The CFTC and Ooki DAO: What It Means. Kayvan Sadeghi, Partner of Jenner & Block - E93 Artwork

The Encrypted Economy

The Encrypted Economy podcast explores the business, laws, regulation, and security relating to our most valuable digital data...whether financial assets, proprietary data or personal information. Join us each week as we delve into what makes up the new encrypted economy as well as the developments that are shaping our economies and world.

All Episodes

The Encrypted Economy

The CFTC and Ooki DAO: What It Means. Kayvan Sadeghi, Partner of Jenner & Block - E93

October 03, 2022 • Eric Hess • Season 1 • Episode 93

On this week's podcast, our guest is Kayvan Sadeghi, Partner of Jenner & Block. We discuss the CFTC complaint against bZeroX, LLC and Ooki DAO and its implications for the DAO ecosystem. Be sure to subscribe to The Encrypted Economy for more coverage of the evolving legal environment in web 3.

Topics Covered:
· 0:00 Introduction
· 1:40 Kayvan’s Background
· 2:50 Framing the CFTC Complaint and Settlement
· 15:50 Who is Liable?
· 19:00 Who is the CFTC Going After?
· 28:10 How Does RUPA affect DAOs?
· 37:00 Potential Chilling Effect on DAO Governance
· 46:10 The Logic of Wrapping DAOs
· 51:00 Will the Court Approve the Service?

Resource Links
CFTC Complaint
CFTC Legally Served Ooki DAO via Website Help Bot, Court Rules
Kayvan Sadeghi
Kayvan's LinkedIn
Jenner & Block
SEC Deems Nine Tokens as Securities
Revised Uniform Partnership Act

Eric: [00:00:00] So on today's podcast we have Kayvan Sadeghi Partner at Jenner & Block talking about Ooki DAO and bZeroX at cftc both settlement and the complaint and its implications for DAOs generally. It's certainly attracted a lot of attention in the digital asset space. I'm not gonna summarize it here cuz we do get into it in depth.

We try to cover it in a way that I don't think's been covered elsewhere. That's certainly the objective and I think anybody who's gonna listen to this is gonna learn a lot and get a lot out of it. So, hope you enjoy it. Please share it if you do. And with that, I bring you Kayvan Sadeghi at Jenner & Block.

Welcome to The Encrypted Economy, a weekly podcast featuring discussions exploring the business laws, regulation, security, and technologies relating to digital assets and data. I am Eric Hess, founder of Hess Legal Counsel. I've spent decades representing regulated exchanges, broker dealers, investment advisors, and all matter of FinTech companies for all things touching electronic [00:01:00] trading with a focus on new and developing technologies.

All right, so welcome to the Encrypted Economy. I'm really excited today to have Kayvan Sadeghi on the podcast. He's a partner at Jenner & Block and very focused on digital asset practice. Welcome Kayvan.

Kayvan: Thank you. Good to be here.

Eric: So today we're gonna talk, we're gonna delve a little bit into the B zero X order by the CFTC, with Tom Bean and Kyle Kissner as respondents as well.

But before we do Kayvan do you want to maybe give a little explanation of the nature of your practice, what you focus on before we start to dive in? Sure.

Kayvan: Thanks. I'm litigator by background. I've been focused on litigation and investigations for about 20 years, mostly around the financial markets.

And I lead the blockchain practice at Jenner. Got into the blockchain space. Late 2016, so I guess we're going on six years ago now and went down the proverbial rabbit hole then and have been representing all sorts of clients in the space since then across Defi, some of the major, [00:02:00] exchange or trading platform projects and all sorts of others.

Yeah, as the. As the industry has evolved for the last five, six years.

Eric: Excellent. Today, we had some very interesting order over the last couple weeks. In digital assets it's always a little bit like drinking from a fire hose, but this this action in particular, I think caught a lot of people off guard.

We're typically used to the moaning, the SEC's endeavors to constantly expand their authority. I know others may disagree, the expansive and the expansive evolution of law and basically trying to expand their reach. But the CFTC had been posed as, hey, this is a more, a regulator that kind of gets it.

And low and behold we have this case, which has set off some alarm bells in the space. And there's a lot of things actually to digest for the benefit of the listeners. Can you frame the complaint and the. Sure.

Kayvan: A absolutely. And there, there are two key pieces there. There's a settled order, which is a [00:03:00] settlement, and then there's a separate complaint that was filed by the cftc.

And the settlement was with the company behind B zero X that had operated the BBC X protocol, from at least 2019 until 2021. And the two founders of that project, who were the two members of the LLC, that was, that corporate defendant and they all settled with the cftc, essentially agreeing not to continue and pay a $250,000 fine and cooperate with the CFTC going forward Separately the CFTC brought a complaint because back in 2021, about a year ago, the protocol had been transitioned from the company to.

And the DAO was not represented in the dealings with the CFTC separately from the individuals or the company, and so the DAO was not part of the settlement, and the CFTC brought a separate complaint against the DAO itself as an unincorporated association separate from the order that they had settled with the individuals in the company.

Eric: Great. So [00:04:00] let's start with the settlement with the original founders. Before we dive into the DAO a little bit. What's the nature of that settlement and was it an expansion or anything surprising? Just maybe more of an opinion in, in, in what they pursued against the original founders. Sure.

Kayvan: Yeah. I didn't find the order and the action against the company and the founders to be particularly surprising. The nature of the BCX protocol was that it was offering leverage trading to retail users. You could get five x exposure to, an E five pair, things like that. And that really is the core of what we think of as the CFT C'S mission.

You, you can't be offering margin or leverage products to retail with that. That's just. Permissible, and that's the core of their mission. So going after a project or protocol that's offering that sort of margin and leverage to retail is not surprising at all. And that was the heart of the order, which essentially requires the company had already [00:05:00] phased out of that and transitioned to the DAO the individuals agree not to violate these provisions of the Commodities Exchange Act.

Again, they agreed to pay a $250,000 fine jointly and separately and to cooperate with the CFTC going forward. Now,

Eric: as it relates to that particular conduct, I think there's obviously a number of protocols out there that defi protocols that offer margin and leverage and, fu derivatives type products, for a fee.

