Security Token Academy encourages you to read our

Inside the Technical Foundations of the
Security Token Industry


Jor Law

Co-founder of Verify Investor, LLC

Jor is a pioneer in building out the ecosystem for digitizing and trading securities on the blockchain and other distributed ledger technologies. A corporate, finance, and securities attorney, he is most well-known for his expertise in alternative finance, including EB-5, venture capital, crowdfunding, and initial coin offerings (ICOs). He is a co-founder of VerifyInvestor.com, the dominant accredited investor verification service in the world and a founding shareholder of Homeier Law PC. He is an expert on attracting and verifying accredited investors. Within the crypto space, he's most passionate about securities regulations affecting tokens, identity for regulatory purposes vs privacy and anonymity, and cross-ledger or cross-chain technologies.

LinkedIn    |    Twitter    |    Company

VerifyInvestor.com is the leading resource for verification of accredited investor status as required by federal laws.



Lead Technical Developer for Zeppelin's Transaction Permission Layer

0age is the lead technical developer for Zeppelin's Transaction Permission Layer, a protocol for assigning metadata to Ethereum addresses that, among other use-cases, enables securities tokens to ensure regulatory compliance before performing token transfers. Specializing in smart contract and decentralized application development, 0age is the founding member of theCyber, a decentralized club on the Ethereum blockchain, and a contributor to Ethernaut, a popular educational site where players try to find smart contract vulnerabilities in a series of war-games.

Twitter    |    Medium    |    Company


Mason Borda

CEO, TokenSoft

Building on the blockchain since 2013 - Mason has built custom wallet infrastructure from the ground up, and helped scale BitGo’s multi-signature wallet platform up to $1 Billion in transactions per month. In 2016 he launched the world’s first multi-signature web wallet on the Ethereum platform, Ether.li. While at BitGo he architected and prototyped the cold storage infrastructure for the blockchain launched by the Royal Mint of England.

LinkedIn    |    Twitter    |    Medium    |    Company

Tokensoft is a technology platform that enables small businesses, enterprises, and institutions to meet compliance requirements for blockchain-based securities at issuance, distribution and exchange. The TokenSoft platform enables its clients to meet banking, securities and tax requirements in over 50 countries. Current and past clients include Hedera Hashgraph, The Tezos Foundation and Andra Capital.


Rachel Lam

Market Lead, Financial Services at Hedera Hashgraph


LinkedIn    |    Twitter    |    Company


Tomohiro Nakamura

Chief Technology Officer at AnyPay

Tomo started his career at Goldman Sachs, where he led the development of Settlement and Clearance systems for stocks and bonds. He, then, joined Playfish/Electronic Arts as one of the first engineers in Japan, before co-founding a Japanese startup Wekids. He now serves as AnyPay's CTO, overseeing the development of its digital payments and blockchain-related services.

LinkedIn    |    Twitter    |    Medium    |    Company


Boris Reznikov

Director of Partnerships at Inter/stellar

Boris Reznikov is Director of Partnerships at Inter/stellar, where he runs the Asset Issuance business. In this capacity Boris seeks to usher in a new era of tokenized securities and to foster an ecosystem that is home to a diverse array of high quality assets.

LinkedIn    |    Twitter    |    Medium    |    Company



Jor Law:

Thank you everyone for joining us. We have a panel that I’m personally very passionate about, I know Aubrey has been passionate about it as well. You’ve heard the term that he’s used about core foundations and tech foundations.

This is an area I think I’d be passionate about, because as I play in the securities market you can’t really throw anything through until the infrastructure is built. As you’re building the infrastructure, you really have to think about; what I’m I building on, what are the core principles and what are the tech foundations that the infrastructure is being built on.

We’ve accumulated a really great panel here, I begged some of them to come and they did and I’m very happy about them. Let me introduce them, I guess I don’t have my notes in order so I will go down and say Alec also known as 0age is the lead technical developer for Zeppelin’s transaction permission layer TPL it’s very cool.

