The False Dichotomy

As mercurial and arcane as regulation can often be, one can metaphorically infer an elegant narrative loop of the corrupt and their prosecutors seeking justice. Regulations are the toolkit of the lawbringer. But like all tools, they might be crude, old or simply misused.

Cryptocurrencies have not changed the human condition or the narrative loop. There will always be scams, bad actors and terrible outcomes despite the best of intentions. While cryptocurrencies can remove human judgement, they cannot remove human behavior.

A cryptocurrency designer has to take a position on what toolkit he will offer the regulator to correct bad events. The unique challenge cryptocurrencies face is that they are a product of regulatory and monetary failure28.

Culturally, many in cryptocurrencies consider government action to be corrupt, inept or ineffective. Therefore, they have little respect, patience or desire to endorse a special backdoor for a regulator or lawman to right wrongs. This act would be anathema to the entire purpose of cryptocurrencies.

On the other hand, counting exchange failures and historic events, more than 10 percent of Bitcoin has been lost or stolen since the protocol started on January 3rd, 2009. As of June 30th, 2017, the value lost or stolen comes to a little over $4 billion. And this figure does not account for Bitcoin and other tokens lost to scams and poorly formed ICOs.

Then there is the issue of privacy. On a macro scale, value flows through specialized channels that are regulated, rich in metadata and actively monitored by law enforcement, governments and international regulators. It is a well understood game with leakage occurring only on the cash side of affairs, which has been gradually diminishing as the world moves to digital money29.

The paradigm if cryptocurrencies did not exist would seem to be a world that increasingly treats financial privacy like social media content. There is none and one cannot opt out. Hence we have a dilemma yielding an apparent dichotomy.

A cryptocurrency designer can surrender principles and yield to whatever demands their local jurisdiction places upon their code, thereby compromising the privacy and integrity of their users. Or he can adopt a more principled, but anarchistic, philosophy that divorces itself from current best practices and laws.

For Cardano, we feel this narrative is a false dichotomy brought on by a lack of imagination. The reality is that most users are not concerned about rules existing for markets. They are usually concerned about sudden changes in the rules to benefit one or more actors. They are worried about a lack of transparency over who gets special privileges.

We need to distinguish between individual and market rights. Given that cryptocurrencies have a global reach, rights needs to be as user oriented as possible.

Privacy should be reasonable and at the user’s control, not a gatekeeper. The flow of value should be unrestricted. Value should not be subject to sudden forfeiture without consent.

From a market perspective, the marketplace needs to be transparent about the use of data, how funds will be handled within and everyone needs to play by the same set of rules. Furthermore, once the user has consented, then they cannot suddenly change their mind due to inconvenience. Counterparties need certainty as well.

But how exactly does one move from the abstract to an actual system? What should something practical and legal look like? We have broken our solution into three categories: metadata, authentication and compliance as well as marketplace DAOs.


The act of something can often be less interesting than the metadata surrounding it. For example, driving from Denver to Boulder is an act. Driving from Denver to Boulder in a Ferrari 488 at an average of 120 MPH is metadata. Certainly this infers a different experience than in a Toyota Prius at an average of 30 MPH.

Financial transactions are no different. The context surrounding them is extraordinarily important to economists, tax authorities, law enforcement, businesses and other entities. Sadly in our current fiat based system, most consumers never see how rich in metadata their transactions are or who they are shared with30.

For Cardano, we acknowledge that users could need or are legally required to share transactional metadata with certain actors like tax authorities. But we believe this sharing has to be at the user’s consent.

We also believe that blockchain systems have tremendous power to eliminate fraud, waste and abuse by providing auditability, timestamping and immutability. Thus some metadata should be posted to the Cardano blockchain.

The hard part is finding a correct balance that does not condemn our blockchain to substantial bloat. Given this concern, we have chosen a pragmatic approach.

First, Daedalus will support over the next 12 months a large array of features to label transactions and financial activity. These metadata can be exported and shared on demand with whoever the user deems necessary. Furthermore, the data can be operated on by three party applications for domain specific purposes (for example, tax accounting).

Second, we are exploring adding support for special addresses that can include hashes and encrypted fields. This structure would permit a user to post metadata on our blockchain without publicly revealing it. But if she wants to share the data, it would carry all the auditability, immutability and timestamp surety that a transaction enjoys.