Does what are the implication for those projects is this basically the first time we have the se, the CFTC saying, you need to register as an fcm. We haven't changed our position. Even though this is core, it applies to defi, and you're not exempt, by your own definitions. Is that what's going on?

Is that a surprise to some in the defi space? I've heard

Kayvan: some people express some surprise, but I don't find that part particularly surprising. It, I can understand the C'S position there, that, and especially here where you have it, clearly [00:06:00] identifiable founders and a company that was running it and they retained control, which I'm sure we'll talk about, as we go forward.

So there are some elements there that were not particularly surprising and the CFTC has taken other actions against protocols in the space, the, an action against opera a couple years ago to make clear that, if they see something, even its blockchain based that looks like it's offering, some sort of derivative product or margin leverage, they're gonna go after it.

And so that part, I think is. Pretty well understood at this point,

Eric: let's shift the bit to the complaint against the DAO and we can even pull from the settlement order itself and some of the things that were noted there because it seems like the CFTC made this case against the founders that they settled against and then they said the founders basically transferred it all over to the DAO.

And so, what they had, what we're settling against is now in the hands of the DAO and now we have to go after the DAO. Perhaps one of the things we can start with is this notion of control, that it really [00:07:00] wasn't, decentralized or maybe even more so autonomous in its operation. And one of the things that's noted a few times in the order are the administrative keys.

Do you wanna expand on that maybe a little bit?

Kayvan: Yeah, sure. So, I think, and that is, I think a crucial part of the, the recitation of the facts in the order and the way. They're perceiving this complaint. They alleged that the founders still had the admin keys which enabled them to, essentially pause the protocol and restart it and have control over the operation.

And they note not only that they had these keys, but that they'd actually used them. That they had in fact, during the relevant period, taken action to, to cease the, pause the protocol essentially. And that's in relation to the BCX hack that, a lot of people are familiar with.

So when people ask if this action happened or was more likely to happen because the protocol was hacked, I'm not sure that's direct cause, but it obviously raises the profile of the project [00:08:00] and it clearly feeds into those allegations because it was a, an easy way to demonstrate that the founders, not just had theoretical control, but it actually exercised that control, apart from the protocol just functioning on its own.

And

that creates kind of a conundrum for projects, because particularly around, security. Obviously, security is a major issue in the space. There's a lot of hacks, a lot of rug poles, and the industry is still maturing into how it deals with it. But certainly, the ability to respond to a cybersecurity hack through an admin key, just because you can't always, maybe we've reached the day sometime where we can autonomously anticipate every potential cybersecurity hack, but it seems like for now, you know when something unknown happens or the unexpected happens, you're going to have to.

Address it in a way that might be a little more overt. And I think you also saw something similar in, when you have a stable coin like terror where all of a [00:09:00] sudden, some central figure, even if it was previously seen as hey, it's a DAO, it's autonomous, but a central figure has to get involved to try to stem it, has to be more active.

You see this repeated again and again when, the proverb, when the proverbial I guess shit hits the fan, it, it's often hard to say we're just gonna run autonomously. Does but in this context, does security represent a bit of an Achilles heel going forward for the industry?

Yeah, it's, this is always the tradeoff is how do you balance these sorts of competing need for security and the ability to react to unforeseen circumstances with the ideal of being fully decentralized, which is as a general matter, not a. Structure that is quick moving. And it's very hard to react instantly to something if you're truly decentralized as the industry matures and Legos get built, that each in appear pretty secure on their own, and that will lead to less need for intervention.

But especially as we're [00:10:00] evolving in new protocols are being developed it's hard to just put something out there without that capability. And so, I agree. This is the problem that protocols have to, wrestle with, is how do you house that power If you have to have a power to, to address these things?

How do you house that power in a way that doesn't subject you to liability?

Eric: And in this case, you had the two founders who had that power, and presumably it was through them that the hacks were managed. I guess you could arguably make a case if you wanted to mitigate that risk. You could have a specific group that would somehow have that, potentially that authority, but not necessarily tied to the central founders and maybe limited in the context that they could use it.

I don't know.

Kayvan: Yeah, and I think this is a, the, these are the sort of things that complicate enforcement actions if they're set up other ways. But it makes it clear why a project like this is one that the CFTC would come out with it. A lot of those sort of other [00:11:00] issues that make it difficult for enforcement or litigation were relatively streamlined or simple here.

It's clear founders, they're clearly in the United States and easily identifiable and within reach of the CFTC and all of those things. And so, you didn't have to worry about those sorts of jurisdictional questions or or identifying the correct people or anything like that. So, I think that, makes it much easier to focus on the and they're clearly offering leverage products, so it makes it easier to just say the only

new variable here is they switched it to a protocol instead of a conventional, pumping operation. And CFTC view is, that doesn't make a difference.

Eric: And to what extent do maybe even some of the statements that they made might have also fed into this? Do you think that some of the incendiary statements that they made Hey, we don't need, customer identification, CIP p and even a statement that they made when I think one of the founders, and, the problem with these things is, there's a whole history of statements that people make and chats and comments and, [00:12:00] it's all public.

And, when a regulator comes in, all of it is reviewed. And, if you said something really horrible one or two times that's going in the order or the complaint, not like all the other statements that you made and maybe the one time that you inadvertently slipped up. But having said that, there were statements made that, hey, everybody else is getting legal notices and lawmakers are trying to decide, what they, whether they want companies to register as defi companies, but we're taking all the steps, is when they transferred it to the protocol to ensure that, when we get asked to comply, There's, we really have nothing that we can do cuz we've given it all to the community and it's completely apart from us.

So, they leverage that. Say, hey, come after us all you want, we're gonna give it to the community. We're future proof. Did that antagonize it, or do you think it, it maybe didn't make all that much difference?

Kayvan: I think it's very problematic for the CFTC in for good reason to you know, to float the legal requirements in certain ways.

One of the core requirements of, anybody [00:13:00] who's gonna actually register to offer leverage margin products, all those things, is to do the sort of, know your customer, all those sort of requirements to make sure that they are eligible to participate in those sort of products and to take the approach that we are going to not.

