Authors: Will Awang, Chris Chuyan, Web3 Xiaolu

The ultimate goal of most Web3 projects is to issue their own tokens, especially during the bull market of cryptocurrencies, as token prices rise and FOMO sentiment spreads. In the pursuit of "freedom," the road is rough, and there are always alerts from the unknown dark forest, severe ambushes by law enforcement, and even the disaster of imprisonment.

How to legally and compliantly issue tokens is the top priority for Web3 projects, but this is by no means the end. Achieving decentralization of the project is the ultimate goal, and decentralization will not only bring about the benign development of the project but also provide more compliance space for the project.

Therefore, this article will explain from the perspective of Web3 legal practitioners and a series of articles by a16z on decentralization and token issuance, why decentralization should be achieved, why decentralization will bring compliance space, and provide some compliance strategies, aiming to provide a preliminary compliance framework for the token issuance of Web3 projects.

I. Why Achieve Decentralization?

The Internet of Web1 was once considered the greatest tool for liberation, until the platforms of Web2 gradually transformed the Internet into an instrument of centralization, changing the relationship between network participants and platforms from cooperation to competition, and the collective consensus on the network also became the single consensus of Internet platforms. The former digital utopia has become a digital prison, until the dawn of decentralized encrypted networks appeared.

Therefore, the term "decentralization" has been given too many panacea-like meanings, whether it is the non-violent resistance proposed in "The Cypherpunk's Manifesto" to resist government surveillance and censorship, or the order consensus achieved by programmers through "Code is Law," or the political advocacy of network liberalism. However, these are not the main reasons why decentralization is so important for Web3 projects.

Encrypted networks are decentralized networks built on the Internet. On the one hand, they use consensus mechanisms such as blockchain to maintain and update network status (collective consensus of Web3 vs. single consensus of Web2 platforms), and on the other hand, they use cryptocurrencies to incentivize the collective creation, and construction of consensus participants and other network ecosystem participants (non-profit ownership of Web1 vs. incentives and ownership of network participants in Web3).

Decentralization is the key feature of encrypted networks, which can transfer power from closed and controlled corporate organizations on Web2 Internet platforms to open and permissionless networks. Truly decentralized encrypted networks are more like public infrastructure (Public Goods) than proprietary technology, and require strict authorization for use.

This open, decentralized paradigm shift has the potential to rebuild the Internet in a way that promotes competition, safeguards freedom, protects privacy, and fair incentives, and can, under appropriate conditions, attract the collaborative efforts of global network participants, leading to exponential growth of the network ecosystem. This consensus is one of the main reasons why assets such as Bitcoin and Ethereum continue to thrive despite skepticism.

In short, decentralization means that encrypted networks return data ownership, governance rights, and other rights that should belong to network participants to individuals (Ownership), enabling them to work towards a collective, common goal—the development of the network ecosystem and the utility enhancement of tokens.

II. Decentralization Brings Compliance Space

Decentralization not only enables the project to gather collective consensus, allowing members to collaborate globally and drive ecosystem development, but also provides more space for the project at the legal compliance level. We will look at how decentralization brings compliance space for Web3 projects from the perspective of SEC regulation of token issuance and the comparison between decentralized ICO and centralized IPO.

2.1 Starting Point of SEC Regulation

Undoubtedly, the biggest "enemy" of the cryptocurrency industry is the U.S. Securities and Exchange Commission (SEC), which believes that almost all tokens are "securities" and should be registered under U.S. securities laws. Since the outbreak of initial coin offerings (ICOs) in 2017, tens of thousands of projects have sought to raise funds based on promises of significant technological breakthroughs (including Ethereum), but few projects have actually used the funds for implementation.

SEC attempts to apply securities laws to this simple fundraising activity, as ICOs usually meet all the conditions of the Howey Test, a test for determining whether certain transactions qualify as investment contracts: a contract, scheme, or transaction in which money is invested in a common enterprise and is expected to generate profits primarily from the efforts of others.

The simplest case is the token financing in the primary market (i.e., the issuer publicly sells tokens to investors), which would be deemed as securities.

In the SEC v.s. Ripple case regarding the private placement round of financing in the primary market, financing for professional investors (Institutional Sales) can also fall under SEC's classification as securities: (1) investment of money; (2) common enterprise, i.e., Ripple uses investors' funds for its network operations, and investors' expected benefits are closely related to Ripple's development; (3) expectation of profits from the efforts of others, i.e., investors expect to gain profits through Ripple's efforts, including interest, income, and the increased value of the investment.