It’s a protocol for assigning metadata to Ethereum addresses that among other use cases enable security tokens to ensure regulatory compliance before performing token transfers. He’s also a contributor to Ethernaut, a popular educational site where players try to find smart contract vulnerabilities in a series of war games.

Next to him we have Mason, I’m a fan boy of Mason’s as everybody knows. He’s the CEO of TokenSoft. TokenSoft is a technology platform that enables; small businesses, enterprises and institutions to meet compliance requirements for blockchain based securities, issuance, distribution and exchange. He’s one of the principal authors of ERC-1404.

Mason that was kind of blank, he’s really good. He has so much knowledge in this space. He knows so much more than a lot of lawyers know, he has paid a lot of attention towards tech. He’s really a true expert, I begged him to come on this set.

Next to him we have Rachel. Rachel specializes in strategy and product. She’s the global lead for financial services at Hedera Hashgraph now, where she identifies maps and advocates for critical applications of distributed ledger technology across; banking, capital markets, loans, payments and remittance.

Prior to that she led regulatory strategy for Polymath, which is a blockchain startup tokenization technology platform and spearheaded their initiative to form an industry standard for tokenized securities, which eventually would have turned into the ERC-1400 movement.

Next to her is Tomo. Tomohiro is the CTO of AnyPay. AnyPay is a big deal in Japan. They’re based in Japan and Singapore and they’ve been offering ICO advisory service for about a year. If you ask people out in Japan, they usually think that they’re number one. After a while they started developing a couple of applications for issuing and investing on security tokens. Their system will offer tools for dividend distribution to investors following FTOs as well as investor relations and communications management tools.

Last but not least, sometimes they say last and not least, but definitely last. Boris is the director of partnerships at Interstellar. A company that commercializes projects on Stellar where he runs the asset issuance business. In this capacity Boris seeks to usher in a new era of tokenized securities and to foster an ecosystem that is home to a diverse array of high quality assets.

We’ve accumulated a quite a diverse spectrum of folks that can talk about multiple chains, multiple different technology layers on top of different chains and I’m really excited about this. I hope you enjoy.

One of the fundamental requirements of technology underlying security tokens is this concept of scalability. I’ve been doing most of my work in Ethereum and Boris has been spending a lot of time explaining to me why there are some limitations to Ethereum and one of them is their current state of scalability. Can you talk to us about scalability, why that’s important as a fundamental tech foundation of security tokens.

Boris Reznikov:

Yeah absolutely. Scalability has been at the top of mind for people in this space for several years now. What’s important to understand is that there’s an inherent trade-off between decentralization and performance as it relates to throughput and scalability.

As far as blockchains are concerned, it’s important to think about what is the blockchain optimized for? What’s it built for? I think Ethereum is a very powerful platform that can do many things that we’re not possible before, but it’s not necessarily optimized for throughput or transaction processing.

Other ones Stellar included were designed for that purpose, so they can push the scalability threshold a little further. Still if you’re talking about securities and high frequency trading, there’s no blockchain in the world that can process that kind of throughput.

To some extent that’s not a huge concern, because most trading occurs on centralized exchanges where the limitations of the actual blockchain don’t apply as much. Still you want to make sure that if there’s peer to peer trading going on or there’s a deposit or withdrawal you’re not encumbered by a blockchain that is full for example.

If there’s a dab that takes off where people are trading digital cats, you don’t want to be unable to withdraw or deposit funds into a securities exchange.

Jor Law:

Right, Rachel can you maybe add to that and maybe talk about proof of work, proof of stake et cetera and talk about scalability. You’re at Hashgraph and you guys have come up with the approach to address scalability.

Rachel Lam:

Sure. Along the lines of scalability for throughput, you also have scalability of resources that are required to reach consensus to power the network. Proof of work and proof of stake each have their own cost and benefit you know pros and cons.

