compliance with regulatory reporting, while maintaining good governance and transparency.

KoreChain – Interactive Item – Capital Markets

Posted on by Kore

Functional Layer – Capital Markets

Simplify compliance for all parties involved in the capital raising process. KoreConX Capital Markets helps broker dealers manage all the regulatory requirements for know your product (KYP) related to issuers and for each investor ID verification, suitability, anti-money laundering (AML), know your client (KYC) , and investor accreditation.

Join the all-in-one platform empowering private capital markets.

Free forever, Kore makes it easy for participants in private capital markets to manage their investment portfolios, raise capital, and meet global compliance standards along every step of the way.

Sign up, it's free! Book a call