Get Up, Stand Up! − Speech By Carolyn Wilkins, Bank Of England, External Member Of The

Carolyn Wilkins talks about ways in which the crypto ecosystem can help reimagine governance. However, the models we see today may not be as decentralised as they might appear. To build trust, she encourages the crypto industry to build best practices in governance, codes of conduct, and set high expectations for transparency.

Speech

“You can fool some people sometimes,

But you can’t fool all the people all the time.”

Bob Marley and the Wailers

Introduction

It is a rare day when the media have not reported on a fascinating development in the crypto-sphere. Sometimes we read about success, such as the transition of Ethereum to proof of stake (PoS) from proof of work (PoW); Other times we read about failure, such as the collapse of the “stablecoin”, Terra, and the subsequent meltdown of many crypto assets and centralised crypto entities.

There are undoubtedly many factors that underpin the success and failure of business endeavours, from the quality of the business plan to the acumen of the leadership team. Sound governance underpins these factors, and sustained business success cannot be achieved without it. Given the importance of risk management for financial resilience, sound governance is also critical for financial stability.

That makes governance of crypto and decentralised finance relevant to my role as an external member of the Bank of England’s Financial Policy Committee (FPC), and is what motivates my talk today. It is particularly exciting to give this talk here because of the excellent work of the UCL Centre for Blockchain Technologies. Thank you for the invitation.

The history books are full of instances when faulty governance in traditional finance led to both failure of a particular financial institution, and financial instability. Just look back to the global financial crisis (GFC) when generalised weakness in risk management frameworks led to limited understanding and control of balance sheets. Remember Bear Stearns, where the concentration of mortgage securities had been increasing for several years and was beyond their internal risk limits? Lehman Brothers, of course, is another example.

When it comes to the crypto ecosystem, technology alone cannot get around the fact that decisions must be taken, and how well these decisions are governed is central to trust in the system and its ultimate success.

I hope it will become clear in the first part of my remarks that decentralised structures for providing financial services do offer the opportunity to reimagine governance. I will also talk about why so called “DeFi” structures are presently far from being as “democratic” or “decentralised” as some would have you believe, and why there are limits to just how decentralised governance in the crypto ecosystem can actually become.

In the second part of my talk I will suggest ways that the crypto industry could strengthen governance. The underpinnings for public trust need to be built on best practice in governance, shared codes of conduct, and high expectations for transparency.

It is not all about the industry, however, so I will also talk about how the official sector should support sustainable innovation by building the right legal and regulatory infrastructure.

What’s at stake?

Let me start with what I mean by governance. Every organisation needs to establish decision rights: what decisions need to be made, who is responsible for making them, how and to whom they are communicated. They involve processes to ensure accountability, transparency, and empowerment. Governance matters because it establishes rules of engagement and controls that produce organisational effectiveness and efficiency. 

There are two aspects of crypto governance that create opportunity.

The first is the possibility of organisational structures based on a greater degree of decentralised decision making than in traditional finance. Given this, some crypto proponents aim to challenge traditional economic institutions of capitalism – firms, markets, and potentially governments. While mutualisation of organisations is not a new phenomenon, this new form is made possible by blockchain technology and smart contracts; which allows financial services to occur at scale, with less recourse to an intermediary than in traditional finance. Of course, there is nothing stopping more traditional organisational structures with more centralised governance structures from adopting similar technology.

The second opportunity is that the governance itself can spur growth by framing decision making as a game or an activity in which participants have something at (or to) stake.

The successful completion of Ethereum’s project – called “the Merge” – is a recent example of what can be achieved under the right circumstances. It has reportedly reduced the use of electricity of the Ethereum ecosystem by over 99%. This is an important milestone because Ethereum is presently the backbone of the crypto ecosystem. Bitcoin may have the largest share in terms of market capitalisation, but most of the action is happening on the Ethereum blockchain. Ethereum has over 4 times the number of transactions per day as Bitcoin and hosts nearly 1,000 unbacked crypto asset tokens, all the major stablecoins and over 100,000 Non-Fungible Token (NFT) projects.