Proof of work works well in the sense that you do commit a lot of resources in order to say this is the right response and this is what we have come up with. Because of that we have this issue that Bitcoin has really come to light. You can’t have a very scalable network if it’s not just focused on sole value. If you want to put businesses on it, if you want to power securities and capital markets on it that takes up more energy than Iceland.

Proof of stake is a useful tool to do this where you weigh the relevance of the nodes that are confirming consensus via their amount of skin in the game. That helps with scalability as well. I think Boris did a great job covering a lot of the other aspects.

Jor Law:

Cool. Let’s talk a little bit about reliable integrity. Mason maybe you can give us your thoughts about obviously those are core elements of a security infrastructure, they need to do reliable and have integrity. Maybe you could give us some idea of how the tech foundations on that are built.

Mason Borda:

Yeah, so I think one thing that I’m noticing is everyone is shifting from the old world of cryptocurrency to security tokens. There were a lot of lessons that we learned as we watched all these exchanges get hacked or these vaults get hacked and that comes down to the security.

We’ve built all these resilience up and now that we have a new way of tech being built, so it’s important to take those lessons and carry them into the next phase of the world of crypto and security tokens. There’s just a lot of techniques that I think it’s we may have to learn some of these lessons over and over again, but there are a lot of techniques we learned in helping keep these exchanges resilience and having very secure operational processes around moving money.

I think as we move into security tokens these tokens that are trading are going to be under the same reasons; what if something is trading doing a few hundred million dollars in volume and get attacked. What’s that’s going to do the security token. I think there’s a lot of risks and challenges as we move forward, but hopefully a lot of lessons will also be carried over.

Jor Law:

Alec and Tomo, do you guys have any additional info on the cyber security and security risks kind of a crypto in business entities and securities tokens [inaudible 00:09:12].

Tomohiro Nakamura:

Sure, yeah security is of course one of the most important factors I find using blockchain, because if there’s a security issue or threats then no one ever wants to use it.

There can be some layers of the security I guess, one is the security in the blockchain itself. For example if the blockchain miners are occupied by a single butt guy for the more than the 50%, then they can control the blockchain’s transactions.

The other layer it’s smart contract which we will discuss later. Smart contracts concept is basically do it yourself basis. There can be, if the developer makes a bug in a smart contract there is no way for the blockchain itself to debug the transaction. For the former case it’s important to use the popular blockchain [inaudible 00:10:13], because they have a number of honest miners. The other area is for the other layer we want to use a code audit before there’s a code production as we do for the web servers or ordinary systems.

Alec 0age:

Yeah, I agree with all of those points and auditing code is incredibly important when you’re dealing with smart contracts and blockchains in general. That involves not only reading and understanding the code and running all the tests you can, but also extending that to formal verification were possible. Also, utilizing really well vetted standards and widespread approaches and also employing a modular architecture so that if one piece of your code has a vulnerability you can isolate that.

Jor Law:

Well, if anymore we know audit will be you and your friend. Let’s talk now that we’ve covered just a few of the core principles that are important in security tokens, let’s talk about some of these chains and some of these technologies. Tomo can you just give a background would Ethereum why is it or how is it significant for security tokens?

Tomohiro Nakamura:

Sure, so Ethereum was invented back in 2015 and founder, one of the founders is Vitalik and he wants to make a world computer and it’s Ethereum. You can write code and deploy it to blockchain and it’s called smart contract. The one of the types of the smart contracts are called token, which you may have heard of the word called ERC-20 which defines the commonly use the function transfer. You want to call tons of function to send tokens to and from one account to another.

By agreeing that functions the interface, you can, players including primary issuers or secondary exchanges platforms can just call the transfer function to, you can write a program to meet complicated requirements for security tokens.

Jor Law:

Maybe can you tell us a little bit about TPL, very interesting concept.

Alec 0age:

Sure. Yeah, TPL stands for transaction permission layer. It’s a way to tie in real world information and assign it to in this case Ethereum addresses, although it can be extended to other chains without too much difficulty.