In fact, Ripple also informed investors through public announcements and other means that investing in its XRP tokens could yield future profits, or that the value of XRP is linked to Ripple's efforts.

Despite this stance, the fundamental goal of both the SEC and network participants is to eliminate information asymmetry and create a fair, open competitive environment.

The responsibility of Web3 network participants is to demonstrate that the methods of encrypted networks are feasible and can meet regulatory requirements, such as being able to create a fair competitive environment for a broader range of participants (developers, investors, users, etc.) through decentralization, using open and transparent ledgers, eliminating single central control, and reducing reliance on management teams.

2.2 Centralized IPO vs. Decentralized ICO

Let's first compare a simple centralized project IPO and a decentralized project ICO token issuance, and then see how encrypted networks can meet regulatory requirements.

The essence of an IPO is to publicly issue a small portion of equity to raise funds, with the funds raised used for the benefit of a small group of company shareholders.

As shown in the Coinbase IPO equity structure above, the founding team and investors hold at least 70% of the shares, and the rise and fall of the stock has no relation to users who trade on Coinbase all day. To put it more plainly, if you trade on Coinbase all day, contributing to Coinbase's performance, what benefits does Coinbase give you?

The essence of an ICO token issuance is to publicly issue and circulate the vast majority of tokens (which can be fundraising or distributed in various forms such as airdrops), allowing Web3 projects to distribute control throughout the entire community rather than centralizing it in the hands of the management team, thereby promoting decentralization and ecosystem development.

The development team/management team of Web3 projects only holds a small portion of the token shares, and the vast majority of tokens are used for the construction of the project ecosystem and incentives for early contributors, DApp/protocol users, and other network participants. As shown in the Uniswap ICO above, the development team and investors retained only a small portion, with the remaining 60% of the tokens used for the construction and governance of the Uniswap ecosystem. To put it more plainly, we can earn token incentives by providing liquidity on Uniswap, participating in trading, participating in ecosystem construction, and receiving grants, and so on.

Clarifying the essence of token issuance is crucial for achieving decentralization, which is essential for Web3 projects; otherwise, the project will fall into the "pump and dump" logic, and the project will not have long-term development.

2.3 Decentralization Brings Compliance Space

From the perspective of decentralized token issuance, the application of the Howey Test by the SEC has become more challenging: (1) Investment of money—token airdrops or other means do not involve monetary investment; (2) Efforts of the management team—truly decentralized projects do not rely on the efforts of the management team; (3) Expectation of profits—secondary market investors do not necessarily need to rely on the efforts of the management team to gain returns.

At the same time, decentralization can also achieve one of the SEC's purposes—disclosure of information. When decentralized projects distribute control throughout the entire community rather than centralizing it in the hands of the management team, it ensures that information can reach everyone fairly.

In June 2018, SEC official William Hinman introduced the concept of "Sufficient Decentralization," stating: "If the token or the operating network behind it is sufficiently decentralized, such that investors no longer expect a person or group to carry out essential managerial or entrepreneurial efforts, the asset may not represent an investment contract." Based on this logic, Hinman believes that Ethereum does not constitute a securities sale because the current Ethereum network is sufficiently decentralized.

It is evident that decentralization is crucial for U.S. regulation.

（Variant Fund, Sufficient Decentralization, A Playbook for web3 Builders and Lawyers）

III. Compliance Guidelines for Token Issuance

3.1 The Degree of Centralization Determines the Size of Project Compliance Risks

Although decentralization can bring compliance space for projects, the SEC updated its "Framework for Digital Asset Issuance" in April 2019 and continues to expand the regulatory boundaries for cryptocurrencies through regulation by enforcement (e.g., regulation and enforcement against Coinbase, Binance, Ripple, Uniswap, etc.).

In order to minimize SEC-related troubles, Web3 projects must try to operate within the guidance provided by the SEC to create more compliance space (Mitigate Risks).

Similarly, in any jurisdiction, before conducting token issuance on exchanges (IEO), Web3 projects also need legal opinions from law firms stating that the token issuance is "non-securities" to avoid regulation under the securities laws of the relevant jurisdiction.

