SEC Enforcement Against Wonderland Could Mean Trouble for DeFi

“Protocol Controlled Value” is rarely controlled by a protocol, and enforcement agencies may be taking a closer look.

AccessTimeIconFeb 14, 2022 at 8:04 p.m. UTC
Updated May 11, 2023 at 4:47 p.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

When is DeFi truly decentralized? That question could soon be at the center of an SEC investigation.

One of the strangest stories in the history of decentralized finance (DeFi) may soon also count among the most legally significant, experts told CoinDesk in a series of interviews. According to multiple legal professionals, recent events could provide the U.S. Securities and Exchange Commission (SEC) and other agencies a long-awaited foothold in the largely unregulated, $211 billion DeFi sector.

In late January, noted on-chain sleuth ZachXBT revealed that the treasury manager for Wonderland, a popular DeFi protocol, was in fact Michael Patryn, a convicted felon and the co-founder of the fraudulent former Canadian cryptocurrency exchange QuadrigaCX.

Prior to the reveal, Patryn – then working under the pseudonym “Sifu” – and Wonderland founder Daniele Sestagalli grew notorious for aggressively leveraging one of DeFi’s trendiest new tools: Protocol Controlled Value, or PCV. According to the Wonderland documentation, PCV is a term for “the amount of funds the treasury owns and controls,” and the Wonderland treasury currently manages in excess of $700 million, down from a peak well over $1 billion.

Depending on how a protocol’s treasury is managed, PCV often undermines DeFi’s claims to decentralization.

While some decentralized autonomous organizations (DAOs) leverage on-chain governance and votes directly and programmatically lead to fund disbursements, others simply use DAO token-holder votes as “signals” from the community to a centralized group of fund managers who theoretically may or may not choose to enact the community’s wishes – a dynamic that could draw the attention of regulators.

While Wonderland’s PCV was ostensibly owned by token holders, it was largely unilaterally managed by the Sestagalli and Patryn using only a multi-signature scheme for security – a common tool that requires multiple “signers” to approve transactions from a blockchain address.

For many who were skeptical about Wonderland’s centralized treasury management, Patryn’s unmasking was a clear example of why the sector should strive to avoid centralized intermediaries, pseudonymous or not.

According to a number of legal experts, however, it may also be exactly the case that the SEC has been looking for.

“If you’re the SEC, this is probably one of the better opportunities to get some precedent on the books that would at least let you start clawing into DeFi,” Collins Belton, a managing partner at Brookwood P.C., said in an interview with CoinDesk.

Belton “absolutely” expects there will be regulatory activity on the PCV front – the first of what could be a number of cases where agencies test the sector’s claims to decentralization, as the agency analyzes “whether they’re dealing with a securities instrument, or a vehicle that needs to be regulated under the Investment Company Act.”

The bizarre, headline-grabbing nature of the Wonderland incident could also “invite political will for enforcements,” said Ross Campbell, a legal engineer at LexDAO, which could ultimately accelerate the timeline on the SEC taking action.

“I think in terms of how quickly this could happen, it could happen this year, honestly,” said Campbell.

DAO in name only

According to Belton, the trend of centrally-managed PCV is a sign of broader froth that permeated DeFi markets in late 2021, a period during which Wonderland reached a peak of well over $1 billion in PCV under Sestagalli and Patryn’s oversight.

It was a largely euphoric phase where “everybody kind of lost sight of fundamental values” such as decentralization and censorship resistance, he said.

“People kind of get away with that because there’s a lot of new entrants and they don’t have that prior training, and the experienced hands saw there was money to be made – ‘Oh hey, maybe this stuff never did matter at all because we’re all making money,’” said Belton.

Indeed, he noted that the PCV trend has been broadly referred to as DeFi, despite failing to live up to the label.

“Over the past year and a half, DeFi has become a term for anything related to finance in crypto. If anything, [centrally-managed PCV] is just unregulated traditional finance,” he added.

These distinctions aren’t merely a matter of ideology, however, and may in fact be a focal point for SEC enforcement.

“I very frequently bifurcate things [definitionally] in crypto along the lines of custodial or managerial decision-making on one side, and relinquishing those controls on the other,” Belton said. “Frequently, I think, to the extent that you get in front of a court willing to engage in a fundamental-based analysis, that’s oftentimes the dividing line for where the court’s assessment will be.”

Belton noted that central management of funds increases the likelihood that Wonderland’s TIME and wMEMO tokens could be considered a security, especially given how active and vocal Sestagalli was about his management as a perk of the protocol.

“[Regulators] will be looking at the manner in which people are managing the fund, or the extra layer of value on top of the token, that’s creating issues with respect to retail. People enter into these investments based on their efforts, and based on their involvement in the operation,” said Campbell.

Sestagalli failing to disclose Patryn’s identity could also prove to be a particular sticking point as well, as it was information that may have caused some investors to reassess their position.

“Often times what they’re looking at is, ‘Are there individuals that we can uniquely point to as providing the essential managerial efforts to either drive profit, to manage risk, that would be in possession of some type of information asymmetry they could uniquely take advantage of relative to the general public,’ et cetera,” Belton said.

Test case

These clear points of centralization and the lack of disclosures both dramatically increase the odds of the SEC using Wonderland as a “test case” to explore when a protocol’s claims to decentralization are not backed up in terms of the actual power distribution, said Campbell.