Governance of this project looks quite familiar in a couple of ways:

1. It was fairly centralised. The project was coordinated by the Ethereum foundation that oversaw a core development team, rather than a fully decentralised community. Given the complexity of the project, this centralisation was a necessary mechanism to accelerate the project. Vitalik Buterin – one of Ethereum’s key founders was understandably quite influential, although he did not have unilateral decision-making power.
2. There were parallel runs and extensive testing. Almost two years ago, Ethereum developers created a new network called the “Beacon Chain” that uses the PoS validation mechanism. It ran in parallel to the PoW-based Ethereum network. They also conducted trial runs over a number of years, prudently delaying the project on a number of occasions given outstanding issues and the amount of money at risk. Their checklist of “readiness” milestones ahead of the Merge, shows efforts to be transparent about the project.

The project did, nonetheless, move the dial on governance in a couple of ways. First, the ultimate decision to move to the Beacon chain was a pre-programmed, automated event without any human intervention. This is in stark contrast to traditional operational programmes that may be heavily scripted, but also have checkpoints where teams will coordinate on progress and take decisions.

Second, the Merge would not have succeeded if a critical mass of ETH holders had not staked their ETH to the Beacon Chain, either directly or via staking pools like Lido and Coinbase. Put another way, if enough Ethereum token holders and developers had instead opted to move their assets and projects to an alternative PoW blockchain, the PoS network would have been too vulnerable to attacks to be viable.

This accomplishment hopefully foreshadows further success as Ethereum works on upgrades to lower transactions times and costs, and will inspire other platforms to learn from this experience.

Some DeFi supporters might use this experience as evidence that the governance worries of the Fear, Uncertainty and Doubt (FUD) crowd are overblown. They may also question whether traditional notions of governance are even needed in a world of smart contracts and the ability of token holders to vote with their feet.

Let me say that, as a mentor for the Blockchain stream of the Creative Destruction Lab (CDL) at University of Toronto Rotman School of Management, I have been fortunate to meet many entrepreneurs who have promising business models and an impressive drive to make the world of finance a better place.

Still, there are a number of serious deficiencies in governance in the crypto ecosystem that need more attention than they are getting today. I am not claiming governance in traditional finance is perfect. But what’s at stake for crypto and DeFi is the ability to make meaningful inroads into providing services to households and businesses in the real economy.

Limits to decentralised governance in practice

I said earlier that technology alone cannot get around the fact that decisions must be taken in the crypto ecosystem. At a minimum, someone is making decisions regarding the system code, and influencing whether it will deliver what it says it will.

There are important concentrations of power in “decentralised” finance.

In theory, those decisions could be taken in a completely decentralised manner. In practice, however, the governance of critical decisions is not completely decentralised even in a permissionless blockchain such as Bitcoin. In fact, the consensus mechanism and other governance protocols can lead to undesirable concentrations of power.

For instance, a few individuals who have accumulated significant voting rights can dominate; by that I mean individuals who hold the lion’s share of a particular crypto token. There are data to support this; a recent study shows that, among the top 10 proof of stake platforms by market capitalisation, the top ten validators held between 23% and 88% of the stakes, while the top 50 held between 47% and 100% of the stakes. Incredible.

There are also issues regarding transparency. For instance, in 2018, a small number of Bitcoin software developers were made aware of a bug that could open the door to a denial of service attack and allow the creation of bitcoins in excess of the cap of 21 million. The time log of events shows that a decision of relatively few was made to disclose the DoS aspect of the bug, but to withhold the more damaging information regarding potential breach of cap and implications for inflation until after the patch was completed 3 days later.

This raises questions about who is accountable for decisions and outcomes. There is a rich debate in the United States regarding whether the core protocol developers should be held accountable as fiduciaries. And the CFTC’s recent enforcement action against token holders of Ooki DAO is a live case study of the extent to which governance token holders can be held liable.

Concentrations of power can also be achieved “on chain” through governance attacks, where an attacker gains enough voting rights to dominate decisions or influence enough token holders to vote in a biased manner. In April, an attacker used a flash loan to obtain a majority of governance tokens in Beanstalk, a decentralised, credit-based stablecoin protocol. They got away with around $77 million by passing their own malicious proposal and quickly implementing it. The month after that, Terra blockchain halted operations…