DEPRECATED: Taking Matters Into Our Own Hands: How the Crypto Industry Can and Should Protect Itself.

Photo credit @JuliaJust83 on X/Twitter

This article is deprecated and no longer accurate. Visit https://versatus.io/blog for Versatus updates and news.

It has been just over 14 years since the mining of the Bitcoin Genesis Block. For the majority of that time, public blockchains, cryptocurrencies, and later, starting with Ethereum ecosystem projects, distributed programs, have operated in a largely extralegal space. That has started to change, which in some ways is to be expected. Of course, we would all want those that perpetrate scams and defraud users or investors to face legal consequences.

Playing catchup, the SEC has launched suits and enforcement actions against a handful of major projects and entities operating in the space. While it’s clear that the SEC’s Chair Gary Gensler is not a fan of the space, what’s concerning is that there seems to be no desire to allow the space to build what it promises to.

What does blockchain technology, and the projects built on top of it/using it promise to build? A decentralized, and thus sustainable, permissionless, and thus accessible, public, and thus auditable, cryptographically protected, and thus secure, financial system and internet.

These are the ideals we promote and push forward towards. Unfortunately, a handful of bad actors have truly tarnished the industry and caused a loss of public trust. They have also triggered more fervency on behalf of alphabet soup agencies that see the space as a nuisance to their entrenched power, if we’re being cynical, or a headache they would like to be the Advil for if we’re interpreting their leaders’ words and actions generously.

But we’re still early…

Instead of waiting around for hostile agencies to condemn the industry to vaporware with relics from the Great Depression they call regulations, the leaders of this industry need to take matters into our own hands.

There is more than one way to accomplish this such, and a one-size-fits-all solution where we jam square pegs into round holes is certainly not one of them.

As the cryptocurrency market continues to grow and evolve, it faces numerous challenges and risks, including fraud, hacks, and network outages. Traditional regulatory agencies like the SEC have struggled to keep pace with these rapid changes and have faced criticism for their inability to provide adequate oversight and protection for consumers. In response to these challenges, we propose a new self-regulatory organization for the crypto industry: the RARI Model (Risk Assessment, Recommendations, and Insurance). This innovative model focuses on aligning the incentives of an insurance agency and users to protect and guide the users of the projects being assessed and insured. By learning from the failures of traditional regulators and adopting a proactive approach, the RARI Model offers a comprehensive and effective solution for addressing the key risks inherent in the cryptocurrency landscape. But before we dig in, lets take a trip down regulatory memory lane.

If you’ll indulge me…

My, oh my, how fast we forget. Calls for the same agencies that allowed the defrauding of investors in the Enron/ArthurAnderson scandal, Bernie Madoff, the collapse of the worlds largest financial system, and so much more, to step in and regulate the crypto industry have become deafening following the collapse of Terra, 3 Arrows Capital, and FTX. Though currently slightly quieted by the collapse of one of the countries 20 largest banks, there’s no doubt that when the chaos subsides, focus will come back around to regulating crypto.

In fact, many regulators and politicians have blamed crypto, using Olympic gold winning mental gymnastics to arrive at this conclusion, for the collapse of Silicon Valley Bank and Signature Bank. Both of these entities suffered from what is commonly referred to as maturity mismatch, a topic for another post. Neither of these banks experienced bank runs, and subsequent collapses due to the crypto industry. Even if it had, the regulators that want power over the industry have failed time and again. For a number of reasons, these entities are poorly suited to regulate the industry they are in charge of, much less the crypto industry. So before we dig in to the RARI model for self-regulation, lets discuss some of the common problems with the bureaucratic model that allow for the utter failure of oversight for decades:

1. Bureaucratic inefficiencies: Regulatory agencies like the SEC are often slowed down by bureaucratic red tape, making them less agile and responsive to new developments in the financial sector. This sluggishness can lead to delayed enforcement actions and reactive policies that fail to address emerging risks.
2. Conflicts of interest: Traditional regulatory agencies may face conflicts of interest due to political pressures or industry influence. These conflicts can undermine the regulators’ objectivity, potentially leading to lax enforcement or favoritism towards certain market participants.
3. Lack of technological expertise: Regulators often lack the in-depth technical knowledge necessary to fully understand and assess emerging technologies like blockchain and cryptocurrencies. This gap in expertise can result in ineffective regulations or a failure to recognize and address new risks.
4. Reactive vs. proactive regulation: Traditional regulatory agencies tend to focus on addressing problems after they have occurred, rather than proactively identifying and preventing potential issues. This reactive approach has resulted in numerous financial crises, bank failures, and investor losses throughout history.

The RARI Model: Premiums, Risk Adjustment, and Categorization

The RARI Model is designed to provide risk assessment, recommendations, and optional insurance coverage for crypto projects. One key feature of this model is its risk-adjusted premiums. Projects with lower risks will have lower premiums, while higher-risk projects will have higher premiums. This structure incentivizes projects to prioritize security and other best practices to lower their premiums and attract more users.

Projects that choose not to participate in the insurance program are automatically deemed “high risk.” This encourages participation and transparency, as well as steering users toward safer, insured projects.

Insured projects under the RARI Model are categorized into various risk categories based on their premium. This classification system helps funnel users towards the safest projects, reducing the agency’s exposure to potential losses. By providing transparent risk categories, the RARI Model empowers users to make informed decisions about the crypto projects they want to engage with, while creating a competitive landscape for projects to continually improve their security measures.