“The SEC or other, similar regulators in other jurisdictions might say, ‘This looks a lot like a centralized enterprise because effectively the checks and balances are not enforced by code.’ You have soft power via signal Snapshot voting, but the hard power is held by the multi-sig,” he said.

Indeed, over the past year the SEC has been threatening to establish a more active stance in the regulation of DeFi protocols, but so far has yet to take meaningful action – possibly due in part to the legal tangle created by decentralized decision making.

With many DeFi protocols, such as Uniswap v2 and Aave v1, once published the protocol operates entirely autonomously and is non-upgradable – it is impossible to "take the protocol down," and their operation requires no oversight, leading to ambiguity concerning what practical steps regulatory agencies could take towards enforcement.

“Why there’s been a reticence to do more than send requests for information to DeFi companies is because part of the challenge is they have to come up with a legal theory that allows them to provide that, despite the fact that these people are not actually either taking affirmative action to facilitate or execute transactions, and they’re not exercising discretion or managerial decisions, they should still be liable and beholden to the users of these platforms – that’s actually very difficult in the United States,” said Campbell.

Belton also noted that some legal observers have argued that if a case was appealed in higher courts, including the Supreme Court, the current composition of the court is “radically pro-business” and “radically free speech-leaning,” which could make enforcement arguments against a more thoroughly decentralized entity difficult.

“They’ll always have an easier time going after select actors, versus going after a specific technology or going after thousands of people that might be involved in a DAO,” Campbell added.

By comparison, a handful of publicly known money managers are a significantly easier target. According to Belton, it prompts a simple question: “Do we go after these guys who are anon and make these novel legal arguments, or do they go after this identifiable human being who is actively calling his thing a SPAC, which we already regulate?”

Unlike with autonomous and decentralized protocols, there are more clearly-identifiable actors and steps for taking action against them.

“If you’re a Gary [Gensler], you’re saying, ‘Here’s an opportunity where a lot of things look more similar to a slam dunk to us than other protocols,’” added Campbell.

Building precedent

Adding further to the probability of enforcement action, the SEC has already established precedent with regard to investment DAOs.

“I have to remind people, the first significant thing the SEC did [in crypto] was the DAO report,” said Belton.

Indeed, in 2017 the SEC released the now-landmark DAO report, in which it revealed it had been investigating the initial coin offering (ICO) of The DAO, an early collective investment experiment that failed after a hack in 2016.

While automated market makers (AMMs) and peer-to-pool lending markets may be new developments, in light of the DAO report, PCV is in some ways just a new term for structures that the SEC has extensive experience with. The first line of the SEC report even notes that parties related to organizing The DAO “may have violated the federal securities laws.”

“Way before Wonderland these guys were focused on treasuries managed by DAOs,” Belton said of SEC staffers. “Those are two things [treasury management and DAOs] that they are intimately familiar with and are things they think is within their purview.”

If and when the SEC successfully brings enforcement against Wonderland, however, it could be a stepping stone in pursuing other protocols, especially ones that build and manage treasuries in a centralized manner.

“That’s the goal of common-law jurisprudence. You want to build precedent you can build on,” said Belton.

Indeed, in a worst-case scenario for the industry, any protocol raising and managing treasury funds at all could eventually become targets if the SEC builds enough precedent, working their way into the industry over a period of years with successful enforcements.

“What Gary Gensler has said specifically about DeFi protocols, decentralized exchanges, and how token holders earn fees, that seems high on their list nowadays,” Campbell said of recent statements from the SEC chairman.

Self-enforcement

Ironically, many observers have pointed out that looming encroachment from the SEC may have been avoided if DeFi users demanded more thorough decentralization from the projects they invest in, as well-designed DAOs by nature give token holders and organizations methods to “clean up their own messes,” and investors often “have exit rights,” said Campbell.

“We need more effective on-chain governance and veto power by people who hold tokens. Those things together would allow more self-regulation against an enforcement action because the SEC tries to prioritize in terms of what brings the most bang for the buck and where they can make the most law by bringing an enforcement action,” Campbell added.

In a blog post, Inverse Finance founder Nour Haridy called on the Wonderland DAO to move away from the multi-signature and instead institute on-chain governance, and offered assistance with the transition.

“Due to the severity of the recent events, the future of the Wonderland story and how it unfolds will be remembered as a turning point in the history of crypto,” Haridy wrote. “In my opinion, it is up to us all in the crypto community to do our part and make sure that it is remembered as a moment where we all stood together to ease the pains of the thousands of everyday people who are hurt by this situation and to find a viable solution that puts them back in control of their own future.”

The notion of self-regulation for DeFi has some real-world precedent as well, according to Casey Hewitt, the founder of Hewitt Law. Standardizing any self-enforcement principles could prove difficult, however.

“If the goal is autonomy and self-regulation, there needs to be some accepted standards (even if it involves some level of anonymity) that everyone follows,” she said via Twitter.

Established financial entities, such as the CME Group, can do it, Hewitt said; so too should a sector of the crypto economy touching over $200 billion in assets.

“If DeFi wants to prove it can self-regulate, it needs to really do it,” she said.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

Andrew Thurman

Andrew Thurman was a tech reporter at CoinDesk with a focus on DeFi.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.


Read more about