Introduction

Much has been written on the ability of blockchain technology to bring capital markets infrastructure into the 21st century. Indeed, blockchains can enable the various parties to a securities transaction (e.g., issuers, exchanges, investors) to share a common data layer, providing a transparent view of the market that eliminates the need to reconcile information between participants. A shared recordation system of this sort could largely eliminate the need for various intermediaries whose core functions involve manually tracking and transferring legal ownership. This could transform today’s default settlement timeline of T+2 (or longer in the private markets) to near-instantaneous, while also providing issuers with greater real-time visibility into the actual holders of their securities. And because all participants in a blockchain network must follow common protocols in order to participate, programs and applications written by disparate entities are often fully interoperable. Standardizing transaction components in this way allows certain key functionality (like distributing cash flows on securities) to be automated between participants. It may also enable entirely new transaction structures and forms of engagement between capital markets participants.

While these benefits are fairly well-understood, there is less agreement as to the particular type of blockchain that is best suited to deliver on this potential. For various reasons, public blockchains appear more likely to deliver long-term efficiency gains to securities markets than their private or “permissioned” alternatives. In the same way (and for the same reasons) that private company intranets quickly fell behind the public Internet in the mid-1990s, the open nature of public blockchains is likely to foster the growth of a robust ecosystem of interoperable applications, products and services that cannot be matched by any particular private blockchain. And while private blockchains (like intranets) may initially appeal to legacy institutions concerned with scalability or data privacy, these concerns are likely to fade as public blockchain developers create similarly effective mechanisms to boost transaction throughput and protect sensitive information. This post will highlight the key differences between public and private blockchains to help explain why an optimized capital markets infrastructure is more likely to emerge on a public blockchain network.

Public Blockchains

Blockchains are systems that allow independent entities to reach consensus over the state of a shared data set in the absence of a central administrator. The archetypal blockchain structure involves grouping data (such as transactions) into blocks and then chaining those blocks together using a cryptographic hash function. In public blockchains, the two primary functions on the network — proposing and validating new transactions — can be performed by any valid participant that runs a node connected to the system. While this facilitates an open and fair recording system, it can pose a problem if two different validator nodes receive transactions in a different chronological order. For example, imagine that A attempts to send the same token to B and C at the same time (so as to double spend the asset), and the A to B transfer reaches Node 1 first, but the A to C transfer reaches Node 2 first. Absent any mechanism to declare one version valid and the other invalid, the two nodes would each report their conflicting versions to the network, and the ledger would not tie out.

To overcome this issue, public blockchains use a consensus mechanism in which validator nodes must perform some resource-intensive exercise, with the “winner” of that exercise earning the right to report its version of the truth to the network. After the winner has been confirmed, all of the other nodes will run certain threshold checks (e.g., ensuring that each sender in that batch of transactions has sufficient tokens/value stored at its address to complete the transfer), but will otherwise abide by the ordering of transactions proposed by the node that “won” the exercise. Finally, to incentivize validator nodes to perform this function, public blockchains reward the node that adds the newest block with a native asset that (in theory) should increase in value as the network continues to grow.

Private Blockchains

While private blockchains begin from a similar premise — that multiple parties would benefit from a shared data structure — they rely on a more centralized approach to maintain the system. Private blockchains generally impose restrictions such that only certain designated entities have permission to propose, validate or even view transactions on the network. These permissions are set by a defined administrator group that controls who can join the network and what data network participants can see or update. Since the validator nodes have been pre-selected (and have agreed to serve their role within the system), there is no need for a native asset to incentivize them to act in good faith. In this way, private blockchains more closely resemble traditional distributed databases, which allow multiple databases (including across entities) to share a common data set. The primary difference between private blockchains and distributed databases is that, in the former, no single entity maintains full control over the state of the ledger.