Not do that and not register, but we're going to advertise that as a key selling point of our platform that you don't have to provide the information that the regulations would require of a business in this format if done differently. That, it's perfectly understandable, once CFTC felt they needed to go after that to you, you can't, if you're the cftc, you can't have people setting up businesses that look a lot like they should be the regulated business and then, advertising the fact that they're just not c complying with those laws as one of their primary selling points.

And that's the way the s CFTC view, whether that's a fair characterization, maybe separate, but that's the way the CFTC saw it. And then the second part of that saying, oh, and now we've turned over controlled to a DAO, which, CFTC points out, the founders were still very active in making [00:14:00] proposals and voting in the DAO.

it's a little u unclear how much that was a true transition of control, but to say, oh, we've transitioned to it to a DAO, therefore there's nothing you can do. Oh, that's baiting the cftc. I don't think that's going to be effective if they're gonna come after you, they're not gonna agree that sort of a transition, immunizes you from

scrutiny.

Eric: I wanna talk a little bit about smart contracts and what this means for smart contracts and how it integrates with the sort of the regulatory review of DAOs. Can you really say it's in a smart contract and thus just not being controlled. But before we do that let's pause a second on the administrative keys.

Are there any other things you want to note with regards to the administrative keys that you thought was directional or important to keep in mind, with regards to its focus on.

Kayvan: It's it’s a good question. I think the allegations that the keys were actually held and used by the core founders.

I think they really seize on that as being the continued operation of the [00:15:00] business. And so, it, they use that as the continued operation. I think that's really the challenge for any company in this space. Do are, if especially if you're transitioning to a DAO, is the DAO really in controller?

Is the DAO essentially taking straw polls that will then be implemented by whoever's holding the keys and what control, do. Whether it's multisig or whatever format you have, what control is really resting with those people as compared to, the DW vote directly. And that's, I think, a core design issue for a lot of DAOs, that we're

seeing.

Eric: And touching on the governance issue, which, CFTC went down the direction of in terms of who is liable versus the multisig specifically, is the reason why it ultimately went after. And we're gonna talk more about it, those particular holders. Is it, do you think it's effectively tied to this whole concept of the administrative key?

It's a very interesting question because, there, there's been a lot of discussion of [00:16:00] who would face liability in the context of a doubt, would it be just the key holder, the, the multisig, the members, whoever holds the keys as really having control, Or would it be all holders of the governance token, or would it be, the line that the CFTC drew here, which is only people who voted in the governance and, I don't think they're.

Kayvan: Was a clear answer. I think the CFTC was, rightly concerned that if you try to say all governance token holders are potentially liable, that, that's reaching too far. And there are a lot of problems with that sort of argument. I think there were important, new reasons why they didn't wanna limit it too just the

you holders of the private keys, because that would be, arguably too easy to game. You could put a couple people with no particular resources as the admin key holders. And if those are the only people who are reliable, even if they're following the direction of others, that's problematic as well.

I can see why the CFTC felt some need to balance but those are [00:17:00] complicated issues and there's not a lot of precedent for it.

Eric: The implications for smart contracts, everything intertwined, it's hard to talk about smart contracts without talking about administrative keys and the ability to influence it.

But is this, is the CFTC effectively stating that for a smart contract? That facilitates the activities that a FCM would normally facilitate are they effectively saying that the smart, that you can't leverage this notion that it's in a smart contract because we will still be looking for an intermediary that is somehow behind that smart contract?

Yeah, I think that's right. Conventional companies automate as much as they can also, so the fact that a lot of your operations as a company are automated and you don't need people in the middle of every transaction that goes through your business because parts of it have been automated, doesn't mean you're not still [00:18:00] overseeing and supervising and responsible for that automated process you created.

And that things don't need to have, discretionary human touch at some stage of the process in order to have liability necessarily. But I do think that's the CFTC would like to be able to take the position. The smart contract performing operations is probably subject to the same. Rules to something else, but for now, yeah, I, what they've bitten off here is the easier issue of if we can demonstrate somebody is still actively in control of it, then the fact that part, that the part of the system they're controlling is automated on a blockchain as opposed to automated on a centralized server that they control is distinction of without a difference.

And I think that's an easier piece to start with for them. If you can show somebody who's really set up a business and is still in control of this and they've just automated a piece of what they're doing, that doesn't get you out of regulation. It's different if you get to the point where you can actually walk away and the smart contract is really just operating on its own and the founders haven't touched it in a long time [00:19:00] and there's, no oversight that way, which would be a much harder case.

But that's not this case.

Maybe let's talk about the DAO now. Maybe you could frame a little bit the issue about how the CFTC went specifically after the DAO governance holders. Under what theories, how they tied it in with the original settlement order and how they look to take those similar concepts of control and impute it to the governance in, in, in the complaint.

Sure. And this

Kayvan: is really where I think this action is breaking new ground and where a lot of the criticism comes in, particularly as to the way the CFTC went about it. When you see criticism and around this, both from a descending commissioner and from, various people in the industry, it really is in this transition to how they went after the DAO.

It's not necessarily the order against the founders and, and the original company. So, the approach to CFTC took is to say, look, this business was operating these founders and a company that they were the sole members of the LLC for [00:20:00] multiple years, and then they just transitioned it to the DAO and the DAO.

Essentially succeed, succeeded that business took over that business and is operationally effectively the same. And they point out that the founders were continuing to make proposals and vote in the governance votes. And so, their view is essentially nothing really changed in all of the, liability and issues that attached when it was a company with these founders are just perpetuated and the DAO is responsible for that now.

So that, that's their general view. And then the hard part becomes who's responsible? And that's the line we were just talking about. Is it just the people who have the actual control because they focused on the order against the individuals on the fact that they had the keys, and they actually had the ability to control and did use.

That's not true of all the token holders, and that's not true of all the people who voted, but they are expanding who they think is liable to be people who didn't have that degree of control, but it actually exercised the ability to vote their tokens. And that's the [00:21:00] piece that I think has generated a lot of scrutiny for a number of reasons.

Yeah, I think that's where we'll probably spend a bit of time.

Eric: Yes. And let's maybe even just take a step back before diving into it cuz it's a very meaty topic, both the complaint and even the way that they served the process of that complaint, which is, it's one thing to say, I have an action against this whole community.