Therefore, the compliance risk that a project undertakes depends on its degree of decentralization. Bitcoin, which is fully decentralized, is the only encrypted asset excluded from being classified as a security by the SEC, while Ethereum is currently under scrutiny.

In this regard, Miles Jennings, the policy and legal compliance lead at a16z, clearly stated: Decentralization is the only path a project can take to help eliminate the risks that securities laws aim to address. Decentralization is the North Star that provides the ultimate guidance for the project, and other paths and strategies are just expedients.

Of course, not all projects can achieve decentralization from the start; most Web3 projects require a process of "progressive decentralization."

3.2 Excluding Any U.S. Factors

Most projects do not have the ability to achieve complete decentralization during token issuance, so theoretically, their tokens may be classified as securities by the SEC. For example, in the SEC's lawsuits against Binance and Coinbase, several "securities tokens" were listed. Additionally, the public issuance of tokens can also be classified as a securities sale by the SEC.

Therefore, the direct method to avoid U.S. regulation (especially by the SEC) is to exclude any U.S. factors and prevent U.S. regulators from having jurisdiction.

Similarly, this exclusion method also applies to the Chinese jurisdiction.

Therefore, in the absence of perfect compliance capabilities, whether in the private placement stage of fundraising in the primary market, the token generation event (TGE) stage of public issuance and listing, or the token trading stage in the secondary market, it is advisable to avoid U.S. factors (such as U.S. public, U.S. investors) as much as possible.

Feasible paths include:

A. Early airdrop incentive stage: Web3 projects can geographically block/U.S. VPN block U.S. users, preventing them from participating in airdrops, token incentives, and most importantly, fundraising through public token sales.

B. Private placement stage: In cases involving private issuance of tokens to U.S. investors or employees, Web3 projects can still operate under the exemptions provided by SEC Regulation S.

C. Public issuance and listing for trading: Tokens can be issued by entities located outside the U.S., and early listing on U.S.-based cryptocurrency exchanges such as Coinbase, Gemini, and Kraken can be avoided.

In practice, most offshore foundations (e.g., Cayman, BVI, Singapore) become the entities for token issuance. If the tokens are decentralized, governance of the project is carried out by the non-profit foundation, which is an isolated entity without shareholders, and there are no conflicts of interest, focusing solely on the development of the project ecosystem.

Fundamentally, if a project does not offer its tokens to U.S. residents, even if it is not "sufficiently decentralized," the risk of SEC enforcement will be significantly reduced. Therefore, it is advisable to avoid any public token sales for fundraising purposes targeting U.S. factors as much as possible.

3.3 Operational Restrictions for Projects

Although some of the above strategies can address regulatory issues to a certain extent (such as excluding U.S. factors) in token fundraising and issuance, Web3 projects are inherently targeted at the global market and operate mostly online. Therefore, Web3 projects, in particular, need to follow certain restrictions in their daily operations, especially when discussing the value of tokens (e.g., on social channels such as Discord, Twitter, Telegram, text, and email), to avoid falling into regulatory traps. These activities include:

1. Protocol development
2. Business expansion
3. Marketing curation
4. Intellectual property
5. Governance decisions

3.3.1 Decentralization Transformation of Project Identity

（Variant Fund, Sufficient Decentralization, A Playbook for web3 Builders and Lawyers）

Before and after token issuance, as the project enters the decentralized stage, Web3 projects should avoid several situations:

A. Before starting public sales, it is advisable to avoid discussing or referencing the value of the tokens, including potential airdrops, token distribution, or token economics. We have seen the SEC previously block Telegram's token issuance.

B. Avoid discussing the price of tokens or potential appreciation expectations at any time, or presenting them as investment opportunities. This includes mentioning any expectations that could lead to token appreciation (e.g., programmatically "burning" tokens to achieve pricing targets or stability mechanisms), and any commitments to continue funding the project's development and success using private capital.

C. After token issuance, as the project enters the decentralized stage, the startup team or management team (including founders, development companies, foundations, and DAOs) should clearly define their roles.

Web3 projects should use "initial development team" instead of the previous "core development team" or "main development team," and use "core contributors/contributors" instead of individual company titles. Members of the foundation and DAO should define themselves as non-profit contributors who promote the development and growth of the protocol/DApp/DAO.

