dFMI: the Issuance and Redemption of Tokenized Assets
Previously in our series on dFMI, we discussed asset tokenization which allows for a new post-trade business model whereby participants can interact directly with one another without the need for an intermediary.
In this post, we’re going to examine some methods for creating tokenized assets on a blockchain and set out some of the necessary prerequisites.
Cryptocurrency was lauded as a way to control the supply and issuance of a medium of exchange without a third party. Making transparent the supply and issuance of this currency decouples it from unforeseen political events, such as the quantitative easing as a result of the Great Financial Crisis of 2008.
Cryptocurrencies are an example of native on-chain assets. These are created on the genesis block of the blockchain and have predetermined issuance and supply mechanisms.
However, if the use case is an on-chain representative of an off-chain asset, such as property, equity or debt instruments, the form needs to represent the function. For example, a future state of equity in a company could be an on-chain asset, if it were initialised and issued on chain and potentially run in a Distributed Autonomous Organisation (DAO) like structure. This would not work with a debt-like instruments or derivatives as they are comprised of a nominal and a sequence of payments. In our current economy, Central Banks manage the money supply reacting to societal and political events, and the economy at large. Their mandate is to ensure price stability, while maintaining economic growth and high employment rates. Various Central Banks and traditional and stabilising financial institutions have been in discussion about creating a digital currency, but it should be noted that there is a difference between a cryptocurrency with a predetermined supply and issuance, and a digital currency with the supply and issuance maintained by a Central Banks.
With securities in the form of debt or equity instruments, within the regulatory boundaries, the supply and issuance are already controlled by the issuing company — along with many intermediaries — but we’ll come to that later. Issuing an equity as a native asset of a blockchain is possible.
There are many factors to consider when it comes to issuing regulated securities on a blockchain, such as mergers and acquisitions, corporate actions, and finality. Creating a new blockchain each time there is an event such as this is not particularly efficient, nor is having an individual blockchain for each company that issues equity.
Issuance of Assets
The native asset model is not the only token creation model. There is also a model whereby tokens as representatives of off-chain assets are issued onto a blockchain by a company wishing to raise capital. This model is subdivided into two categories:
- “Direct issuance” — the direct issuer is the entity that’s liable for the claim against the token.
- “Blockchain-as-intermediary-omnibus” — the blockchain provides a record of the ownership of assets held in escrow by a custodian.
In these models, the mechanics are as follows.
- In both cases the assets are marked as issued on a blockchain by the direct issuer on the computer system it uses to record ownership.
- In the direct issuance case, this does not have to be a native token, it could be, for example, an ERC-1400 compatible token on the Ethereum blockchain.
- In the “blockchain-as-intermediary-omnibus” case, where a custodian would be issuing, the assets are “locked down” on a special custody account. A secure communication of the issued or “locked down” assets is sent to the blockchain, where token representations of these assets can be issued and control of the tokens transferred to the appropriate owner.
- The common factor in these categories is that an off-chain entity has the rights to change the supply of tokens on the blockchain.
- Transfer of value can then happen as normal on the blockchain. Different owners can transfer control and, thus, ownership of the tokens to each other. This can also be part of a synchronous exchange — or atomic swap — a research focus.
- In the case where the owners wish to remove assets from the blockchain, a redemption, they will need the blockchain where the instrument ownership is recorded to communicate securely with the system of the direct issuer or custodian to allow the assets to be unmarked or removed from the custody account, as we shall discuss later.
In the “blockchain-as-intermediary-omnibus” case, the custody account is an important factor to consider. With regards to fiat currency, the special custody account was highlighted in a recent Bank of England (BoE) paper. This study was designed:
“to understand how a renewed RTGS service could be capable of supporting settlement in systems operating on innovative payment technologies, such as those built on Distributed Ledger Technology.”
One of the central findings was to consider how:
“different account structures, including a single account structure, could be used in the renewed RTGS service.”