It's another thing. Where you start to try to build some precedent or take some action that establishes how you reach out and the implications of that. But what I thought was intriguing was that and I don't mean to call out Commissioner fam, but Commissioner Fam, was not the dissenting view.

And a month or so ago, couple of months now she called out the s sec for their insider case against Wahi. Now, Wahe was definitively a very different type of case that upset a lot of people because the SCC took a view on nine securities that [00:22:00] established their case and basically said, all these are securities.

But none of the projects had the ability to defend. There was no due process. They just labeled them. And that was like, they were basically getting it in the record that, hey, these are securities and these need to be, and they could be the basis for an insider trading action.

But it didn't it, the due process component of it, it seemed almost backdoor to a lot of people. And Commissioner fam reacted very negatively to that. In fact, she published, he said, this is regulation by enforcement. Now, fast forward, we had this case where they're looking to break new area of law with regards to governance holders an area that's under discussion in Congress with a number of bills like Lumis, Gilland build and others, honestly coming before Congress.

Was that an inconsistent position for Commissioner Fam? I'm not trying to get you in trouble, but is that an inconsistent position for a commissioner fam or how would you square that? Like in one case, she accuses the s e C. Of [00:23:00] regulation by enforcement. Yet in, in this context, clearly there is an expansionary view of the law through enforcement, which you would say is again, regulation.

You're trying to, you're trying to shape future conduct. You're trying to establish a precedent. Through enforcement action. Yeah,

Kayvan: It's a very interesting comparison and I think there were people who were surprised that Commissioner Fam didn't come out in insert in this one. I do think there are some distinctions, but you've gotta pick your battles of course.

Yeah. Even if you're a commissioner and yeah, I don't know, any individual's particular views on this action versus the others. So, it's all speculation, of course, but I do think there is a difference between the two the SEC's action against why the insider trading case is really cutting to the heart of

what is a security that's within their jurisdiction or their authority and what is [00:24:00] not. And the sort of line between what's under s e c authority, what's under CFTC authority? And it's going, if that, if the position being taken by the s e c there is correct or were to carry the day, that would mean all of those token issuers are subject to SEC jurisdiction and should have registered.

And that the exchange itself is operating an unregistered securities exchange. And so those are the stakeholders that, that are, it's a disputed issue whether those, issuers or the, or the trading platform are subject to s e C authority. And that's an issue that they're taking on in a case were, not neither the issuers nor the trading platform or a party.

So, it, it is a defining issue over who has authority to regulate the industry. Being taken on against some individuals for the first time when there hasn't been any rulemaking or guidance. And that's the issue that's before Congress is who should have authority to regulate these sort [00:25:00] of players and the SEC's trying to establish that in action against some individuals.

That's the, that's a very different sort of attempt to establish your regulatory reach through an enforcement action. Then I think this action again, by the CFTC involves here with the cftc. Somebody offering five X leverage to retail that's clearly within the CFTC is ambit. And then the question that, where they're being expansive is in trying to establish who you can go after for that, if it's a doubt.

And that is where I think the rubber meets the road here. It’s not so much is the conduct here properly before. CFTC or sec, that part's clear. Now the question is who do you go after for it and who can you tag with liability for that to try to stop it? Which is a slightly different question, but I do think it raises a lot of the same issues.

And that's where the criticism here about regulation by enforcement to me, carries the most force is, as we talked about earlier, it's [00:26:00] not clear who should hold liability necessarily. You could see people drawing different lines, trying to argue anything from the multi-stakeholders to the governance token holders to only people who voted and, or some other combination.

And those are the sorts of lines that they're trying to draw for the first time in the context of a complaint against an unincorporated association where it's not clear anyone will show up to defend it. And so that, that's just, those are the kinds of lines we'd rather see dealt with in some sort of public forum or rule making where, you know, the ability for people to respond and provide feedback rather than just articulating a position in a complaint that may never be defended

Eric: in that context and not in terms of the magnitude of the issue.

What surprised you more? Was it the, and I'm not saying which one's more important, which one was actually more of a surprise to you as a litigator? The expansion of the action on the toon DAO governance. Or the nature of the service to the [00:27:00] members of the

Kayvan: DAO Yeah. The nature of the service I think was probably more surprising to me in some ways, and not that there's a clear right way to do it.

Obviously, there's no, there's not a lot of established presidents on how to serve a DAO. So that part's, you knew they were gonna have to try something that isn't just the conventional method because the DAO doesn't have a registered principal place of business or any of those sorts of things.

Registered agent for service of process, anything like that. But the approach they took here was still a little bit surprising to me. They I think they, and just for background, they tried to serve the DAO by posting the complaint in other papers to a chat box like a help chat box and to the Wiki DAO forum and that, and.

And then they note in their papers that it looks like there were a bunch of tweets mentioning it, and their post and the forum got some, a hundred views or 112 views or something like that. That is not one of the methods of service provided for in [00:28:00] the federal rules., of course, and it's not a conventional method of service, and I think the most surprising part to me about that.

They attempt that and they ask the court to approve it retroactively, which I don't expect the court would

Eric: do. Interesting. Before we get that, maybe we'll start to dive a little bit into the nature of the liability of the governance holders. Now under, I guess we'll try to keep legal citations to a minimum, because not everybody really wants to hear that, but there's a Revise Uniform Partnership Act under which, partnerships generally you have, all the partners by law you don't even need, necessarily need to have an agreement.

You can actually have a partnership and, when you have a partnership, generally the members of the partnership are li or. Jointly and severally liable. So, from a litigator's perspective, maybe we touch on the notion of joint and several liability, cuz I think it's important in the context of, looking at, what this means for the DAO [00:29:00] governance token holders and, yeah.

Kayvan: yeah, look, I think this is, and this is something we, we talk about with projects in the space a lot because if you don't have some other form of structure that's an official structure, then in a lot of places the law defaults to, if you're acting in concert with other people, any sort of agreement to act together towards a common purpose, you're gonna be viewed effectively as a partnership or some sort of unincorporated association that may have liability, like a partnership where all of the partners can be individually personally liable with their personal assets for any liability of the collective action.

