DeFi (and the Canadian crypto community, in particular) woke up to a pretty dire headline yesterday. We learned that "Sifu," who goes by @OxSifu, a core member and CFO of the DeFi Wonderland protocol, was Michael Patryn (also sometimes known as Omar Dhanani), an apparent co-founder of failed, infamous (to tell the truth). lightly) Canadian Stock Exchange QuadrigaCX.
This discovery also shocked me. As a young upstart in Canadian crypto circles in 2010, I was exposed to Patryn, an experience I was quoted in an investigative article in Vanity Fair in 2019. Following yesterday's news where an unnamed team member of a leading DeFi protocol has been exposed. As a career criminal, I find myself thinking deeply about the issue of anonymity, reputation, and trust in DeFi, an industry that places so much blind faith in its personal history, motivations, and ideals.
Joseph Weinberg was an early investor in Bitcoin in 2010 and a director of Coinsetter until acquired by Kraken in 2016. Weinberg is currently a co-founder of Shyft Network, the blockchain-based network of trust that restores trust, credibility, and identity. . This article is part of CoinDesk's Privacy Week series.
As someone who was there during the early days of Canadian crypto, I can tell you that we were truly navigating the unknown in those early years. Actors have emerged in this environment that today our space would not tolerate. I won't talk or reveal more about Michael/Omar for personal safety reasons, but the point is not about him; It is the moral compass that we must demand and a requirement to fight for the improvement of our ecosystem and humanity.
Is complete anonymity practical in a space where bad actors inevitably exist? When we remove anonymity from founders, does DeFi adoption suffer? How can we move forward when situations like Wonderland remind us of what we have worked so hard to change since 2013? These are all questions I am asking myself right now. Next, I also want to share what I think could become answers, and a way forward to improve confidence in DeFi.
The risks of anonymity in DeFi
I am not going to argue against anonymity in DeFi, but rather share some ways that pseudo-anonymity and reputation can protect against bad actors like Patryn receiving keys from user funds. While Quadriga was a centralized (sole proprietorship) exchange, Wonderland's treasury is still held by the top key signatories – a pseudo-custody situation, where risk becomes a factor. Smart contracts may be self-executing, but the people who control the funds are independent actors.
This is where human intervention becomes a problem. The community is committed to the idea that whoever is in contact with their money will do the right thing. Most of the time it works. Until it doesn't. Would you invest in a project with Chef Nomi of SushiSwap, the infamous co-founder who suddenly liquidated his holdings and crashed the token?
Read More: 'IF **ked Up': SushiSwap Creative Chef Nomi Returns €14M Development Fund
Anonymous teams are not subject to background checks, credit checks, or a variety of security checks that ensure individuals do not have criminal records or appear on sanctioned watch lists. As DeFi grows and the ecosystem seeks institutional adoption and a broader set of market players, with great power comes great responsibility.
In Bitcoin and Ethereum, where automatic rule enforcement is based on consensus, the individuals themselves don't matter as much: they don't have the extra skills to do anything wrong.
It is therefore no surprise that the recent Financial Action Task Force (FATF) guidelines focus so heavily on DeFi. The FATF argued that the central signatories control the funds, essentially making them regulated entities, while Decentralized Autonomous Organizations (DAOs) may (and probably will) be classified as Virtual Asset Service Providers (VASPs) to some extent over the next few years. years.
Read more: What the latest FATF guidelines mean for DeFi, Stablecoins and self-hosted wallets
These guidelines have been intentionally left open and broad so that regulators can choose how to address these issues. If we allow bad actors to hold power in DeFi protocols anonymously, increasing regulation would raise many red flags and taint asset pools and institutional trust.
The power of proven reputation
What we need to do as a community is think about some of these issues in terms of social reputation and trust. We know that people are not willing to give up their identity and, after all, we are fighting here for freedom and openness. Instead, again, we trust people. In Patryn's case, that is what happened. We let recent actions speak more than general reputation. It is a lack of trust and of our social responsibility as an industry.
The future I would like to see for DeFi, and the path to mass adoption of institutional DeFi, would replace total anonymity with pseudo-anonymity based on the power and utility of certifications.
Pseudonymity is the concept of revealing parts of yourself and partially revealing essential information to people. On the chain, we can vouch for someone's background without knowing their name, reveal protected personal information (PPI), or mislead someone. We can find out “blindly” who people are and what they have done, and then reveal those answers to those who know them, all without revealing their identity.
Choice and commitment
Crypto does not forgive. In an ecosystem without trust, all we have is the trust we create and the integrity we maintain. We need to integrate systems to increase confidence in anonymity. The irony of trustless systems is that the layers above forced execution by code require trust. If DeFi continues to grow, we need to step back and ask ourselves how we can enable it to interoperably interact with anonymous systems and people.
The promise of DeFi is open, but I think the true end is when we have a slightly modernized reality of what we experience today. What makes DeFi great to some is currently leading to critical breaks in basic financial system risk requirements: AML, data coordination and reconciliation, layered preferential deanonymization (pseudoanonymity).
Read more: The privacy DeFi needs to succeed
We can all say, "But Satoshi believed in it," but then again, it's not bitcoin; it's not the base layer, and saying "all anonymous" is the opposite of what freedom is: choice and commitment. These systems allow us to start anonymously and make commitments to optimize or enable other services that work better (ie centralized exchanges). Bitcoin and subsequent networks like Ethereum were not originally designed to be anonymous systems; they were designed to give us censorship-resistant transparency.
Don't get me wrong: I hope to live in a future where we're completely anonymous and everything is 'private by design', but until then I'm working with reality as a mix of the world we grew up in. and the one we create.
The crypto space was designed to give us all freedom of choice and a new paradigm in building options and levels of freedom. These freedoms are up to us to decide, and every user in our ecosystem already makes these decisions every day.
To truly follow this march, we need to understand what others want in their toolbox of choice. Institutions, for example, want to know who they are doing business with; Governments want to know that we do not launder money or finance terrorists. Advocates of a DeFi project want to know that it is not connected to someone who has egregiously acted in bad faith towards innocent people who do not deserve it. I know people who were hurt by Quadriga, and early cryptos like me knew never to have assets there because of what we knew.
In DeFi and crypto, insider knowledge and shadow play should no longer be what protects people from bad actors – that era of our space is over. Today, regulators react to people's actions as a demonstration of next-generation innovation and the future it's building. We are all in the spotlight right now. We've come so far since the early days of the Wild West, and the actions we take now will forever be cemented in the history books and the rules created in response to our efforts.
Let's not go back there.
Read More: Mastercard's CipherTrace Used 'Honeypots' to Assemble Intel's Crypto Wallet