Get your tickets to the 2024 Coin Center Annual Dinner 

Coin Center analysis of SEC cryptocurrency guidance

We break down what it means for decentralized networks and their developers.

The Securities and Exchange Commission today released much-anticipated staff guidance “analyzing whether a digital asset is offered and sold as an investment contract, and, therefore, is a security.” What’s new here are not the conclusions necessarily, but that it is being said more clearly than ever. This guidance not only confirms that cryptocurrencies like Bitcoin and Ethereum are not securities, it also goes a long way in helping entrepreneurs and technologists who have done the right thing know that they have done the right thing, and it should help those who want to build new networks know how the securities laws will be applied.

Bottom line: It is possible to fundraise by selling tokens in compliance with the securities laws and then have those tokens be clearly not securities when the promoter is no longer essential to the continued viability of the project. Here is our analysis of the guidance.

Investments and Airdrops

The guidance takes as given the first two prongs of the Howey test (investment of money in a common enterprise) and focuses almost exclusively on whether investors have a “reasonable expectation of profits derived from the efforts of others.”

This focus on the later part of Howey echoes what Coin Center has said for some time now. In any initial token sale there will almost certainly be an investment of money and a common enterprise. The facts of an initial token sale speak for themselves: someone is buying something with money or some equivalent value (an investor) and someone is selling it (a common enterprise). Airdrops complicate this, but in a footnote the guidance states: “the lack of monetary consideration for digital assets, such as those distributed via a so-called ‘air drop,’ does not mean that the investment of money prong is not satisfied; therefore, an airdrop may constitute a sale or distribution of securities.”

Note, however, that they said “lack of monetary consideration” (emphasis added). The Howey test is an investment contract analysis after all, and (as long established in common law) if there is truly no consideration (monetary or otherwise) then there is no contract. So if the recipient of an airdrop truly did not offer anything of value to the airdropper, the investment of money prong might not be satisfied.

Objective, Not Subjective

Moving to the latter part of Howey, the guidance begins by clearly stating that the inquiry “is an objective one, focused on the transaction itself and the manner in which the digital asset is offered and sold.”

In other words, the inquiry does not need to uncover and account for the actual subjective notions held by investors. Some people buying a token might want it because they think it will go up in value, others might want to use it, and yet others might simply be irrational. Some people might misunderstand the nature of a token-seller’s involvement, others may better understand how these networks work and why the assets they describe have value. The goal of the analysis in Howey is not to empirically determine precisely what people actually were thinking when they decided to make a purchase; it is, instead, to determine what a hypothetical “reasonable person” would assume given the objective facts of the sale and the statements of the seller.

Now that we know we are looking for objective factors, the guidance proceeds to list factors under two subheadings: “efforts of others” factors and “expectation of profits” factors. We’ll look at some of each in turn.

Efforts of Others and Decentralization

On the efforts of others, the guidance clearly states the importance of running networks that actually provide the advertised functionality that purchasers seek. It explains:

Where the network or the digital asset is still in development and the network or digital asset is not fully functional at the time of the offer or sale, purchasers would reasonably expect an [Active Participant (AP)] to further develop the functionality of the network or digital asset (directly or indirectly). … This particularly would be the case where an AP promises further developmental efforts in order for the digital asset to attain or grow in value.

Moreover, if multiple unaffiliated persons compose that running network (i.e. it has a level of decentralization) all the better:

Essential tasks or responsibilities performed and expected to be performed by an AP, rather than an unaffiliated, dispersed community of network users (commonly known as a “decentralized” network).

Let’s look at an easy example: Bitcoin. When you buy a bitcoin today you are not promised any specific investment-related efforts from any specific third party. You assume that you can use your bitcoin as peer-to-peer electronic cash (you can make transactions on the network) and you may assume that if this particular medium of exchange ever really catches on that it will be more valuable in the future—just as a rise in the popularity of silver or gold (as currency or for any commercial purpose) would necessarily benefit holders of these commodities.

Who performs the essential task to allow you to use Bitcoin as electronic cash? A network of thousands of unaffiliated node operators and miners. Who would you be relying upon if you expected that future popularity and concomitant price increase? The market of individual buyers and sellers as a whole. As the guidance later specifies: “Price appreciation resulting solely from external market forces … impacting the supply and demand for an underlying asset generally is not considered ‘profit’ under the Howey test.”