The Power of Open Networks

Blockchain technology appears primed to follow a trajectory similar to that of other recent developments in computing, including cloud and, most of all, the Internet. In both cases, legacy institutions (particularly in highly-regulated industries) were initially unwilling to rely on open systems to store sensitive information and engage in commerce. For a period of time in the late 1980’s and early 90’s, for example, many large institutions developed and used private intranet solutions that allowed their respective company computers to connect with one another while remaining walled-off from the broader public web. Indeed, during this period telecommunications providers like Sprint and MCI built private networks for many large institutions to enable secure communication and information sharing between company computers. This decision made sense, to some degree, as the public web was at that time a mostly niche ecosystem with limited real-world utility. The smattering of websites that did exist was frequented mostly by tech hobbyists intrigued by the potential of an open, global network of computers. While institutions were aware of the value of sharing information between computers, they largely did not see the need for an external connection to the public web, as the web was not thought to be a capable (or desirable) place to conduct real-world commerce. This conclusion emerged from a sentiment held widely at the time (including among sophisticated institutions like Microsoft) that mainstream consumers were neither capable of navigating the web, nor comfortable sharing sensitive information over it.¹

The launch of Netscape in 1994 (and, later, AOL and Yahoo) changed all of this. Netscape provided an intuitive interface (the web browser) that allowed mainstream users to easily access websites on the public web. AOL served as their portal online. And Yahoo provided a basic system to organize the growing array of content and applications on the public web. The development of these and other key infrastructure layers (such as Netscape’s Secure Sockets Layer (SSL), which improved Internet security of private information) quickly spurred an explosion of new websites facilitating online commerce. In short order, the public web transformed from a slow, niche ecosystem for hobbyists and illicit activity to the primary platform on which mainstream business was transacted. As innovation on the public web (including core security mechanisms) quickly exceeded that occurring within private intranets, legacy institutions were compelled to connect to the web, rendering intranets largely obsolete.

Blockchain technology seems poised to follow a similar trajectory, for many of the same reasons.

Interoperability

Interoperability refers to the ability of different applications and programs to exchange and make use of information. Whereas the Internet enabled the peer-to-peer transfer of information through a set of core protocols (e.g., TCP/IP, HTTP, SMTP), blockchains facilitate the peer-to-peer transfer of digital value. In the capital markets context, blockchains provide a shared recordation system similarly built around a set of common protocols and software standards that all parties must follow in order to participate. By establishing a common language, blockchains provide a standardized way to model business transactions and represent real-world assets, enabling certain key functions to be automated between participants. And because of their peer-to-peer design, blockchains can facilitate entirely new transaction types and forms of engagement between issuers, investors and other stakeholders in the capital markets. For example, Ethereum allows users to do things with digital assets like trade peer-to-peer (AirSwap), put on long/short derivative positions (dYdX), bundle assets into customizable packages resembling ETFs (Set Protocol), pledge assets to create collateralized stablecoins (MakerDAO), and pay interest in stablecoin (Dai).

Not only are none of these applications available for tokens issued on private blockchains today, the gap in utility is almost certain to expand over time. As the history of the Internet shows, the level of developer talent and resources focused on public networks far exceeds that which can be deployed by any particular private enterprise. As a result, innovation in new infrastructure and user applications on public blockchains will likely dwarf that which can be achieved on private blockchains in fairly short order.

Security

A core benefit of blockchains is their ability to record data in a tamper-resistant fashion between a group of participants who do not know or trust one another. By distributing the key function of validating transactions among the network, blockchains remove single points of failure and make it difficult for malicious actors to manipulate the transaction ledger. This functionality is achieved by definition on a well-distributed public blockchain. For example, analysts currently estimate that a successful attack of the Bitcoin ledger (the most popular public blockchain network) would cost in excess of $1 billion.² Private blockchains, on the other hand, are usually run by a much smaller, more centralized administrator group, which substantially reduces the costs for a would-be attacker, as there are far fewer validator nodes that must be overpowered in order to re-write the ledger. This is particularly true for private blockchain networks that struggle to gain a critical mass of adoption, which represents the vast majority of such projects to date.