So, the, a plaintiff or a regulator could choose to go after anyone and. When we think about the sort of history of corporate form and, corporations and LLCs and limited liability partnerships and all of these structures, they are all largely designed as shields against personal liability for undertaking one form of [00:30:00] business or another so that you're only putting the assets you put into the business at risk and you're limiting these circumstances under which you can be held liable for the actions of the business or the actions of the other people who are acting on behalf of the business, things like that.

So, we've developed hundreds of years of evolution of various corporate forms and other shields to protect you so that you're not liable personally for the actions of a. And people in this space have a tendency to want to run out into combat with no shield. And it's like we're gonna avoid every form of corporate structure.

And we talk to people about this and it's like you realize all of those forms were designed to protect you as individuals. That is the whole point of all these formations is to protect you from personal liability. So, when you are intentionally. Avoid every form of corporate structure. You're going into battle with no shield, and that may not be the best course of action,

Eric: right?

One of the points of resistance is just the nature of a lot of these organizations require you to identify [00:31:00] yourself, right? And provide, things like your tax id and such for taxation purposes. So, it's generally a little more formalistic. It's certainly not necessarily conducive with the ethos of crypto.

And if I'm buying a token and I'm a member of a DAO, I sell a token, I'm not a member of a DAO, then I didn't have to sign an agreement. I'm in and out. It's very fluid. When you start to create these structures, it does interfere with the fluidity. And that's one of the primary reasons why, there's such a resistance to doing it.

When you look at actions like these, and we can talk a little bit about the potential precedential effect of this, right? So, it's just a complaint at this stage, but yet, there it is on a record, you have cftc, certainly even in a private action, you're certainly free to cite that, hey, even the CFTC thinks this way, and [00:32:00] what influence that'll have on a judge.

Questionable judge could say, Yeah, that was the CFTC, and it was a very specific situation, et cetera. But maybe we could talk a little bit about that, what it means, for the, I guess even like even private litigants this type of complaint. That, and

Kayvan: that's really one of the, comes to one of the cores.

Criticisms of this sort of regulation by enforcement is that one of the objectives of these sort of actions from regulators typically is to influence market behavior by making clear what their position is, but doing that outside of the normal processes where they have to propose a rule and get feedback, and there's a process by which you decide what the actual rule is going to be, that you know here they can articulate what they think it should be.

You, if you do it in an action that's not really going to be contested, you never get a judge to pass on whether or not they've got it right. All you know is this is what the CFTC thinks it should be, or this is what the s e C thinks it should be. [00:33:00] And sometimes if you're the regulator, that's preferable because if you're not sure the judge will agree with you.

If you can articulate what you think it is and never have it tested by the courts and never, have anybody say you're wrong, then just knowing that this is what the regulator thinks answer is. Is enough to influence behavior because nobody wants to have a regulator come after them. The analogy we, we hear occasionally it's if the regulator comes after you, it's even if you're right and they end up being wrong, it's like getting, hit by a car when you're in the cross walk.

Yeah. It's like you, you may have been right, but better not to get hit by the car and, so probably better to avoid the enforcement action if this is what the s e C or CFTC thinks and they're gonna come after you if you run afoul of it. A lot of people will decide to just stay on the sidewalk and not risk it even if they might be Right.

That's the nature of what's happening here, and I think it will influence behavior. The CFTC [00:34:00] thinks governance token holders who vote specifically. Will be liable, but not people who don't vote. That's a disincentive to voting because that creates some additional risk to voting and private plaintiff's lawyers can try to go after somebody who they saw vote, voted in a governance forum and say, according to the cftc, that's where liability attaches and.

because they're saying that's what the CFTC thinks. A judge is more likely to take that view seriously and potentially rule in their favor than otherwise.

Eric: And in the absence of settle law, then all these things may have more influence than where you maybe have some more clear lines.

So, you know, by default, the CFTC complaint. Takes on more significance than it otherwise would if you had more developed law around this. If there's more developed law and they were citing like other case law that had already been determined in saying, even if they're saying in this district in [00:35:00] California and this one in Missouri, even though this is in New York, we don't really have a case, but we're looking at some of these other states for their guidance, where it's been judicially determined and based on that theory, we're gonna do that.

But that didn't happen

Kayvan: here. No, and that's exactly the crux of the criticism of regulation by enforcement. And here, unlike the SCC actions where the criticism is, you're trying to evolve the definition of what a security is through enforcement actions. Here the question is who's liable? We can see an offering leverage to retail like we know.

We know that's within the CFT C'S ambit, but who's liable for it? That's the part that's not clear in the context of a DAO and that's where this action is trying to evolve the law, shape the law, not just enforce it because it's not clear, it’s not that there's a clear line and you're just enforcing it.

Is this being a, an attempt to shape where the law will land on this novel. Through an enforcement action rather than a rule making or some other process. And that's the crux of that criticism.

Eric: So [00:36:00] with the tornado cash and the Offa sanctioning, when that came out, there was a lot of reaction to that.

Obviously there still is reaction, this notion of sanctioning a smart contract and not people. And as a result of that sanctioning, you saw a lot larger protocols and smaller taking actions to, to not engage with that protocol. And some even went further in terms of what they did, in terms of even like that the validator has the ability to block certain transactions if they touch that protocol.

And it also possibly enhances like a KYC component of it as well. Although that, I think there's even just the additional sanctioning in the role of the protocol in, in, in not engaging with that smart contract or one or two steps removed, raise a lot of concerns. Subsequently, OFAC did release some guidance and said, hey, this is more about bad conduct.

They left some things open, there was some squishy stuff, not what everybody was hoping for. But by the same [00:37:00] token, a reasonable interpretation could say, that's not really what they're concerned about, move on. Others would say, Yeah, they, we don't really like the way they drew the line.

And there's certainly a lot to be discussed there, just. Conceptually. Having said that, some might make the argument that the initial reaction was over the top. On, on some level, it almost doesn't matter if you're risk averse, you don't want to be stuck in the interpretation of am I 1% over the top or am I 1% below over the top?