We have already deployed an address structure that contains an attribute field. It is currently being used to store an encrypted copy of HD wallet trees structure for fast wallet recovery (see HD Wallet documentation). Later versions will generalize this construction.

Authentication and Compliance

Closely connected to transactions are the topics of the right to make transactions and the ownership of funds. For example, while there might be sufficient funds to buy something (for example alcohol), there could be restrictions on its purchase (age requirements).

Ownership and origin of funds are typically providence of know your customer regulations. When a money service business like a bank or exchange opens an account for a new customer, it is usually required to collect basic facts about the customer and where he acquired his funds from.

The technological challenge is that in the process of submitting this legally required information, the user sending it has no guarantee how it will be used, stored and if it will ever be destroyed. Compliance information is commercially valuable. It could be stolen for identity theft or resold where regulations permit.

For Cardano, we want to innovate as much as possible. On the software side of protocols, there is little to provide a guarantee that the receiver of compliance information will behave within a scope of conduct. However, on the hardware side of protocols, using trusted hardware, one can leverage Intel SGX and other HSMs to enforce certain policies.

Thus we are exploring using Sealed Glass Proofs alongside a sharing policy to permit the safe transmission of compliance information to a verifier who in turn is forced to comply with the policies it was transmitted under. We believe that both uniform standards could emerge and also that this method will reduce risk to verifiers by preventing the loss of customer data from hackers.

As a corollary to this effort, the layered model we propose for Cardano separating value from computation also can benefit from this approach. If the computation layer is run by regulated entities (say exchanges or casinos), then they would need to conduct compliance checks and potentially enforce tax policy on users.

Using SGPs, the user can send funds alongside personally identifiable information without concern that it will leak into the broader internet or be preserved by the consensus nodes of the computation layer. Furthermore, the computation layer would gain certainty that all users transacting are authenticated and legitimate.

This paradigm also allows for customer portability between regulated entities. Exchanges could transfer balances and accounts for customers instantly through these safe channels and also — where policies permit — share data with regulators.

We expect our first beta test of this technology to be conducted in mid-2018 with an aim towards Cardano integration in late-2018 to early 2019 pending research results. This timeline also assumes the ability to collaborate with ARM and Intel in order to get code signed to run on their hardware31.

Marketplace DAOs

The two previous sections covered the generation and movement of information assuming the existence of some external system. To ensure legacy interoperability, these features will always be necessary, but they do not address blockchain based regulation.

Smart contracts enable a completely new kind of commercial system where relationships are deterministic, self-enforcing and free of ambiguity. They can in turn be used to create rules for marketplaces including arbitrarily complex structures such as arbitration, event driven refunds, and revelation of facts given special conditions.

We call these smart contract enforced structures Marketplace DAOs. They do not require special protocol support nor mutability to be embedded in the ledger. In fact, they can be totally constructed using a collection of interdependent smart contracts.

The architectural concept is to design a collection of commercial templates inspired from contract law and business best practices. These templates can be wired into a developer’s smart contract to enforce specific standards upon the marketplace.

For example, say a developer wants to issue an ERC20 token on CCL to conduct a crowdsale. A Marketplace DAO could be established specifically for crowdsales and its terms and conditions parameterized or even enforced by volunteer or legal standards. Things such as refunds, reallocation of funds or freezing of payment could be inherited in the developer’s ERC20 contract.

This effort allows us to have a macro discussion about how a marketplace should be controlled in order to ensure consumer protection. Second, we can discuss how to model transactions in a way to automatically ensure legal protection and rights within specific jurisdictions, such as New Hampshire.

Working with the Cardano Foundation, IOHK and other entities, the Cardano project will create a reference library of Marketplace DAOs for smart contract developers to use. Our hope is that insurance and regulatory markets can form around these DAOs and that they will be self-evolving based upon outcomes.


28: In fact Satoshi embedded in the Bitcoin Genesis Block the following headline taken from The Times: The Times 03/Jan/2009 Chancellor on brink of second bailout for banks.

29: The reader should consider picking up a copy of David Wolman’s The End of Money. It covers the international movement towards cash disappearing.

30: On a more macro scale, author Juan Zarate writes about how this data is used by the US Treasury Department in the war on terrorism in Treasury’s War. It provides a comprehensive view into how the current structure of global financial markets can be used for geopolitical ends.

31: See Intel SGX Commercial License Policy.