But what about the developers of the code that powers that network? Even Bitcoin’s core software continues to need periodic updates and bug fixes, and even Bitcoin may benefit from the development of new features and architecture (e.g. more privacy or scalability). Are the folks providing these ongoing development efforts what the guidance calls active participants (APs) upon whose efforts buyers rely?

Again, the guidance lists several factors: does the purported active participant “play[] a lead or central role in deciding governance issues, code updates, or how third parties participate in the validation of transactions that occur with respect to the digital asset”; do they “retain[] a stake or interest in the digital asset”; do they “own[] or control[] ownership of intellectual property rights of the network or digital asset, directly or indirectly[?]”

These questions strike at the heart of what it means to run an open source software project that powers a network driven by an open consensus mechanism. If the source code for the network is proprietary, then the developers who own the intellectual property are, by default, essential to its continued development. They can stop anyone from participating in the network by enforcing their patent or copyright; they can even stop persons from developing offshoot derivative works because copyright generally confers monopoly rights to the fruits of derivative efforts as well. On the other hand, if the code is open source (as all major running cryptocurrencies are) then anyone can join the development efforts, development is transparent and can be publicly audited, and longstanding contributors (even if they have been critical to the development thus far) can step away from the project without jeopardizing the continued viability of that software (we could call this the Satoshi Test).

Similarly, if the network that the software powers uses a permissioned consensus mechanism, then the identifying authority who offers or denies permission to participate in consensus is central to the question of how third parties participate and how digital asset transactions are validated. If the consensus is open, then anyone who provides a valid proof-of-work or proof-of-stake can participate in keeping the blockchain and adding transactions to blocks, thus adding redundancy to the system such that no single party is critical to maintaining the network.

These clearly stated factors further establishes SEC policy that decentralized cryptocurrencies like Bitcoin and Ethereum are not securities. There is no doubt that these networks have important people who perform important functions to keep them running, but no one person is critical to their continued vitality because no one person can ever control an open source software development process (for both Bitcoin and Ether over a thousand people do) and no one person controls the blockchain (anyone who mines or stakes plays a role).

Transitions

What comes next in the guidance is a bit new. In SEC Division of Corporation Finance Director William Hinman’s speech of last summer, he described how assets initially sold in an investment contract might eventually be sold in non-securities transactions because the circumstances of the network and technology have changed. That speech didn’t get very specific about what to look for in those transitions, and we get a bit more in this guidance:

In evaluating whether a digital asset previously sold as a security should be reevaluated at the time of later offers or sales, there would be additional considerations as they relate to the ‘efforts of others,’ including but not limited to:

  • Whether or not the efforts of an AP, including any successor AP, continue to be important to the value of an investment in the digital asset.
  • Whether the network on which the digital asset is to function operates in such a manner that purchasers would no longer reasonably expect an AP to carry out essential managerial or entrepreneurial efforts.
  • Whether the efforts of an AP are no longer affecting the enterprise’s success.

Unfortunately, there’s not a lot of detail here, but I think we can look back at what was just described and identify these transition points. When do your efforts as a software developer cease to be important to the value of an investment? When you open source your code and a community of other developers appears who is sufficient to take up the slack if you chose to depart from the effort. When does a network operate in such a manner that purchasers no longer expect an AP to carry out essential managerial efforts? When the network is running, peer-to-peer on the internet and any person running the freely available software can take up the slack of validating transactions and adding blocks to the chain. Even more fundamentally, when the “list” of who owns or is owed which tokens ceases to be a proprietary database controlled by the initial token sellers and becomes, wholly and instead, a list of cryptographic addresses on a widely distributed blockchain the maintenance of which depends on unaffiliated node-operators rather than the initial network developers themselves.

One thing that’s worth noting about the language in the guidance, however, is that it is very broad. The final prong here merely asks whether the AP can still “affect” the enterprise’s success. Even a single gold miner can have a massive effect on the price of gold and yet gold is not a security. We could reconcile this, perhaps, by guessing that the “affect” the SEC is looking for is not a mere effect on the price but rather one on the existential prospects of the network or enterprise as a whole. A particularly brilliant Bitcoin developer might well affect the price when they propose new and improved software for the open source project, but no developer—no matter how brilliant or how nefarious—could single-handedly destroy the bitcoin network or make it into something entirely new. They work among others with whom they must publicly reach consensus (both over what code should be compatible with the network protocol and over what transactions should be valid on and included within the blockchain).