Like that line drawing can be very complicated. And if you have a lot at stake, you say, no pun intended, you say, fine, we just won't take that risk. What do you think is the potential chilling effect of the DAO component, the DAO governance component on the industry as a whole? Yeah, it's

Kayvan: a, I think it's a very interesting way to, to frame it too.

I think that's a, it's a good framing of the issue because I think they're most actors in the act, in the space, and certainly the people I deal with, something's clearly not [00:38:00] legal. Everybody wants to avoid that. No, nobody wants to clearly break the law. That that's pretty clear. The problem is that there's a large gray area and different where, and the gray area, there are different shades of gray within that, on things that pretty close to the line of something that you probably shouldn't do.

But it's tech, arguably different. And a lot of people try to stay away from that. But then there are things that might be okay, but you can see an argument where it might try to get wrapped into the law, even if you think it might not be right. But that might be the position a regulator would take, or plaintiff's lawyer might make a claim against you.

And in those sorts of gray areas where it's not clear, different people in the industry have different risk tolerance. Some people or more of the view. If it's gray and I'm not clearly doing something wrong, I should go forward. And other people say if it's gray and there's any risk at all, I want to stay as far away as possible.

And that's, there just different schools of thought and I, it's not my job to tell people you know how to manage some of that risk so much as to make sure they understand what the risks are and the consequences and help them, [00:39:00] think through those issues. But the risks are different for different kinds of players.

And here, the line they drew with governance token holders, I think is particularly interesting because it has a different impact depending on who you are. What we haven't seen here is what are they gonna do with this, right? They served it by posting it in a chat box. So most likely no one's gonna show up to defend it.

It's, somebody could, and we, if there's certainly been discussion about whether there'd be beneficial if somebody did. But it's, Yeah, I think probably the SEC's goal that nobody would, this is not the, yeah. If they really wanted somebody to show up and defend it, they could have identified particular members of the DAO or people who were voting I'm sure they have the capability to identify particular token holders who voted in these governance proposals who are within the jurisdiction of the, the CFTC or within the United States.

So, they could have done that and served individuals if they wanted to. I believe that, speculating. But I, I think that's probably a pretty fair assumption. They didn't [00:40:00] do that, which makes me think they don't want anybody to show up and defend it. And if they get a default judgment, are they gonna try to enforce it against somebody?

And that's the risk tolerance question that we, you get to as far as how does this affect behavior? If you're a small holder, you have a couple governance tokens, and. You voted, most likely nobody's gonna come after you. It just it's what you consider that risk of holding a couple governance tokens.

Yeah. I'm not, and a lot of people who just hold a few governance tokens here are, there probably aren't listening to these sorts of conversations in the, in involved in this sort of risk benefit analysis to begin with. So, I'm not sure how much it influences that behavior. But for bigger holders, for institutional holders of tokens who would otherwise be participating in governance, you think of, big funds, things like that.

This could have a real influence because those are the sort of, deeper pockets that a plaintiff's lawyer will try to go after, and they'll use this as a hook, or a regulator might try to go [00:41:00] after. So, I think the real influences when you look at the sort of larger blocks of governance tokens and people who'd be voting, as a sort of institutional voter, those are the people whose behavior might be influenced by this.

Eric: Institutional holders, but also, I guess would be of high concern would be venture funds or private equity firms that took a large. Even if they delegated it to, ostensibly to third parties, I suppose it could be connected back to them, or maybe the delegators themselves will have second thoughts about doing it.

Hey, I'm, I'm gonna post it to different I think like a 16 and z like, has different schools, right? That they delegate their voting to. Those schools could end up saying hold it. This isn't, it's not good if we get sued over this. We just wanted to do it.

We wanted to get involved, but now you've raised this notion that we could have some exposure, so we're gonna step out. And then the VC firm has to say, okay now I, maybe I [00:42:00] didn't want to be involved, but now what do I do with these governance tokens that I have? If I want to be in? Is, does it present a potential.

Problem for a venture firm that they have this role, even if they delegate it away, does it now start to complicate, what do I do with the votes that I've been accorded? Yeah, and

Kayvan: and I think it raises even broader sort of policy questions. I don't, I have an answer to, but yeah. As to, is that the right incentive or disincentive on governance more broadly?

Do should we be trying to disincentivize sophisticated players for participating in governance? Yeah. Because that ultimately is what this does is that this suggests that sophisticated players could theoretically buy and hold the token and be fine. Yes. But if they actually participate in the governance of the protocol, they may be liable.

And so, what you'll end up having is the people who are the most sophisticated players will be the least likely to participate in governance potentially if they don't. [00:43:00] Take on this risk. Those are the sorts of questions that I would prefer to see addressed in a policy making venue rather than an enforcement agency taking a flyer through an enforcement action.

And we'll just see if that works out well for the industry. Yeah, I think those are, yeah, that raises bigger policy concerns that should be discussed at a policy level. That's why we have processes for regulation by rule making and not regulation by enforcement. And so those are exactly the sorts of things that I think lead to that kind of criticism.

Eric: Yeah, and I guess a topic that sort of exists, even in independent of this is that often in the pathway to decentralization for pro protocols that are naturally inclined for decentralization and as opposed to, that are just trying to hit a regulatory, impetus for it is that sometimes, projects go through a period of decentralization and then they struggle with okay, we've gotten really big, we've gotten very dispersed.

How do we manage [00:44:00] all this decentralization? Like we need to make a directional move. It could really, decisions like this could really impact that period of centralization where maybe players have to get more involved to, to shape the direction of a protocol, before they continue down their path to decentralization.

It may make it hard. To achieve that directional impetus when a project just gets too big. It's, I think it's something with Maker DAO. There's a lot of questions Hey, how, where do we go with this now? And there's a lot of good discussion, but they do require certain actors to be very involved in those discussions because it's a very critical decision for the.

Kayvan: For the DAO. Yeah. And look I think it, somewhat tongue and cheek obviously. But I mean that the problem with being decentralized is that you're decentralized, right? Yeah, That's the problem with [00:45:00] it. But I think it also is an evolution of the industry and, there are some of these protocols or components of some of these protocols that we have seen evolving over the last five, 10 years will become the sort of primitives where there's a certain function that just functions the way it's supposed to.