It operates on the abstraction of a digital jurisdiction which delineates the different parties that are at play. Namely you have the participants in the jurisdiction and then you have validators, which will assign attributes to those parties and then all of the various implementers which would include securities tokens and enable securities token to enforce transfer restrictions based on; KYC, AML, the credit investor checks really the sky is the limit.

Then also there’s a governance entity that basically administers the validators and assigns which validators can issue which attributes. We just launched our first version of the code and it’s all open source. Our main objective and priority is much like Fabian’s great talk; we’re all about interoperability and shared standards and open protocols. That way it promotes wide usage across a bunch of different fields and encourages lots of eyes getting on it and developing really secure and efficient ways of doing this in a complementary way.

Jor Law:

Great Mason I know you’ve got a securities tokenization platform that supports multiple chains. You’re one of the few that support Corda. Can you talk a little bit about Corda and how it differs.

Mason Borda:

Yeah, so one of the things we really pride ourselves on is our integrity and scalability. The largest sale we did brought in about 20,000 people through the compliance process. One thing that’s really important to us is that everything that we’re building on is really enterprise grade and can’s handle very high throughput.

As we started looking at other blockchains, Stellar was actually the first one that we started supporting early this year. Then Corda we have a couple of projects on Corda as well. What we really like about it is that it’s a scalable platform, it’s enterprise friendly and through a software development platform called [inaudible 00:15:36] it’s very easy to do, enforce governance or to mince various types of tokens and allow them to transfer.

That’s where just part of our commitment to adhering to enterprise grade tools and providing the best in the market.

Jor Law:

Boris I can’t go anywhere now without hearing about Stellar being heavy chain that ones you consider on security tokens. Can you explain why, how Stellar is a little bit different, some of its advantages, maybe some of its limitations.

Boris Reznikov:

Sure. Stellar is a distributed letter protocol or a blockchain that allows institutions and issuers to represent any arbitrary value in the form of a token. It’s been around for a while since 2014.

The original idea was to have financial institutions and banks to issue tokens that represent fiat currencies of various different global currencies, so that there could be one ledger that ushers in a level of interoperability that isn’t there, that wasn’t there before and still largely isn’t there in the traditional cross border payment space.

Then over time especially in the past two years or so, we’ve seen an increasing number of people that are representing not just fiat currencies, but also all sorts of real world assets as tokens on the ledger.

As I alluded to previously one of the main differences between Stellar and some of the other platforms is that it was designed from the ground up to facilitate efficient transfer value. That’s really what the system is designed to do, is process efficient transfer value and exchange value. That’s another one of the differences, is that it includes a built in exchange that’s part and parcel of the protocol.

The pluses are first, throughput, scalability and the drawbacks are it’s not, there’s no touring complete smart contract scripting language, so it’s limited in terms of which use cases are well suited for Stellar. You wouldn’t want to go build a decentralized prediction algorithm on Stellar for example, but to represent fractional ownership of real estate and facilitate it’s exchange. It’s quite a good platform for that use case.

Jor Law:

All right Rachel, you guys have are the new kid on the block, just fresh off a very large successful capital race. What is Hashgraph? How is it going to be significant for security tokens?

Rachel Lam:

Okay, I’m the new kid on the block, so you are going to have to be patient with me. Hopefully I get this right. Hashgraph, Hedera Hashgraph, is a distributed ledger. We don’t happen to be a blockchain, architecturally we’re directed acyclic graph or a dag. More on that later, you can find me.

How I like to look at it is we’re really two things; one is a performant distributed technology and then we’re a mature governance. If you look into technology we prioritize three things it’s being; fast, fair and secure. Now, Boris mentioned earlier a trade-off between scalability and centralization or decentralization, what we find is it’s scalability and security.

What we’ve done is we’ve put a stick in the ground and said we commit to being, to having the gold standard for security in distributed ledgers. This is not so much cyber security in the user side, but how easy or hard it is to compromise your consensus. What we have is asyncronous Byzantine fault tolerance and that speaks to a resilience of a network if it’s still or there are issues of communicating between nodes.

