Can fish and bear's paws have both? Discussing the interoperability of digital securities agreements from a compliance perspective

Bitcoin has introduced blockchain technology into the real world for more than 10 years, during which time distributed ledger technology quickly expanded from digital currency and supply chain to identity management. However, most use cases have a similar structure that allows users to hold and transfer digital assets on a peer-to-peer basis. In short, we don't need a trusted central authority to manage the trading and tracking of digital assets right now.

The evolution of this technology led to the invention of the card, enabling digital assets on the blockchain to be held and transferred between individuals. The certificate can be divided into two categories: one for the original digital asset and the other for the underlying actual asset. Through this new model, only Ethereum has created hundreds of thousands of different certificates.

One of the most promising applications of the license is digital securities, which achieves finer-grained segmentation and point-to-point transfer of traditional non-liquid assets such as real estate and art through the “pass-certification” of assets. It has received close attention from global governments, financial institutions, capital institutions, and blockchain companies because it is expected to alleviate many of the pain points of the current capital market.

The “seesaw effect” between compliance and interoperability

Technically, although blockchain can make asset ownership transfer easier, digital securities are still subject to the same laws and regulations as traditional securities. Therefore, ensuring that digital securities comply with legal compliance is critical to asset certification , and this is also a barrier to the widespread adoption and application of digital securities .

Currently, many projects in the blockchain field have designed protocols to simplify and standardize the way digital securities are regulated, traded, and managed. For example, Ethereum has released standards to solve this problem, including Securitize's DS-Protocol, Harbor's R-Token, and Polymath's ST-20. However, without modifying the current design of these agreements, investors and exchanges will face significant challenges in trading digital securities, largely due to interoperability.

Interoperability is one of the most important qualities of digital securities , allowing applications and product ecosystems to integrate with each other to share software standards . In the field of digital securities, interoperability is essential for both exchanges and investors. The exchange hopes to authorize investors to buy any kind of digital securities, which means that there is no need to customize the integration of each digital security, but a simple and universal integration of all digital securities. As an investor, you want the login and trading process to be as simple and friction free as possible.

However, from the perspective of compliance, due to the different regulatory rules of digital securities products, the exchange can not universally integrate all digital securities , which causes some difficulties in the realization of interoperability. The emergence of this problem will create a "saw-effect" between interoperability and compliance. If one party is satisfied, the other party will be weakened to some extent.

Currently, if investors want to buy securities from multiple platforms, they must provide personal information again and again. This process is called “know your customer (KYC)”. The blockchain improves this process by storing information on the chain, which can then be referenced by all digital securities. Investors do not have to repeatedly provide the same personal information each time they purchase digital securities, but only need to provide supplements after the first registration or Update the information. However, this process is only possible if the interoperability between digital securities is designed into the standards of the control system.

The complexity of each protocol ecology determines the realization of interoperability

Ethereum's three major digital securities agreements were developed by Securitize, Harbor and Polymath, all based on the Ethereum ERC-20 standard, which was then extended to digital securities transactions to enhance compliance. This is done by querying the Regulator Contract at the time of each transaction. Although the naming of the agreements varies, the rationale for using the regulatory contracts in the three agreements is consistent, which prevents non-compliant transactions from occurring. The control contract is updated by the authorized chain service (such as an exchange or a pass issuer) to update the user's KYC and certification information.

Although the three protocols seem to have everything they need to standardize digital securities, what really determines interoperability is the way the protocol is programmed. But these protocols lack interoperability in two key areas, which will lead to a slow process of adoption and application of the model.

1. How does the authorized party update the user's chain information ?

Harbor said in the white paper that they are the only ones currently authorized to update information on the user chain. This centralized role means that the exchange does not update any data referenced by the regulator. As a result, they will not be able to approve new pass recipients, thereby preventing the pass from being easily traded outside of the Harbor platform.

Securitize has implemented a multi-party authorization system where investors can register their compliance information in multiple locations without having to go through Securitize. The data on the chain can be updated directly by the licensor and can be viewed through the certificate of Securitize. In addition, in order to prevent investors from providing information multiple times, Securitize has designed an API that allows the licensor to access investor information stored under the chain, so that they can easily determine if the investor meets the requirements or if more information is needed.

