Friday, September 2, 2022

Some thoughts about the resilience of decentralized stablecoins

If a decentralized blockchain protocol is worried about being shut down by the authorities, how can it defend itself? A recent discussion surrounding MakerDAO explores this question. MakerDAO (or just Maker) issues the Dai stablecoin, of which there are around $7 billion in circulation.

Rune Christensen, the founder of Maker, sees a precedent for a clampdown on Maker in the US Treasury's recent sanctions on Tornado Cash, a mixer. He worries that the authorities may try to shut down Maker by seizing its assets, specifically its real-world assets, or "RWA." To counter this threat, Christensen suggests that Maker turtle into what he calls phoenix stance:

Source: MakerDAO forum

While in phoenix stance, Maker would no longer rely on RWA. By RWA, he is referring to centralized stablecoins such as USD Coin and loans to banks and other financial institutions that have a physical address and a regulator. These are the sorts of assets that can be used by authorities as a lever to hurt the Maker protocol. With nothing for authorities to confiscate, presumably Maker would be resilient to attempts by authorities to shut it down.

I disagree. Christensen exaggerates the degree to which Maker's resilience relies on seizability. Seizing a protocol's assets is just one of many levers that authorities have to stop a protocol like Maker. In the case of Tornado Cash, for instance, sanctions were used, not seizure. Even though no ether in Tornado's smart contracts has been confiscated (indeed, it would be impossible to do so), the sanctions have effectively cut off much of Tornado Cash activity:

A ban or sanctioning of Maker would mean less licit usage of Dai, a removal of collateral from Maker, delistings of Dai at off-ramps like Coinbase, a drying-up of liquidity, and employees and investors abandoning it. Dai would shrink to irrelevance all this achieved without the government seizing an ounce of the collateral behind Dai.

To sum up, a focus on seizure-resistance, so-called Phoenix stance, won't render Maker meaningfully more resilient.

That being said, I agree with Christensen that removing real-world assets will make Maker less susceptible to being attacked. But the way I get to this conclusion is different.

Removing real-world assets from Maker would make the Maker system less usable. First, without centralized stablecoin reserves, Dai's peg to the dollar wouldn't be as tight. A looser Dai price would make it more inconvenient to own Dai. It would also make it riskier to borrow Dai, since borrowers couldn't know ahead of time precisely how much they'll have pay back. Secondly, the sorts of collateral acceptable for loans would be restricted to one asset, ether, which effectively cuts off huge parts of the market for Dai loans.

As Maker becomes more awkward, fewer people will use it, and it'll shrink... perhaps to the point that it begins to fly under everyone's radar. No regulator or authority is going to bother trying to shut down a rarely-used $50 million protocol. So it's the irrelevance that a no-RWA policy brings, and not the inability to seize assets, that leads to safety from attack.

Conversely, introducing real-world assets makes Maker more practical, attracts additional users, and brings Maker onto everyone's radar, which increases the odds of authorities shutting it down using any of the many levers they have at their disposal. (Conversely, the jump in relevance that RWAs entail also increases the odds of authorities finding regulatory space for Maker.)

To finish off, here's a way for Maker stakeholders to think about the system's susceptibility to being shut down, and how real-world assets enter into the equation:

Stakeholders should ask themselves how relevant Maker has become. Has Maker become so important (and its public perception so negative) that it is about to attract the baleful eyes of regulators? If so, one defensive option is to engage in a rational form self-sabotage: make the tool less useful. This will shrink the pool of Maker users, and thus the tool's visibility to regulators, and therefore the likelihood of it being shut down. Real-world assets enter into the picture because their removal is one way to impinge on the system's usefulness.

Of course, if a protocol is going to start engaging in self-sabotage, then the people making this decision better be pretty sure that their original assumption that regulators are furious is correct.