Jointly held or omnibus accounts are a useful tool for assets, from a custodial perspective, simplifying operational procedures and allowing for internalised settlements. However, in various edge cases such as bankruptcy, segregated accounts have historically made the identity of the asset holders easier to identify and ensure that remaining asset holders can continue to function as normal. A blockchain-based topology has been proven to facilitate the transparency and system resilience associated with segregated accounts.
Nivaura has taken forward the issuer model for tokens through their work in an FCA sandbox. In this PoC, they demonstrate that a public blockchain can act as a registry for securities denominated in either fiat or cryptocurrency. This re-emphasises a topic we discussed in the first post of the dFMI series; namely that the use of a blockchain allows for the removal of account based intermediation. They note that a blockchain can enable the reunification of nominee and beneficial ownership of an asset. This legal segregation was previously necessary for the original dematerialisation of intermediated assets and automation of settlement processes.
Assessing the risks
In the “direct issuer” model, the token issued on the blockchain is effectively a liability of the issuer. If there was a difference between the issuer’s record of tokens issued, for example in data they provide to a regulator, and those recorded on the blockchain, the issuer would effectively be responsible for the difference.
In a “blockchain-as-intermediary-omnibus” where a custodial counterparty is necessary, the issuer is holding assets on behalf of other parties in its legacy accounts. For this, the risk situation is more complex. For example, if Custodian A holds Facebook shares on behalf of Fintech B (which would have to be an entity regulated to hold client assets and be subject to the Client Assets Sourcebook), and Fintech B has been mandated by Facebook to issue the shares onto a blockchain, there are two risks in addition to pure Facebook risk:
- That Fintech B goes bankrupt and the shares represented on the blockchain are swept into its estate.
- That Custodian A goes bankrupt and the backing of the shares is unclear. The ability to issue and redeem them would also be impacted until the courts find a resolution.
For these reasons, the best method would be for the issuer to be the true owner of the token liability. However, in the short term, we suspect most issuers will not want to issue their own liabilities directly onto a blockchain. They likely do not have the expertise and they’d most likely want to outsource this service to a custodian service of some kind.
The next best method would be for the custodian to use an immobilising account in the name of the issuer. This has almost the same impact as the issuer issuing directly, as the risk is limited to a disruption of service during the bankruptcy of the custodian.
The issuer model of tokenization requires communication from one entity (the issuer) to many, (the blockchain) and vice versa. The fundamental problem revolves around how a ledger that is not part of the blockchain consensus mechanism can communicate securely with the blockchain. While a full exploration of this topic will be the subject of future posts, it’s worth highlighting some of the issues and potential solutions at this stage.
The issue is the potential introduction of “translation” middleware that re-introduces a single point of failure (SPOF) as the BoE report states. The BoE explores ways to mitigate this risk and postulate the use of some form of cryptographic signing. This provides a verifiable assertion that the issuer/custodian sent the message received by the blockchain. An even better methodology would be to use Merkle Proofs which prove the state of the issuer/custodian database.
Although these methods could work, the cleanest method would be for the issuer/custodian to hold the private key for the token issuance/redemption contract. This approach has the benefit of explicitly identifying the issuer/custodian for what they are — another counterparty.
In the near term, dFMI will require custodians to issue and redeem tokens on a blockchain that represents assets created in existing legal frameworks. The first step is to create an immobilisation account, whereby the blockchain is able to control events that redeem assets from that account in line with the transactions that are validated on the blockchain.
The second step is to create a secure communication method that does not introduce any new weaknesses (SPOFs) into the blockchain. A major benefit of blockchain is to improve resilience and reliability. But compromises associated with integration to legacy technology might reduce the benefits of these improvements. This is clearly an important consideration for those attempting to reform financial markets infrastructure.
The ideal outcome would be for issuers/custodians to manage the private keys for the token contracts themselves. Failing that, different forms of cryptographic proofs could reduce these weaknesses.
The issues discussed in this post are a fraction of the complexity in question when it comes to issuing assets on a blockchain, we welcome further discussion on the topic.
Our future posts will examine resilience, privacy and network economics in dFMI.
Head of Services & USC Consortium Executive, Clearmatics
Tweet us @Clearmatics
Read our second blog post on distributed Financial Market Infrastructure here.