Polymath has developed a native digital certificate called POLY, which runs through the entire platform's task execution process, including the licensor to update the chain data. In order for individuals to conduct KYC, they must first purchase POLY, but since POLY is a pass that cannot be directly exchanged with French currency, individuals must use French currency to purchase another cryptocurrency, such as ETH, and then convert it to POLY. These passes can then be used to pay service fees to KYC service providers on Polymath's KYC market. If the KYC service provider approves the service, the individual will pay a POY to the KYC service provider to apply for the KYC service. This process is undoubtedly too complicated for the Polymath platform and investors.

2. How to store and access user information on the chain ?

From the white papers and smart contracts on GitHub, many of Harbor's certificates can share a common regulatory contract and user data sources, but this is unlikely to happen due to differences in regulation between different passes. Due to the lack of a circulating Harbor Pass on Ethereum, it is not possible to prove whether they will do so, or whether each pass will deploy its own regulatory contract.

The Securitize protocol is designed to enable regulatory contracts to query smart contracts that store user information, which allows each pass to have different supervisory coding rules, while still sharing a user data source in a smart contract, which means when a user After passing the Securitize KYC, their information will be stored so they can purchase future passes.

The Polymath white paper does not specify whether it has a source of compliance data stored on the chain that allows each regulator to interact with it, or whether it has its own local source of information. According to Polymath's contract example, it seems that each pass uses a local source of information that is not shared between different passes. Although there are certain benefits to doing so, there is a risk of data redundancy and inconsistency in this setup.

Core objects to improve interoperability: exchanges and investors

Interoperability between two major players is important in the issuance and trading of digital securities: exchanges and investors. Both parties want a better experience when interacting with different digital securities. However, if the agreement is used as it is, it will cause bad feelings for the exchange and users.

1. Exchange

It is easy for exchanges to integrate these protocols because they generally use the ERC-20 standard, which allows data to be transmitted, invoked, approved, and inspected through a unified interface, but if the exchange is to be compliant with each protocol at the compliance level. Integration is not that easy. Currently, trusted parties are not yet authorized in the Harbor agreement, they must direct users to the Harbor platform for KYC. In order to integrate with the Securitize protocol, the trusted parties must be authorized by Securitize to allow them to access KYC data through the chain API interface and update the information in the database on the storage chain.

Among the three agreements, the integration with Polymath's protocol is the most complex, and the trusted party must register as a "KYC Provider" on Polymath's KYC market and set up to receive the POLY Pass as a reward for providing KYC services. When providing KYC services to investors, the trusted party must ensure that each user information stored in the regulatory body is consistent with the data on the chain.

Protocols with different interfaces must not only integrate with trusted parties, but each protocol should also report errors to the exchange in different ways. When building an interface, it is important to be able to translate the errors that occur into what the user can understand. For example, when a user cannot purchase a pass, there may be multiple reasons, either because the holding period of the securities does not meet the requirements, or because the maximum number of holders is restricted. In order to be able to inform these users of these messages, the exchange must integrate with different methods in which each protocol reports an error.

2. Investors

Due to the different ways of signing investors in the agreement design, investors must provide personal information to the platform multiple times in different ways. For example, Harbor does not authorize any third-party platform, and Polymath requires investors to use POY for KYC. The inconvenience caused by the implementation of these compliance rules may make investors unwilling or unable to purchase digital securities.

By integrating these agreements, the exchange will reduce the inconvenience caused to investors by such agreements to a certain extent. For example, if an investor wants to purchase a Polymath Pass on an exchange, the exchange can be updated to simultaneously store Securitize's stored data. This shows that the investor's information is in the chain and can meet the needs of different platforms for sharing data. But if you don't make any changes to the current protocol design, the process of registering and buying digital securities is still daunting.

Today, digital securities are in the early stages of development and slow application, in part because of the complexity of regulatory compliance. Although some published protocols simplify the compliance of many of these rules and enable them to be executed in each transaction, there is still a long way to go to become a seamless process. All participants will still face significant challenges in registering and investing in digital securities before the industry has yet to perfectly address how investor information is stored and updated between the chain and the chain.