What it broadly means is you assume there are bad actors outside your network, within your network and trying to get between your network; which I think are pretty good assumptions for a network distribution layer.

Given that what we’ve done is maximized our throughput and our performance that we’ve achieved is around a hundred thousand transactions a second. We do it in what we maintain to be fair ordering, so that’s a pretty big differentiator for us. Something that if we roll it back to security tokens is lacking today, it’s first in first out. The first order that comes in network gets processed in that order, which it helps with something like front running for example.

Then mature governance side this one is interesting because we are an open network, but we are not open source. This was a very deliberate decision. Again, speaking to its applicability in securities we view that forking is an interesting concept, but it does result in a lot of risk and a lot of trouble for securities issuers.

You can imagine particularly in a non-fungible token situation, where if all of a sudden you have two identical copies of a non-fungible token that kind of defeats the purpose. You have one that represents let’s say a title to an asset, which one if it splits into two. Which one is the correct one? That’s kind of what we’ve done.

Again; fast, fair, secure, open network with the governance model that says no forking. We have voting from large enterprises that determines road map and features for the network.

Even that’s pretty great for capital markets and security tokens, because it takes advantage of a network that has the capability to handle the throughput and the needs of capital markets. It has the stability that capital markets would require to run and it has governance that keeps priorities of; business owners, issuers, regulators in mind.

Jor Law:

Great. Now this question is for anyone that wants to talk about. The audience is not all technically oriented, this is kind of an important concept to some of them…you talked about layer one versus layer two on off the chain, side chain. Why are some of these concepts important when you’re thinking about technical foundations of a security blockchain. Anyone that can take this one.

Alec 0age:

I’ll jump in. Basically it’s expensive to use most public chains to varying extent and depending on demand. It’s also very public, totally auditable. If you can avoid writing to chain and doing things off chain or doing things in the side chain or a plasma chain it’s often beneficial and more scalable in an organic way.

That’s sort of known as layer two solutions, layer one being improvements to the throughput of the underlying system. Some solutions to that include the use of stake channels. Vitalic has a has a great analogy to that. It’s if I go to the coffee shop every morning and I write you a check for my coffee five bucks, now you want to go cash that check every day but the bank charges a fee that’s all of a sudden going to eat into my margins.

What if I write you a check for $5 for my coffee today, then tomorrow I come back write you a check for $10 and we rip up the old check and we have a system like that. There’s obviously a lot more nuance to it than that, but you can basically have an open channel where you transact off chain and then just refer back to the original chain for settlement.

Side chains and plasma chains are another set of technologies for linking chains together. You can lock up tokens into a smart contract that a plasma chain will then refer to and it can run on a centralized server or just a server without the same security issuances. If there’s any trickery then you can cash out and pull out.

There’s a lot of interesting proposals for how you can just treat the base layer as the dispute resolution or arbitrator of last result, but push most of your transaction volume into these second layer solutions. It’s meant to really work in concert.

Jor Law:

Does anyone have anything else to add there?

Tomohiro Nakamura:

As Alec mentioned about layer two and off chain security improvements. The layer two is easier because layer one, I mean base chain or called a root chain is harder to just change the behavior because they have many miners and token holders.

Some improvements are ongoing, for example in Ethereum is based on truthful block consensus algorithm which is time consuming and energy consuming. They try to move to the proof of stake or the related proof of stake which doesn’t consume the time or energy to make the security improvement.

Jor Law:

Great. Mason, I know there’s been a lot of talk about is the permission chain better, is the permission-less chain better. Why is that thinking and what are your thoughts on that.

Mason Borda:

Yeah, so a permission-less, do you mean permission-less smart contracts or do we want to upgrade it to chain level because of the ...

Jor Law:

Both actually, let’s talk of both.

Mason Borda:

I guess let’s just think of it as a transfer in general, transfer of an asset in general whether it’s cryptocurrency like Bitcoin or Ethereum or it’s a token built on top of Ethereum.