At this point, Web3 projects are prone to fall into centralized language, even if the project is extremely decentralized, especially when they are accustomed to speaking in the first person about achievements, milestones, and other releases. The traps of self-positioning include:

• Avoid implying ownership or control of the protocol/DApp/DAO (e.g., "As the CEO of the protocol…" "Today, we opened the X feature of the protocol…");
• Avoid committing or guaranteeing the work being done by the protocol/DApp/DAO, and avoid emphasizing the excessive importance of the work being done for the ecosystem;
• Avoid emphasizing efforts to promote or further decentralize the project;
• Provide independent speaking rights for the project's DAO or foundation to avoid confusion. A better approach is to differentiate the project development company Labs from the subsequent foundation (e.g., Ondo Finance and Ondo Foundation, Uniswap Labs and Uniswap DAO), or simply not share the same name with the protocol;
• Ultimately, all communications should reflect the principle of power decentralization, especially in public settings. Communication needs to be open and aimed at preventing significant asymmetry of information for any individual or group.

The transformation of identity is particularly important, and attention should be paid to the fact that you are no longer the CEO with great power.

3.3.2 Public Information Channels

In addition to the matters that Web3 projects need to pay attention to in their daily operations, they should disclose the project's progress and operations to the public as much as possible, which is exactly what the SEC requires in terms of information disclosure. For example, it is necessary to use simple and practical public communication methods, such as public Notion pages, Discord channels, governance proposal voting forums, weekly summary meetings, etc.

In decentralized encrypted networks, because project code is open source, the key to the success of decentralized projects lies in execution, not in holding "confidential" information. If a project retains "confidential information" without disclosure, it is unfair to investors and exacerbates the security attributes of the tokens.

3.3.3 Token Lock-Up Period

In addition, Miles Jennings also mentioned the need to always extend the token lock-up period, at least one year from the date of token listing. The SEC has successfully used the absence of a one-year lock-up period to literally prevent Web3 projects from issuing tokens. This approach can help mitigate the aforementioned legal compliance risks, reduce the pressure of token dumping on token prices, and demonstrate confidence in the long-term viability of the project.

Once decentralized, no individual or company is the spokesperson for the project. The project's ecosystem is its own, independent and unique.

IV. Exemplars of Decentralized Projects

It is difficult to define a standard for complete decentralization in the market, but we can still provide guidance by observing the decentralized paths of some relatively compliant projects in Europe and the United States. Uniswap, as the most successful decentralized exchange, has a growth path worth learning from, especially in the sensitive cryptocurrency trading business, and in the context of opaque U.S. regulation. Additionally, compliance for Fintech companies is of utmost importance.

We have outlined the compliance path of Uniswap Labs after the separation from the protocol, which provides a regulatory-friendly decentralized sample for Web3 projects. The purpose of this separation is to achieve progressive decentralization on the one hand, and to gain more room for maneuver in regulatory compliance on the other.

A. Decentralized Non-Security Tokens

The Uniswap protocol runs autonomously on the chain, governed by the Uniswap DAO, achieving decentralization, with the governance token UNI. This model avoids SEC's securities classification and has favorable court rulings.

B. DAO Legal Wrapping Limited Liability for Members

The Uniswap DAO establishes the Uniswap Foundation as a legal entity, serving as the legal wrapping for the DAO, ensuring limited liability for DAO members and enabling interaction with the Web2 world to expand influence.

C. Independent Operation of Labs Flexible Front-end Development

The Uniswap Labs team, which previously developed and maintained the protocol, operates as a separate legal entity and becomes the main contributor to the protocol. This not only frees the team from restrictions imposed by the protocol but also allows them to build and maintain front-end products by calling the backend protocol, ensuring sustainability, such as the previously fee-based Uniswap DApp.

D. Regulatory Application Rather Than Protocol

As advocated by a16z, decentralized on-chain protocols are just code and are difficult to comply with regulations, while front-end applications developed by Labs can fully comply with regulatory requirements, enabling the team and the product itself to avoid potential regulatory risks. Like any app, front-end applications can incorporate KYC/AML/CTF verification as per regulatory requirements, delist tokens flagged by regulators at any time, and apply for licensing qualifications, etc.

Although on April 10, 2024, Uniswap Labs received a Wells Notice from the SEC, informing them of possible regulatory enforcement actions such as litigation, it is more about the nature of its encrypted trading business itself rather than non-compliance with the decentralized legal structure.