Aligning Incentives for Fraud Detection, Exploit Prevention, and Network Outage Management

The RARI Model’s innovative approach to regulation is centered around the alignment of incentives between the insurance agency and users. By tying the agency’s exposure to the performance of the projects it insures, the RARI Model creates a mutual interest in preventing fraud, hacks, and network outages.

1. Fraud detection and prevention: The RARI Model creates a strong incentive for the insurance agency to detect and prevent fraud. Since the agency’s exposure is directly tied to the performance of the projects it insures, early detection of fraud can save the agency from significant losses. As a result, the agency will be motivated to implement rigorous risk assessment processes, educate users about potential risks, and encourage projects to adopt best practices.
2. Exploit prevention and vulnerability management: Just like with fraud, the RARI Model incentivizes the insurance agency to actively prevent hacks and exploits. The agency has a vested interest in discovering vulnerabilities, highlighting them to the project developers, and ensuring that these issues are addressed in a timely manner. This proactive approach to security not only protects users but also minimizes the agency’s potential financial exposure.
3. Network outage management: The RARI Model also addresses the risk of network outages on the blockchain platform that the project is deployed on. The insurance agency has a direct incentive to monitor and assess network reliability and performance, as well as to advise projects on selecting stable and secure blockchain platforms. By tackling network outage vulnerabilities, the RARI Model contributes to the overall stability of the cryptocurrency ecosystem.

Advantages Over Traditional Regulatory Agencies

The RARI Model’s focus on aligning incentives and promoting proactive regulation offers several key advantages over traditional regulatory agencies, including:

1. Incentivizing transparency and security best practices: The RARI Model rewards projects that prioritize transparency, security, and risk management by offering lower insurance premiums. This incentive structure encourages projects to adopt best practices and strive for continuous improvement, fostering a more open and trustworthy ecosystem.
2. Adapting to new technologies: The RARI Model’s insurance agency is driven to stay up-to-date with emerging technologies and risks in the crypto space, ensuring that its risk assessments, recommendations, and insurance offerings remain relevant and effective. In contrast, traditional regulators often lack the in-depth technical knowledge necessary to fully understand and assess emerging technologies, which can result in ineffective regulations or failure to recognize and address new risks.
3. Proactive vs. reactive regulation: Traditional regulatory agencies tend to focus on addressing problems after they have occurred, rather than proactively identifying and preventing potential issues. The RARI Model’s emphasis on prevention and incentive alignment helps to create a proactive regulatory environment that is better suited to the rapidly evolving crypto landscape.
4. Avoiding bureaucratic inefficiencies and conflicts of interest: The RARI Model is less susceptible to the bureaucratic red tape and conflicts of interest that often plague traditional regulatory agencies. By aligning the insurance agency’s interests with those of the users, the RARI Model can more effectively protect consumers and create a safer, more resilient cryptocurrency ecosystem.
5. Restitution versus Retribution: While most victims of fraud and hacking do want to see retribution for the perpetrators, more importantly to almost all of them, is that they are made whole. While a RARI organization would not be a policing agency, and could not enforce retribution via criminal charges, it would provide restitution and make project users whole, or close to whole.

The current bureaucratic regulation model provides no alignment of incentives, because the losses that the SIPC or FDIC don’t effect the profit, or in the case of the SEC, CFTC, and various banking regulators, their budgets. The oversight agencies, on the contrary, often get larger budgets after failing. This backward incentive structure creates a combination of moral hazards by the members of the industry they oversee and at the agency itself.

TLDR;

We should stop waiting for agencies that fail to adapt and improve to provide guidance and regulations over an industry that is focused, explicitly by some members, implicitly by all, on displacing those same agencies and rendering them obsolete.

Instead we should carve our own path forward. A better path, one where incentives are properly aligned to accomplish the revolutionary task at hand.

Conclusion

The RARI Model offers a refreshing alternative to traditional regulatory agencies by aligning the incentives of an insurance agency and users to create a self-regulatory environment that fosters transparency, security, and trust in the crypto industry. By learning from the failures of traditional regulators, adopting a proactive approach to risk management, and incentivizing projects to prioritize security and transparency, the RARI Model is poised to create a safer and more resilient cryptocurrency ecosystem for all participants. As the cryptocurrency market continues to evolve, the RARI Model’s innovative approach to regulation and risk management can serve as a valuable blueprint for the future of crypto industry oversight.

About the Author

Andrew N. Smith, CAIA is the founder of Versatus Labs, Inc. and is a two-time founder, a strong motivator and leader. At his first startup, Andrew spent 5 years as the sole engineer and data scientist building out the full stack of Machine Learning and Deep Learning models. Andrew began working on Versatus, invented Proof of Claim and single-handedly built the Versatus prototype. Andrew’s vision for Versatus is to not only provide a better, more decentralized, secure and stable blockchain, cryptocurrency and smart contracts platform, but to also actively bridge the gap between the “real economy” and the “crypto economy” by providing developers the most flexible, extensible and composable smart contract platform in the world.

About VRRB Labs, Inc.

Versatus Labs is the development company building Versatus, an innovative blockchain protocol. Versatus is a fast, scalable Layer 1 built on top of a novel consensus mechanism called Proof of Claim. Versatus aims to make the developer experience frictionless by bringing ‘Build, Ship, Run’ DevOps to Web3 with its isolated, composable smart contracts containers, complete with a unikernel VM enabling developers to build in the language of their choice.