The code is pretty secure. We know that money, Lego, for lack of a better way of putting it, does what it's supposed to do, and it can be baked into other things. And as certain primitives get built in battle tested and are relatively dependable, those can probably function in a decentralized way without needing to be changed.

And as you have more and more of those sorts of truly decentralized primitives that are reliable, then people will be able to build businesses or build protocols that are more complex. With interlocking, various of those primitives. And so, I think part of it's just an evolution of the industry, right?

When these things are first being built and battle tested impacts are happening and whatnot you need somebody who can address those things. But as certain components seem to, [00:46:00] become pretty dependable and reliable, then people build on top of those and, and the underlying layer may reach a different level of decentralization that doesn't have those same concerns.

Eric: Going back to the decision and the consequences or the knock-on effect one obviously we've noted is that it may chill the desire of more sophisticated players to engage in governance. Another thing that I've heard some legal takes on, which I'm. Particularly fond of as a reactionary measure is to wrap the DAO, meaning ensure that every DAO is wrapped within an LLC, which raises this whole question, which I raised earlier about fluidity.

I am biased. I believe DAOs have entities. They are not an entity, but sometimes they can be. But then when they're an entity, you start to need to take apart the D and the A of the DAO. Is it really decentralized if it's fully [00:47:00] wrapped, or is it partially or pseudo decentralized? Is it more distributed than it's autonomous?

If it's wrapped? Not necessarily but a lot of entities maybe do tend to fall into that bucket. I guess the question, as a litigator, what do you think the, does this cause people to now and again, I'm seeing legal advice around it to start to try to wrap their DAOs. And what do you think it does to the underlying structure of the DAOs if, or the structures of quote unquote DAOs, because they may no longer be DAOs.

What does this mean for the industry?

Kayvan: It's a very good question. I have some of the same, I struggle with some of the same questions I think you alluded to there, which is, if you're truly wrapping a DAO, what is it? Is it really a DAO? If it's the DAO itself that's being wrapped in, is that just an LLC that has a sort of d.

Method of voting, on actions than some other [00:48:00] LLCs. And it does, most of these corporate forms don't lend themselves to fluidity of membership. That just, that, that's the problem with a lot of the corporate forms. It's just very hard to say the members are changing constantly and, you can't tell who's a member at any given time and all those sorts of things that, that's not.

Usually, the way most corporate structures or LLCs or things are set up. But I agree. What I think a lot of people are looking at is we want to have some sort of shield from liability for people who are participating. And so how do you do that? And I think a lot of discussions, before this action were really focused on the multisig holders and is there a way to protect the people who actually have to push the button to implement whatever the DAO is doing?

And so, people, and people talk about the role of the foundation or trust or things. Perform certain functions or, support services for a DAO and as opposed to wrapping the DAO itself you [00:49:00] have various entity structures that are part of the ecosystem that, that may take direction from the DAO, but that you can say, it may have been at the direction of the DAO, This is the entity that actually took those actions.

And maybe that provides a way to shield the individuals who are acting on behalf of that entity from liability in certain ways. And so, I think we've seen a lot of structures like that. I think one of the difficulties we see, and as a litigator I think one of the issues that comes up in, in anything like that is, Going back to where you started a while ago, there are a lot of statements out there that people make on every sort of medium, on in talks and podcasts and, medium posts and Twitter and what have you.

And people are not very good about being clear on whose behalf of statement is being made, or, on whose behalf some action is being taken. So, it just becomes a mess to say, did the DAO do this? Or did that entity who was acting for the DAO do this? Or was this responsibility for a particular person acting individually?

Or yeah, how do we define on whose [00:50:00] behalf these actions were being taken? I think that's something that the industry will evolve to be clearer about. Conventional companies and structures are very good at making clear when somebody's speaking on behalf of the entity as opposed to individually, things like that.

Yeah, I think those sorts of lines, make a difference. And here, if you have a DAO that is the DAO and you have individual contributors to the DAO who may not be acting for the DAO itself when they're speaking on Telegram, touting various things or making proposals, and then you also have a foundation and people are acting on behalf of that or being hired by that.

It gets complicated to say who's taking what action. And I think that ambiguity and confusion add to legal risk. It's you're better off if you can make, make it clear what actions are being taken within a structure that can shield you from liability in which things are not.

Eric: All right. So, let's get into the service aspect of this just a little bit more. We talked about the lack of efficiency. I guess you, you noted that the [00:51:00] CFTC sought the approval of the court, retroactively if the method of service and you think it, probably, the court won't certify it as a valid

Kayvan: service.

And I haven't checked the, in the last day or so, but I understanding there's been no decision on anything yet. And your courts are unlikely to authorize service and say you only have 21 days to respond to valid service and the court's not gonna say, 14 days into the 21 days, oh, I've approved what you did 14 days ago.

Therefore, anybody who wants to come forward only has seven days. And that's just not realistically likely to happen. I don't, courts tend not to do that. Usually if you're gonna have alternative service approved, you go to the court and you say, I've tried the ways for service under the rules.

And I haven't gotten there. So, here's what I would like to do for service. And after you get approval to do it, then you can go do it. And something that you are doing with court approval [00:52:00] can be effective. But courts tend not to grant retroactive approval for something because it wasn't valid at the time you did it.

Service is, alternative service is not valid, absent a court saying you can do something alternative. And so, at the time they did it, it was not valid service and courts are not usually going to retroactively

bless that.

Eric: So, do you think it's likely that this ends it for the CFTC? That they've made their statement, they've communicated to the public writ large that this is how we view it and we're not gonna go nuts to try to enforce, we're just telling you, this is the way we do it.

Or do you think there's a likelihood that they may say, Listen, whether it's invalid or not, nobody responded. So, we knew that's why we did it, and we wanna try something else and we want the court to explicitly approve it.

Kayvan: So, I think they could try to get a default judgment if nobody appears. I think they just, so they have a judgment, not just a complaint, but it, but default judgment doesn’t carry a whole lot of presidential weight.

And [00:53:00] I've had cases where the other side sites a default judgment and it's a very easy answer to that. That was a default judgment. Like the courts realizes there was no real scrutiny on that. It doesn't carry much presidential weight. But I could see them taking that step. What I think would be hard for them to do is, then take a default judgment and try to enforce it against any individual who they say, oh, you participated in the governance, therefore I'm gonna enforce this against you as an individual.