The good thing about keeping these things permission-less is with something like Bitcoin that’s a store of value, it’s valuable because it’s fungible and you can move it in any time. There’s no intermediary, no one to potentially take it away from you and that’s what you want for a store of value like that. You want to be able to cash it out if you need tomorrow. You want to be able to send it around as necessary.

As we’re maturing into the world of securities, those properties do a little bit more harm than good. What’s becoming more common is these permission protocols for moving assets. If we do one a launching asset in the world of securities and adhere to all the laws, then we need more of a permissioned mechanism.

We recently launched a center for this it’s called the ERC-1404 and we’re using that to actually implement the relevant banking laws and securities laws when issuers want to move their assets during trading. I think these are probably going to be more and more common, but the value in having these be permissioned is the issuers of these assets do have a little bit more control over it.

If they do need to revoke these tokens because maybe they went into the hands of someone that’s perhaps on a sanctions list, they should be able to take that away. There’s other methods for dealing with that as well, but there’s just more things you need to do once you enter the regulated markets that permission standards help a lot more with.

Jor Law:

So, I was on a cruise ride last night I was talking to a gentleman who was very passionate about thinking that permission blockchain was useless, because why wouldn’t he just use a private database as we would today. Does anyone have thoughts on maybe comment like that?

Mason Borda:

Yeah, so I think so if we look at just Bitcoin Ethereum fundamentally it’s a network that operates 24/7 pretty much with no downtime. I think that’s, I forgot your question.

Jor Law:

If you weren’t going to use the public blockchain and it’s going to be private…

Mason Borda:

Yeah sure.

Jor Law:

Why blockchain?

Mason Borda:

If we look at those characteristics fundamentally, they are actually going to transfer as we build more and more infrastructure in the world of security tokens. Those things that were fundamentally possible before with Bitcoin Ethereum are still going to be possible with security tokens.

The primary feature is that we will be able to have markets that are open 24/7 especially when we can automate a lot of the transfer restrictions, a lot of the regulatory requirements around them. These things can now operate and trade on a financial fabric that’s globally accessible 24/7.

I think you can build that in a private database, but I think there’s something different about being able to operate on open networks and it creates a different mentality.

If we didn’t go down the private database model, then everyone would, it would be about making your own database and having the standard and being sort of a center. With an open network anyone can plug in and there’s essentially less ego to operating in a globally accessible fabric than there’s operating on a private database that can perhaps do the same, provide the same functionality.

Rachel Lam:

To add to that draw, I think a permission network versus a private database does have an element of collaboration to it. Say you are one insurance company, you may have a private database, you probably do have one in fact and you have all your client data, your risk data whatever you use to manage your business day to day there.

What you could benefit from is sharing some of that data because your clients might jump from insurance provider to insurance provider with other people in your industry. That doesn’t necessarily mean you want your transaction volumes or because really that’s all you see on a public network. Maybe you’re not trusting other technology yet, maybe you’re not ready to make that full leap.

With a permission network every node, every purchase within that network is known to you and is part of your let’s call it a vetted circle. That is one step removed from opening up your private database to letting maybe competitors visit around and it’s between that and having an open network where you share the same highways if you will as everyone else.

Jor Law:

Thank you. Tomo maybe let’s talk about fungibility a little bit, because that’s always a discussion that comes up with security tokens. Can you describe why it’s significant and maybe give some thoughts on fungibility.

Tomohiro Nakamura:

Fungibility is kind of difficult problem, because there can be a debate if the US bars are fungible or not because it sends out wider center banks. At least they are exchangeable.

Basically cryptocurrencies are also fungible unless programmed otherwise. If you caused on the smart contract that it is non fungible you can do that, but basically the cryptocurrency is on the public they are fungible.

Jor Law:

Great. Then Rachel you and I have talked two years about identity marching and things like that. Can you talk about identity why that’s important, why that’s a core foundation in securities and maybe some of the technical challenges or thought processes behind it.