As Moody’s rightly concluded in a recent industry report: “Private/centralised blockchains are more exposed to fraud risk because system design and administration remains concentrated with one or few parties. In addition, consensus mechanisms may not be in place or may be relatively weaker than in a public/ decentralised network”.³ As a result, participants on private blockchains must deploy additional resources to ensure that the network is safe from failure or malicious activity. And given the gap of developer talent noted previously, they must also spend additional resources to effectively rebuild the various capital markets primitives (e.g., custody solutions, stablecoins, compliance protocols) that already exist on public blockchains. As solutions around privacy and scalability continue to close the gap between public and private blockchains, these added costs will become decreasingly justifiable over time.

Regulatory Compliance

Privacy

A common argument against public blockchains is that participants (particularly those in highly-regulated industries) will face difficulty complying with certain applicable regulatory regimes. For example, institutions today are rightly sensitive concerning the handling of customer data, particularly following the implementation of the General Data Protection Regulation (GDPR) in the European Union, as well as a broader public backlash against perceived user privacy violations by companies around the world. GDPR, for example, imposes stringent requirements on how institutions process their customers’ personally-identifiable information, which is defined broadly under the framework to include basic data points like names and addresses, as well as more technical information like location data and IP addresses. Some commentators have gone so far as to argue that blockchain technology (which relies on open and immutable record-keeping systems) is fundamentally incompatible with GDPR, which guarantees users the right to have their personal data hidden or erased from record. As such, it is logical that institutions may initially be skeptical that public blockchains are capable of effecting customer transactions without exposing sensitive data.

Similar to the development of SSL, new mechanisms are being developed and applied today that will soon allow institutions to transact on public blockchains while still protecting sensitive customer data. For example, advanced cryptography using zero-knowledge proofs can allow parties with private data to prove a certain property without revealing any information about the underlying transaction to the public network. This technology (which is being developed and tested currently by companies like AZTEC) would allow confidential financial transactions to occur on a public blockchain without revealing any of the participants’ personal information. In addition, smart contracts on Ethereum can already enforce access-based controls to ensure that only specified parties can update certain data. These and other advances should allow institutions to transact on public blockchains without revealing any of their customers’ personally-identifiable information, making it very difficult to run afoul of even the most stringent privacy frameworks like GDPR.

Miners as Broker-Dealers

Beyond privacy, private blockchain advocates have also suggested that public blockchains raise fundamental questions regarding compliance with certain core securities law requirements, including KYC/AML obligations and broker-dealer registration. One such theory postulates that public blockchain miners may need to register as broker-dealers under the Securities Exchange Act of 1934 insofar as they are adding transactions in tokenized securities to the ledger, and, as such, are “engaged in the business of effecting transactions in securities for the account of others”. This argument is unconvincing for several reasons.

First, miners on multi-purpose public blockchains like Ethereum are tasked with validating transactions involving thousands of different types of tokens and other data inputs, the vast majority of which are not securities. Given that miners are therefore entirely agnostic as to the content they are validating (and, that most of that content does not involve securities), they cannot plausibly be deemed to be engaged “in the business” of brokering securities transactions. Second, despite receiving rewards for adding new transaction blocks, these rewards are not “transaction-based compensation” (a hallmark of broker activity), since they are paid according to a pre-set network algorithm, and occur regardless of whether the transactions involve securities or not. Even in the context where securities are being transacted, the reward is not typically proportional to the size of the transaction, as is often the case in broker compensation. Third, rather than serving as active transaction participants, miners simply follow the directives of the parties that sign the transaction, meaning they do not play an active role at “key points of the chain of distribution”, but rather serve a “ministerial” or record-keeping function (a key distinction in SEC jurisprudence). In this way, they more closely resemble something like the Depository Trust Company — that is, the infrastructure used to reflect changes in ownership, rather than a broker-dealer in its own right. And fourth, from a policy standpoint, imposing broker-dealer registration and compliance requirements on miners would effectively cripple public blockchains like Ethereum, stifling innovation and imposing significant harm in exchange for very little, if any, benefit. As such, it seems highly unlikely that public blockchain miners would trigger the SEC’s broker-dealer registration requirements.

