Could you share the work you did for Maker?

The Legal Defense approach we took at Sky (aka Maker DAO) is set out here, so feel free to peruse that section of the Atlas (Article A.2.7). It represents a comprehensive plan for the public elements of my recommendation. While I’m at it, I should acknowledge the work done by Layer Zero who did all of the early groundwork on this and was amazing to work with—a DeFi OG and absolutely based.

There are components of the structure that are non-public, particularly around the services provided by the insurance brokers. The relationships they rely on to create these bespoke insurance products tend to be closely guarded, and the risk analysis and claims methodologies they employ are proprietary. We also developed a number of cost models to prepare feasibility studies and establish the entities, which are not relevant at this stage.

All this work remains criminally underappreciated. I suspect that’s because it’s still too far ahead of the market - Layer Zero and I have been waiting for the industry to catch up, so it’s always heartening to see discussions like this. Even if one believes that some regulatory magic bullet exists for legal recognition of DAOs, this does not obviate the need for prudent risk management, of which insurance is a key part.

The legal and regulatory attacks on DeFi protocols don’t start and end with the SEC. We will likely see a growing number of patent and trademark infringement cases, consumer class actions, regulatory investigations, and party-to-party claims. This is not unique to Web3—it’s a reality for every successful operation and, in many ways, a mark of success. If you want to go big in any industry, you need to be prepared to get into some legal battles along the way.

What distinguishes DeFi protocols from traditional operations is the capital allocation within the system, the distribution of power for key decisions, the lack of formal structures offering limited liability protection to ecosystem participants, and the types of attack vectors individual participants are exposed to.

The legal defense funds being discussed here offer two benefits. One is, obviously, a pool of funds that can be accessed on short notice. The other benefit is prophylactic—it signals to counterparties that litigation will not be a walkover (as has sadly been the case for too long in crypto’s short history).

My suggestion is for the DAO to consider levering up the value of that self-insurance fund with externally sourced insurance and establishing the necessary legal structures to fully benefit from those arrangements.

I’d note that a lot of protection can be accomplished by getting no-action letters designating UNI as a non-economic token, but @Daimon-Law is correct, SEC establishes precedents (pushed back by courts as no statutory basis for their assertion of crypto asset security) with private class actions (as was case against UniLabs) being more common.

So plaints such as slander/libel, contributory negligence, breach of non-solicitation/endorsement laws, etc might be low-probability events but as one of the largest webb3 protocols, the size will inevitably surface delegate to delegate conflicts, especially once the treasury starts operating and people complain about capital allocations. Even hedge funds get director & officer indemnity insurance otherwise competent professionals will refuse to take on the roles.

On the other hand, just having a fund means moral risk increases, having a vaccine (guardrails) rather vivisection (ambulence at bottom of cliff) may be better allocation of scarce resources but planning for contingencies never hurts.

Thanks for sharing, I will take a look

Thanks for starting this discussion. There’s a lot to figure out, and we’re still developing our own thoughts about it.

Specific questions and comments:

• This is presented as just for subpoenas. It should probably just be any legal expense related to work for Uniswap governance that’s not the result of criminal behavior.

• There should probably be a deductible. For example, you have to spend $10,000 of your own money before you can seek reimbursement for the first dollar of expenses. That limits spam and abuse and administration of small expenses.

• Should this cover private litigation or only regulatory-related expenses?

• Clearly define who is eligible and when. When making these rules, think about whether you want this fund to be defending well-resourced VCs. Simultaneously, how can you protect small, poorly resourced contributors like an individual member of a blockchain club with no legal entity to shield them? Would a small company like GFX be able to draw on this fund? What about a fabulously wealthy individual? Lots of edge cases here to navigate, and will require time to consider how to create eligibility that is broad in the desired places and narrow in the undesired places.

• A benefit of the Maker-style approach is that it endows an insurance fund and is operated by professionals in that industry, removing administrative burdens from governance forever (for the most part).

• Consider whether a contributor has to subrogate their right to defense to this fund in order to access it (do they get to control the defense). This includes whether to settle or fight, so may not cover someone willing to incur a legal challenge over principles when settlement or compliance is cheaper.

• How do you apply for reimbursement if the expense is related to a secret action? To use the subpoena example, you often can’t disclose you got one. Relatedly, what about contributors that themselves are anonymous?

• Are non-lawyer expenses covered? Continuing with the subpoena example, the recipient may face little legal danger, but incur time or other expenses in complying with the subpoena. How do you verify expenses such as time away from a normal business activity?

Big picture questions:

• Does the creation of this fund irrevocably establish any legal obligations or facts about Uniswap governance? For instance, does it indicate governance is in a specific jurisdiction or engaging in specific activities that may be regulated, taxed, or carry reporting requirements? If so, is governance comfortable with establishing those facts?

• What safeguards or specific policies prevent this from attracting litigants, whether private or regulatory? Once there’s a pot of money that is identifiable for looting via court cases, it makes contributors a more tempting target.

• Is this intended to be a single, large expense to seed a fund/insurance policy, and once depleted it’s gone? Or is the expectation to keep it actuarially sound to meet a target amount of perpetual or long-dated coverage? What happens if claims are never made or there is an alternative method of protection (e.g. a limited liability entity) to shield individual contributors, making this fund redundant?

We think this discussion should continue, but also believe it will be a long one, and potentially require hiring outside legal and possibly financial experts to advise on trade offs of the many different possible choices.

Prevention not Cure

1. SEC Taskforce 2.0 will be hosting a roundtable on 21st March (with a16z advocate being one participant)
2. The best way to escaping legal liability is to ensure that the time-locked UNI token used for governance voting is not covered via definition

   Users of liquid staking applications receive a so-called “liquid staking token.” This token represents their staked crypto asset, and the token can be used in other activities, all while continuing to participate in the proof-of-stake protocol. Should the Commission address the status of liquid staking tokens under the federal securities laws, and, if so, what issues should it address?

3. Alternative, seek an exemption (eg no-action-letter) with insurance covering any exception gaps between what is contained in the exemption and investment contract boundary (eg picking a treasury investment vehicle). I note that SEC has dropped investigation into Uniswap Labs but doesn’t mean other countries won’t attempt red-tape entanglement.

   At the expiration of the safe harbor as envisioned, if the network were sufficiently decentralized or functional, registration of the tokens would not be required. If decentralization is used as an indicator of network maturity, should the Commission define objective quantitative thresholds (such as percentage thresholds for ownership and control) to provide greater clarity for issuers, developers, or minters of tokens regarding whether their networks and protocols are sufficiently decentralized and to allow third parties to verify decentralization?