Rachel Lam:

Okay, so this one I feel like I’m so under qualified to talk about this. There are so many professionals in the room who probably know this more about this than I do.

Securities when you combine it with distributed ledger technology and this whole history that Bitcoin especially has of movement in dark markets and as a currency for payments and there’s all this anti laundering issues involved around it. It’s basically a very mobile form of cash. Without the identity component it’s very easy to fall into a category where it’s used maybe not exclusively, but extensively in funding drugs or arms sales that are illegal and all sorts of things that not just regulators, but most people probably don’t want too much off. General terrorist financing stuff.

Identity helps because you can now tell that your participants and your markets and your transactions are known entities; maybe they’re banks, maybe they’re corporations, maybe they’re individuals transacting. When you are able to raise your hand and say even digitally that this is me, this is the money I’m sending from point A to point B; it gives regulators and institutions a lot of peace of mind.

Just if you look from a bank standpoint, if they get any kind of indication they’re participating or facilitating money laundering they risk losing their license. The moment that’s a risk it’s a really big risk they can’t control it’s like, “Get me out here, I’m not doing this anymore.”

Identity becomes a really big component if we can lock down that. If we can put that and secure it in a way that is interoperable, that we can move it across chains, that we are sure of someone’s identity even though it’s one step removed from real life. Then I think this it could mean a lot of growth for this space, it could mean a lot of deduction. I don’t know if that answers your question very well actually.

Jor Law:

Yeah no it does. I mean the problem of course is a lot of you can build and if you create a wall and there is an identity tied to that. When you try to transact in that wall then someone needs to maybe figure out who you are when you’re using that wall and whether it’s okay for you to use that wall at that time for that transaction. Then what happens when you do a transaction 10 days later or a year later or 10 years later how do they now do that that again, should they do that again, can they show that information, what’s that information?

These are some of the issues that the industry is all working on and trying to solve; can someone control their own identity and choose what they want to share so that no one can also controls your own identity. It’s a big problem and I don’t think anyone has like perfectly solved it yet.

Rachel Lam:

Yeah, I mean Hedera has a built-in layer we call it the opt in identity system. It’s an out of station protocol. Basically we’re saying you have a wallet and an entity that is trusted, whoever you will trust to say who you are can say, “I vouch for this wallet being the account of Rachel or John,” and you can have multiple people do that.

You probably wouldn’t trust it if I said this is Joe and I’m just a random girl, no one knows who I am. If I’m a bank or a government maybe you would. Maybe I’m some issuer of a license, maybe if I’m a school saying that you graduated there. All these elements can add towards probability or assurance that this is the individual.

Jor Law:

A level of trust.

Rachel Lam:

It goes back to that and probability, because a year later maybe you’ve lost the private keys to that wallet and you’re not there anymore. It’s not a solved solution by any means, but hopefully we can work towards it.

Jor Law:

We can have a smart contract, Tomo you talked about smart contracts. Boris maybe you can talk about smart contracts what they are and why they are significant as tech foundations and how they might come into play. When something might be on the chain versus smart contract versus you know the second layers…

Boris Reznikov:

Yeah. Smart contract was popularized in the Ethereum ecosystem as a way to automate the execution of a contract. I personally have a bit of a contrarian view on smart contracts.

People get really about the term and it is an exciting concept and we’ve heard the term smart contracts mentioned today in this room quite a bit. A lot of the excitement comes from the idea especially in the security stacking space around the idea that you can get rid of a lot of the manual processes and the paperwork that’s involved in setting up, securitizing an asset.

Though that’s true, doing that by the means of a smart contract comes at a cost. The downside of having a smart contract is that it comes with a lot of technical bit. In a lot of cases my opinion is that you are replacing the cost of manual process and paperwork with difficult code that is arguably much more expensive to write. Then the important thing to keep in mind is that these smart contracts need to be maintained and managed over time and these are not easy things to do if it’s hard coated into a smart contract.