KYC/AML

Similarly, institutions can safely satisfy other core compliance obligations like KYC/AML using basic solutions like investor whitelists that tie a person’s real-world identity to their on-chain wallet address. “KYC/AML” generally refers to the collection of federal law obligations designed to prevent financial institutions from being used to launder or enable the transfer of money tied to illegal activities. Some commentators have noted that, since anyone can participate in a public blockchain using a pseudonymous wallet address, it is operationally difficult or even impossible for financial institutions to facilitate transactions and still comply with these obligations. Despite the fact that public blockchains are indeed open to all, there already exist very straightforward mechanisms to ensure that institutions know the identity of every participant they interact within an on-chain securities transaction. For example, there are already dozens of platforms that help issuers onboard investors (using applicable KYC/AML and accreditation checks) to ensure compliance. As noted, by tying each investor’s real-world identity to an on-chain wallet address (and then coding that list of addresses directly into the token’s smart contract), institutions can restrict participation in their offerings to only those investors who have been properly vetted, ensuring they remain in compliance.

Scalability

Some commentators argue that private blockchains are better suited for capital markets activity due to the fact that they can generate higher transaction throughput than is currently possible on public blockchains. Indeed, both Bitcoin and Ethereum have encountered instances where high network usage led to increased fees and wait times for block propagation. Currently, both networks use proof of work as their consensus mechanism, under which new data can only be added to the network approximately every 10 minutes (in the case of Bitcoin) and 14 seconds (in the case of Ethereum). Private blockchains, on the other hand, can use more efficient consensus mechanisms due to the fact that all participants are known and trusted.

There is no doubt that scalability on public blockchains is a legitimate concern today. However, there is no single issue currently attracting more resources or mindshare from the developer community than boosting transaction throughput. Solutions are being developed at the protocol (or “Layer 1”) level such as sharding and delegated proof of stake that can eventually bring public blockchain throughput in line with permissioned alternatives. Sharding, for example, involves dividing the blockchain up into smaller pieces (or “shards”) that can be validated in parallel, so that every transaction does not need to be validated by every single node. Cosmos is a high-profile example that has launched recently on the premise that it can link together independent parallel blockchains (increasing interoperability) while also boosting transaction throughput using a new consensus mechanism, known as Tendermint.

Beyond the protocol level, there are various “Layer 2” solutions such as sidechains and state channels that can support off-chain transactions at a much higher frequency and only settle on-chain as necessary. Ultimately, like any other early-stage technology (including PCs in the 1980’s, the Internet in the 1990’s, cloud in the 2000’s), institutions should not assume that the current state of public blockchain performance represents peak-level output. As developers continue to iterate and build new solutions, scalability on public blockchains will almost certainly improve.

Conclusion

Similar to the development of the Internet, the scale of innovation and utility achieved on public blockchain networks is likely to exceed their permissioned alternatives, potentially by orders of magnitude. In the capital markets space, these innovations may increase automation and programmability in existing transaction paradigms, while also forging entirely new structures and ways for capital markets participants to engage with one another. While institutions are rightly concerned with issues like privacy, scalability and regulatory compliance today, the continued development of new solutions in the public ecosystem should continue to address these concerns over time. As this happens, public blockchains are likely to emerge as the preferred platform on which a new generation of financial infrastructure is built.

Note: The information contained in this blog post is solely for information purposes and does not constitute legal advice. You should always consult your own financial, legal, tax or other advisers before participating in any securities transactions.

¹ McCullough, B. (2018). How the Internet Happened: from Netscape to the iPhone. New York: Liveright Publishing Corporation.

² Mitchell Moos, Analysis: Bitcoin Costs $1.4 Billion to 51% Attack, Consumes as Much Electricity as Morocco, Crypto Slate, https://cryptoslate.com/analysis-bitcoin-costs-1-4-billion-to-51-attack-consumes-as-much-electricity-as-morocco/.

³ Moody’s Investor Service, Blockchain improves operational efficiency for securitisations, amid new risks, 11, April 25, 2019.