V. Regulatory Obstacles in the Chinese Jurisdiction

The token issuance compliance strategies mentioned above are a summary of the compliance experience of some leading projects, especially in a relatively open jurisdiction for cryptocurrencies like the United States. For China, a jurisdiction that prohibits any cryptocurrency activities, token issuance inevitably comes with great risks.

In fact, the nature of regulation in both jurisdictions is the same. Imagine being in a gray area, where the project earns shining gold through gray means, and it happens to be seen by some people who "happen to have" enforcement power. The United States values the rule of law and will use more rule of law means to deal with you, while China's one-size-fits-all attitude indicates everything.

Therefore, it is advisable to avoid any possible reasons for enforcement.

5.1 Criminal Risks in the Token Issuance Process

It is well known that decentralization is a major feature of the Web3 industry, but the project team behind the operation of decentralized projects and the actual controllers of on-chain addresses are always citizens subject to legal supervision and constraints. Therefore, project teams need to avoid crossing the red line of Chinese law as much as possible during the token issuance process. During token fundraising, project teams often attract users to invest with high returns, promote projects through public channels such as Twitter and Telegram, and collaborate with offline ground promotion teams to attract unspecified groups for project promotion. This token fundraising model is highly likely to constitute the crime of illegal fundraising.

In a short period, the founding team of Web3 projects raises a huge amount of assets through token issuance. Due to the lack of necessary regulation and transparency in managing the project's financial situation, opaque disclosure of fund handling can easily lead to the misuse of funds by the project team, such as core team members purchasing luxury cars, houses, or using funds for personal cryptocurrency trading, ultimately leading to the squandering of funds and the inability to return them for the construction of the ecosystem, constituting the crime of fundraising fraud.

In addition, as mentioned above, in the process of promoting tokens, in order to achieve rapid user growth, it is common to collaborate with ground promotion teams and KOLs to attract users to purchase hardware devices or cloud computing power for profit, and use referral development and hierarchical commission forms to reward user growth through user fission, which easily constitutes the crime of organizing and leading pyramid selling activities.

Reference: Criminal Risks That Token Issuing Projects May Face in the "Xirtam Incident"

5.2 Beware of Opportunistic Law Enforcement's Harm to Web3 Projects

Currently, local governments in some remote areas are under tremendous financial pressure, and there is a serious trend of opportunistic law enforcement against Web3 projects in judicial practice. Technology companies collaborate with public security agencies to investigate and arrest key members of domestic projects, such as senior executives and those in possession of private keys, and forcibly transfer the tokens or other cryptocurrencies held by the individuals involved to addresses controlled by the public security agencies for disposal and liquidation.

Normally, the confiscated income should be turned over to the national treasury, but in judicial practice, a few local governments use the confiscated income as part or all of the case handling expenses, returning it to the agencies handling the cases. In this way, the collaborating technology companies also receive a technical service fee.

This is a threat to the business model of Web3 projects.

In the aforementioned law enforcement activities, the investigation of core project members by regulatory authorities on the grounds of involvement in a case will inevitably cause panic and a lack of security among the project community members. The disposal and liquidation of tokens in the secondary market by the agencies handling the cases will also cause drastic fluctuations in the token prices. After the entire project is investigated by the agencies handling the cases, regardless of whether the final conclusion involves suspicion of illegal activities, the project will find it difficult to continue operating in the future. Ultimately, the community developers, loyal users, and investors will bear the brunt of all this.

Therefore, for Web3 projects, in the face of opportunistic law enforcement that may harm investors and ecosystem participants, it is necessary to arrange for core project members in product, technology, and multiple-signatory managers of project addresses to work overseas. Implement multi-signature management for project financial addresses to avoid single-point risks and take responsibility for the security of users' assets.

VI. Conclusion

The above framework provides a preliminary compliance approach for token issuance for Web3 projects. Of course, different projects will have different compliance points to add, such as data compliance requirements for DePIN and DeAI projects, financial compliance requirements for RWA and payment projects, and so on. Please consult your own lawyer before the project is implemented. Not Your Lawyer, Do Your Own Research.

This framework aims to help Web3 projects explore token economics, ecosystem development, and promote project decentralization with more confidence, without having to bear the risks associated with owning tokens.

Of course, not every project will be suitable for Web3 project decentralization, and achieving compliance will also require corresponding costs. Project teams must carefully plan for decentralized operations.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。