Not your keys, Not Your Stocks…Not Exactly

Bruce Fenton

Dealing with Lost or Hacked Private Keys in a Securities Tokens World

One common question about tokenized securities is what happens if your keys are lost. Will you lose your shares? What if Zuckerberg is hacked and a new controller owns his Facebook stock?

The answer is that it ultimately will depend on the issuers and what solutions they or second layer services provide. The market will decide what issuers and styles it prefers.

Tokenized securities have many properties of a bearer asset. Depending on the issuer and the terms the issuer offers, the asset could be entirely a bearer asset or could be tied to other real-world criteria such as identity. It depends on the issuer are just like any other security or agreements that exist today.

If we look back to the days before the modern securitIes system when bearer bonds, stocks and other bearer assets were more common, there were — and still exist — methods to deal with lost, stolen, destroyed or misplaced bearer assets.

The problem with most of the systems is that they relied on transfer agents, “company book” record keepers, custodians, or trusted third parties to say who owns what. This had typically been on an added layer on top of the bearer asset, making it not really a true bearer asset at all.

People who understand crypto understand the importance of decentralization and why this makes a network strong.

With securities the network is certainly important, just as jurisdiction is important for paper and existing digital stocks, shares and other securities. But the network is not the most important thing, the real world terms are. This is not about network security it’s about the agreement, the terms of the agreement how that trades and how enforceable it is.

In the future we may see securities looking at blockchain strength just like they look at jurisdiction strength today.

Because of the focus on network strength, many security and engineering minded people in the Bitcoin/crypto space are horrified at the thought of a centralized issuer who has the power to seize, block, change or replace your coins. These concerns make sense but the trust model is entirely different for securities and agreements than currency.

Securities presume that you trust the issuer or you would not have entered into the agreement with them (or at least you have figured this into your pricing of how you have valued that agreement).

It’s important to note that securities are already centralized — your fear is not one of trusting the issuer — if you didn’t trust the issuer you wouldn’t buy the stock or security in the first place. Very few shareholders of major corporations worry about an IBM, a Microsoft or an Apple stealing their shares or messing with the books in an adversarial way. That’s not the problem we are trying to solve. There are a lot of laws and best practices which have been in place for decades or in some cases centuries which prevent this kind of thing. If you trust the issuer you trust them (and the legal system or tech governing them) to honor the terms of the agreements that you have — that includes not abusing their ability to have central control over deleting your shares or issuing new shares.

After all, Apple or Microsoft could have a shareholder a board resolution today which could be adverse to you as a shareholder. They could even effectively cancel your shares and reissue them — however the more aggressive the company is about such things the more laws would apply. Changes which are unfair to asset holders are easy to do in today’s world and it won’t be easy to do in a token as well. Securities issuers can to a lot when it comes to changing or replacing how shares work- but the law limits their ability to steal your assets or cause other similar harm.

This is where even for the most free-market oriented anarchist or minarchist, some rules — whether run by government or private organization — make sense to encourage an orderly market where you have fair enforcement of agreements and contracts.

So what happens when you lose your security token? That depends on the issuer as we noted— but how will this be solved? We will likely see a wide variety of corporations co-ops, complex smart contracts agreements experimental structures and other ways that agreements/securities work and trade for value on the global marketplace. Each of these agreements will depend on the terms offered by the issuer. In some cases the issuer may be anonymous, it may be a very privacy oriented agreement which relies on the code more than legal systems for enforcement — this may be the wave of the future anyway. If smart contracts can help parties share risk, diversify and share rewards and work in an enterprise then they may have value. This could give rise to completely anonymous structures that replace a lot of the functions that current corporations have.

At the other end of the spectrum we could expect very established, regulatory driven organizations such as Goldman Sachs or J.P. Morgan potentially issue securities tokens. In these cases, these issuers would most likely want to have an operational, tracking and perhaps even custody structure very similar to what they are accustomed to and comfortable with today.

Certainly, if Goldman Sachs for example would wish to issue a security worth $100 million or more, the “not your keys not your stocks” model is not going to work for them or their clients. Therefore, as an issuer, they would have to add whatever layers needed to make them comfortable. This will probably lead to an emergence of entirely new custodial and insurance models for how people have their wealth held.

These layers could include how custody works, tracking customers, attaching AML/KYC see data to tokens, and other activities. Again, these concepts are not loved by cypherpunks — but remember that the status quo…the current system already has all of these controls and many, many more.

The ability to trade securities without the need for a trusted third party to run the ledger could create an entirely new world. If so, there will be a lot of problems around custody and global legal compatibility which will need to be solved.

The opportunity for custodial solutions, insurance, technical solutions, advanced key management and other ways to manage keys will be increasingly important as more assets are tokenized.