I can hear the crypto Twitter lawyers complaining now: This section on transitions didn’t include your analysis on open source development or the nuance of an effect on the price vs. an effect on the network’s viability, it only asked if the AP was “affecting” the enterprise or “important” to the value of the asset. Yes, but right at the start of the analysis, the guidance cites Glen Turner, in which the court identified that the efforts must be “the undeniably significant ones, those essential managerial efforts which affect the failure or success of the enterprise[.]” The turning point, where an asset originally sold as a security (perhaps in an exempt sale to accredited investors) ceases to be a security is not when developers have no effect or importance to their inventions; it is when they are no longer persons undeniably significant and essential to the failure or success of the network. We wish the SEC staff had been more explicit about this, if only to placate the hand-wringers and chicken-littles.

Expectation of Profits

The guidance then moves on to listing factors indicating an “expectation of profits.” Here we find why secondary markets have been, thus far, key to their analysis of token sales. While it’s true that nothing in the Howey test ever asks whether the asset is traded on secondary markets, the availability of those markets may induce a reasonable person to expect that a future sale would be easy and lucrative. The guidance asks whether the token is “transferable or traded on or through a secondary market or platform, or is expected to be in the future.” And, any indication from developers that it will be traded on markets in the future, would certainly go toward establishing an expectation of profits.

The guidance then asks whether the tokens are sold in “quantities indicative of investment intent instead of quantities indicative of a user of the network.” Director Hinman described this factor in his speech last summer as well. To me it is a less helpful indicator. Almost all of these tokens are intended to be currencies of a sort. Either general purpose currencies like Bitcoin or special purpose currencies for exchanging computer services on networks (e.g. Filecoin or Storj). Currencies can be mediums of exchange and—in that case—a “quantity indicative of a user” would be only so much as one would expect to transact in the short to medium term. One might ask, how much cash did you keep in your wallet back in the days before credit cards? That’s roughly the amount that a “user” rather than a “speculator” would have. But this misses entirely another fundamental quality of currencies; they can be stores of value. In that case, the amount is not what you expect to transact with over then next few days it is, potentially, an amount equivalent to some non-trivial percentage of you net worth. When rational economic actors contemplate the long term, even huge purchases of a commodity may be merely for use, rather than speculation. Take, for example, Southwest Airlines’ major fuel purchases to hedge against market risks, a strategy market observers have suggested helped the airline “avoid financial consequences caused by industry downturns.”

Other Factors

The guidance rounds out its analysis with several “other factors,” but these simply reinforce the analysis as we’ve thus far described it. Networks should be running rather than merely promised, and they should deliver some valuable function to users. It states:

The distributed ledger network and digital asset are fully developed and operational.

Holders of the digital asset are immediately able to use it for its intended functionality on the network, particularly where there are built-in incentives to encourage such use.

Potential purchasers have the ability to use the network and use (or have used) the digital asset for its intended functionality.

Digital assets with these types of use or consumption characteristics are less likely to be investment contracts

The note I find most interesting in this section is something that speaks to the true innovation at work in cryptocurrency networks:

An intent to consume the digital asset may also be more evident if the good or service underlying the digital asset can only be acquired, or more efficiently acquired, through the use of the digital asset on the network.

Despite what cynics may say, there are some services that only a public blockchain network can provide. Censorship resistance, user-sovereignty, privacy, and interoperability are incredibly valuable, and potentially revolutionary functionalities. They are difficult or impossible to achieve if essential to the operation of a service is a centralized party that can block, surveil, or lock-in users. These functions are, nonetheless, critical if we are going to have online payments, internet-of-things connected devices, or digital identity systems that protect the basic rights of users. Open blockchain networks can provide these functions but they only work if a valuable token provides incentives to the network to offer their computing resources. There are plenty of scam tokens out there, and the SEC is and should continue going after the scammers, but there are also real innovations in our space. As it happens, US securities laws are already well-calibrated to address the scams and centralized investment schemes while leaving the true innovations—technologies built to obviate reliance on third parties—to flourish relatively unfettered by unnecessary regulation.