What we’ve seen with some of the earlier smart contracts that were created for security tokens is that they had to be, it’s called upgraded. They had to be rewritten to make sure that they were compliant with the new understanding of how these tokens are traded.

It’s argued that trading restrictions should actually be enforced by an off chain rule set, by an off chain signing service so to speak. There are crypto purists that will say, “Well, that’s not decentralized.” When you’re talking about securities, the concept of decentralization as it pertains to Bitcoin goes out the window.

There are rules that mandate issuers to be able to revoke or freeze assets if there’s suspicion of fraud et cetera. That doesn’t work in the decentralization thing that people were excited about with Bitcoin. I don’t want to be repetitive, but our view is that trading restrictions for security tokens should be enforced on chain and then let the chain itself do what it’s good at which is facilitate the information transfer value and keep track of who owns what.

Alec 0age:

Well, I also think that if there’s, if there are open standards around how you right secure contracts with best practices and solid fundamentals, that the attack surface does reduce significantly, you’ve got shared to the eyes on it.

I also think that there’s no reason that just because you’re enforcing transfer restrictions on chain that you can’t do it also off chain. As a matter of fact if you have well accepted standards like ERC-1400 or specifically 1404 that enables the exchanges and other interested parties to check and see if the transaction is going to work or not ahead of time, then it can really ease integrations and save the hustle of having to fire off transactions that may fail.

I really think that as an issuer having the additional assurances that it’s impossible based on the rules that are built into the contracts to even make a non-compliant transfer is a really nice assurance. That doesn’t mean that that should be the only way that you’re enforcing transfer restrictions, but that’s great.

In terms of upgrade ability yes smart contracts on Ethereum at least are immutable. Which is a benefit in a lot of cases and has also resulted in some pretty serious blunders where lots of money has been stolen or frozen or you name it. There are new paradigms of more granular permissions around ownership of contract and making contracts upgradable in a way that you can stay compliant, you can update your regulatory, changing regulatory environments.

The way that basically works in effect right now is you have a proxy contract that’s your address to the outside world. Then that refers back to other contracts in the system that may hold all the logic to the smart contract and they hold the data to the smart contract somewhere else and they have different permissions and roles that are assigned to who can upgrade the contract. Then you just tell the proxy the point to the new logic contract or what have you.

I think more work is definitely needed in terms of standardizing that as well, but that will open up a lot of new possibilities in terms of keeping everything fresh.

Tomohiro Nakamura:

I agree with Alec, what makes I agree with Stellar’s approach as well. What makes Ethereum great is community members, the size of the community. There is always a discussion about how to scale, how to make it more secure that kind of discussion is always held on public you know on the GitHub. Yeah, as I mentioned the ...

Jor Law:

Well, I think standardization is obviously it’s been a hot topic recently. You’ve got a number of folks that have come up with similar functions, but they are a little bit different and similar to what ERC-20 did for Ethereum we need something now for the security token industry.

There is a concern right now for declaration standards, like everyone is kind of throughout their own standard someone was trying to take credit for this standard and that standard and then hopefully the community will collaborate and whichever standard gets adopted is really going to be a win for the whole industry.

We’re almost out of time, but Aubrey and the security token academy is very focused on interoperability, so at least I have to ask what do you guys see is the current challenge in interoperability. Everyone here on this panel has created some sort of technical solution for the market place and you’ve got to have other people work with you, people that are already working with you work with each other and maybe work with other chains. What are some of the challenges that you’re seeing now, anyone.

Rachel Lam:

I think ...

Boris Reznikov:

I feel that one of the big challenges is that every, a lot of players in the ecosystem are vying for each other’s attention because they want their implementation to be adopted. I think in order for there to be real interoperability we need more discussions where multiple parties are in the same room that are trying to come up with something that works across the board.

Jor Law:

Is that something you can do Aubrey? We’ve got 10 seconds left, so actually no we’re over time now. Thank you very much for coming through the panel.