Lawyers get specific on the "decentralization" of crypto projects

• That might be crucial to determining whether or not a project's token is a financial security.
• If it is a security, it becomes more trouble to work with than most startups would find worthwhile.

Zoom out: "The core innovation of decentralized cryptocurrencies is their capacity to mitigate risks through technology," The Cato Institute's Jack Solowey and Jennifer J. Schulp wrote in a paper put out Tuesday.

• Anyone who has been on the internet more than a decade has felt betrayed by a tech platform. When did it sink in that Facebook and Google know uncomfortable things about you, for example?
• Decentralization turns control of platforms over to users, but not in a rhetorical, hand-wavey way.

So crypto attorneys advise that it will only count with the Feds if that decentralization is genuine.

Jargon alert: The term of art (and boy is it controversial how serious to take this term, but...) is: "sufficiently decentralized."

• In June 2018, the director of the Securities and Exchange Commission (SEC's) division of corporate finance said that the top smart contract blockchain, Ethereum, was "sufficiently decentralized" not to be considered a security.
• Of note: The SEC is currently in a fight with Ripple, the company behind the XRP cryptocurrency, over how seriously to take that speech.
• Everyone else is taking it pretty seriously, since the closest thing the SEC has ever said to anything positive about how to get right with the law.

Island life: Later that year, Prof. Todd Henderson and Max Raskin put out a paper in the Columbia Business Law Review that attempted to define tests for determining whether or not an asset created specifically by a blockchain project counted as a security.

• On decentralization, they came up with the imagistic "Bahamas test." They wrote:

"If the sellers fled to the Bahamas or ceased to show up to work — like Satoshi Nakamoto — would the project still be capable of existing? If the answer is 'yes,' then the risk of fraud is sufficiently reduced such that the instrument is not a security."

Yes, but: It's not always quite that simple. Many projects start out pretty centralized and gradually decentralized (Uniswap's recent move is a case in point). For example: a team with an idea sells a token so they can afford to build out the idea.

• Even if they completely turn the project over to users the minute they finish their work, it's still completely centralized until they do.

• The Cato Institute paper mentioned earlier went line by line in U.S. law and suggested places where Congress could make amendments to make it feasible for a project to graduate its asset out of security status as it decentralizes.

What they're saying: "To incentivize the development of cryptocurrencies... that provide consumer protections focused on addressing actual risks, not preserving a regulatory status quo, the paper's authors write.

How, now? Everyone but the SEC seems to think it's urgent to get actual rules for this industry on the books (even the White House). Until then, startups have to make due with this rough maybe-guideline of "sufficient decentralization."

• To that end, dYdX's attorney Marc Boiron released a paper Tuesday, via Variant Fund, that gave token projects guidance on getting to full decentralization in all aspects of their business.
• "Most legal advice around securities laws focuses on decentralizing the web3 technology stack. But just as important is to decentralize the off-chain, day-to-day activities of community contributors," Boiron advises.
• In what follows, he breaks down the basic works of a typical crypto startups and offers suggestions around aiming consistently toward a decentralized operation.

The bottom line: This is all just guesswork until there are actual rules for blockchain enterprises, or, perhaps slightly more likely, a specific new law.