And if they did that, the problem is most individuals they could go after, they probably could have identified at this point in the process and served them individually. Now, And I don't think Mary, many judges, certainly if I was defending somebody like that, I'd be making this point. I don't think many judges would look kindly on an action by the CFTC where we didn't serve this individual who we could have found at the outset and served directly to have him defend himself.

Instead, we served by putting it into a chat box on the [00:54:00] DAO forum took a default judgment, and now we're trying to enforce a default judgment without scrutiny against this individual. The real, the question, why didn't you serve the person at the outset and give 'em a chance to defend themselves? Why are you trying to enforce a default judgment against somebody who could've located on day one?

And I just don't think that would have, it would be an approach that would get be taken well by, By the courts, by the press, by anybody. So, I don't think they're likely to do that. It just doesn't seem realistic. And then the question becomes what's the point of the default judgment? Maybe it just sits out there as something that they will cite in their own papers later as the way that this should be done and stay out there as a disincentive to people participating in governance more broadly.

Eric: And do you think, should another action like this occur again, do you think it's likely that an agency would endeavor to docs some governance token holders and bring an action against them? It's

Kayvan: a really good question. I, here the interest is they had the main governance holders, right?

They settled with the two founders who were [00:55:00] the primary people. They have them, they settled with them on these exact charges and now they're trying to serve without, but not through those people and serve the DAO Amorphously apart from that, yeah. And I think if they. If there are core people, they're gonna identify them in the investigation process and reach a settlement with them quite possibly the way they did here.

It's a so that's the, so then the question becomes, are they gonna go beyond those sort of founding people and try to find. Other governance holders that they're gonna go after. And I don't think they're gonna do it at this stage. I, if they go down the road, they're it's baby steps, right?

They're taking one step at a time. This is announcing their view, that it is voting that draws the line. I don't think they're gonna try to enforce this one against somebody in the future. If they're going after people, I think it'll be at the investigation phase saying, hey, you guys were participating.

That's our view. And that'll be wrapped up in the investigation phase more than, just going straight to a complaint.

Eric: And for plaintiff lawyers, does this method of service [00:56:00] have. Somehow condone it or legitimize it. Do you anticipate that there'll be, I'll call 'em the ambulance chaser equivalent saying, oh, I can dust the forums and shake some DAO down for a settlement just by and pointing to the CFTC and saying, hey, we're doing what we're doing is legitimate.

Do you think it somehow legitimizes it?

Kayvan: So

my view is the, because the CFTC is the one doing it here, court would be more likely to take a look at it and with the CFTC and say, oh, maybe I should allow this in one way or another. I think the best way for the courts to decide this isn't valid is if a whole mess of plaintiff's lawyers start trying to do this everywhere.

And the way it comes to a court is some plaintiff's lawyer on a somewhat half-baked claim and they're trying to serve this way and they just say they dropped it in chat box. That's where a judge can say, Yeah, no, that's not. That's not gonna work. So, I think the, if [00:57:00] anything, too many people trying to follow this will be what invalidates it.

Eric: So, it's almost a positive.

Kayvan: Yeah. It's

Eric: If I, not if you're the one being dusted effectively, but,

Kayvan: If I wanted to, if I wanted to establish precedent that this was invalid, I would hope for some half-baked plaintiff, private plaintiff suit attempting this on a claim, it clearly looks like it's GED up and has no merit.

And they try to serve this way. That's, and then you go into the court, and you say, this is ridiculous. And the court takes a look at it and says, Yeah, I'm not gonna authorize that. That would be the, that would be the best way to get president, that this isn't acceptable. It's most likely to be found acceptable if it's somebody like the

CFTC doing it.

Eric: So arguably less likely to do that, particularly since the CFTC could have actually docked users and didn't, like any plaintiff lawyer, why would they, if they're gonna go that route, why would they suddenly choose something that's less likely? Correct. But

Kayvan: if the, look, if this, if the court here does authorize this service for the cftc, they won't do it retroactively, but they may say, [00:58:00] Okay, we'll allow that sort of, will allow service through the chat and this, and do these two other steps or something.

They may authorize some equivalent service. And then once you have a court authorizing some equivalent service, even if it requires the CFTC to redo it or restart the clock or whatever it happens to be then it would be really probably to redo it that they, But even if the court were to do that, then you're gonna have plaintiff lawyers following it saying, Look, the court authorized it.

And that's where, even if it's some half-baked issue, you're still gonna have a judge saying, Okay, another judge authorized this service, so maybe it's acceptable and that's the issue we're gonna have.

Eric: All right.

Thanks so much for coming on the podcast. But actually, before we break, is there any other aspect of this case or knock-on effects that you think maybe we should have touched on that we didn't?

Kayvan: No, I think we covered the game. I think the part we don't know yet and maybe the last thing I believe is, I know there have been people discussing throughout the industry whether it makes sense for somebody to [00:59:00] come forward in one form or another and try to challenge this, challenge the service, challenge the plane in one way or another.

And people are discussing that. I don't think that's what the CFTC wants to have happen in this instance. I think the way they went about this is to not have to actually litigate it. That said, I'm not, it's a very complicated question whether it would make sense for anyone to come forward and how, and whether they could, and that is a very difficult issue.

But I think we haven't necessarily seen the end of this yet, and it'll be interesting to watch it unfold and see if there is any movement by the industry to try to respond to this.

Eric: Excellent. So, people want to find more out about you and what you do. Where can they find you?

Kayvan: Yeah.

I go to jenn.com. You can find me. If you search Jenner and my name and Kon or Jenner and blockchain or anything like that you'll find me. That's pretty easy to do. Or you can find me on LinkedIn or most social media or all those things. Excellent.

Eric: Excellent. So, thanks so much for coming on.

It has been of an enlightening conversation. I think there's definitely some threads that we're gonna try to follow up on, [01:00:00] on this podcast related to it.

Kayvan: Perfect. It was a lot of fun. Thanks for having me and look forward to seeing you too.

Eric: All right.