Introducing DeFi-ready Securities

Andy Singleton
8 min readMay 11, 2023


Securities are a tool for economic growth, and a huge asset class for fintech and DeFi automation. However, old trading rules are blocking DeFi from handling securities. This article shows how we can fit securities into DeFi, using a few simple shared services.

DeFi-ready securities will bring benefits for issuers

  • Pre-qualified buyers
  • DeFi automation for offering, structuring, leveraging, and trading
  • Validation from a regulator that signs off on the issuing entity
  • A natural customer base of software agents — protocols, wallets, and automated systems
  • Money from DeFi pools

DeFi-ready securities will bring benefits for innovators. DeFi protocols can register to handle these securities in a few minutes.

DeFi-ready securities can serve as collateral for stablecoins and money market products. A new crop of “tokenized treasuries” can fill the existing $120B demand for dollar stablecoins. From there, DeFi structuring can drive innovation in private credit, VC, real estate, SPACs, and entirely new programmable workflows.

My article on Using DeFi-ready securities covers these opportunities in more detail.

DeFi-ready market structure

A DeFi-ready securities market is starting to emerge. Tokenized treasuries are the first high-quality, high-volume assets in this category. However, the market is fragmented in a way that annoys buyers, leaves compliance risk, and blocks automation.

DeFi-ready securities go into a wholesale market, like an interbank market.

Ingredients for a DeFi-ready securities market

We can organize this market with a few components.

  • Buyers that are non-US professionals, with private-market exemptions
  • Qualifiers to issue buyer credentials
  • Tokens that are programmed to go only to qualified wallets
  • A list of DeFi contracts and protocols that handle DeFi-ready securities
  • Regulators who qualify and govern issuers


Finding customers

Tokenized securities have been a failure in the market. There have been hundreds of offers, with few buyers. Humans do not like the tokenized format for several reasons:

  • Existing securities markets move money at a scale and reliability that is far beyond the current capabilities of the crypto market. In most product categories, the legacy markets are superior.
  • Offers that fall through into the crypto market tend to be bad deals that are not sellable in more professionally accepted markets.
  • Humans prefer the hands-off custody that they get when they do NOT have to handle tokens. They like having brokerage accounts, and reliable securities custodians, and even issuer spreadsheets. It’s easier, and more reliable for them over the long term.

The natural customer for tokenized assets is software, not humans. Compared with enterprise APIs, any type of automation is much easier with tokens and open access blockchains. Smart wallets and DeFi protocols need the tokenized formats. New types of fintech and AI agents will need the tokenized formats. As software eats the world, and the world gets more globalized, and AI grows in capabilities, demand grows for tokenized formats.

To find demand, tokenized securities must be available for DeFi and new software applications.

Securities exchange rules are blocking automation

A security represents an investment in a “common enterprise” with an expectation of profit. That sounds great! I like common enterprise, and I like profit. And yet, crypto projects fight against classification as securities.

The theory of a protocol token is that it has no issuer (no common enterprise). It’s an artifact shared by a bunch of people who agree to run the same software. In the world of human enterprise, “a bunch of people who agree to run the same software” is a special case. To deliver more energy, medicine, housing, food, etc. we need common enterprises, and we need securities.

A security is a legal claim that security owners have against the issuer. Tokens are not securities. They are just entries in a ledger that can match wallets with claims. Tokens can be useful as a record of ownership and exchange during some part of the lifecycle of a security. Tokens make the underlying securities useful for DeFi, for other software, and for global workflows.

However, applying securities rules to a token will kill it, because the rules for exchanging securities are so clumsy. The US SEC is using this as a weapon to kill crypto. They have targeted L1 blockchains like Algorand, which would halt instantly if their ALGO token couldn’t be exchanged in real time between machines.

We can think of securities rules in three categories:

  • Disclosure. Good idea. You should understand the underlying issuer and economics before you bid on a security
  • Form of sale. These rules impose restrictions on who can buy and sell securities. These rules don’t naturally accommodate the true users of tokenized assets — software and protocols. But, it is possible to follow them.
  • Exchange. US rules for the exchange of securities are destructive.

US exchange rules were originally written in 1934. They involve a series of intermediaries to do overnight settlement. These intermediaries are members of a union called FINRA. In theory, you can trade “digital assets” on a type of US-licensed exchange called an ATS. A number of these ATS systems have been approved, but as far as I know, customers won’t use them. It’s difficult to bring customers from an open blockchain with atomic settlement, and say “no, no. You have to use these clay tablets inscribed by FINRA members.”

An unfortunate side effect of exchange rules is to eliminate DeFi automation. DeFi works if you can “compose” software by taking the output of a transaction and using it for further processing. That’s not possible if you have to send the transaction out for settlement and possible reversal.


Our customers are building software and automation. These design elements give them the best chance of success.

Public blockchains: Public blockchains bring you in contact with new people and new product opportunities. Blockchains are the teeming cities that bring together the global villagers. Inside a private blockchain, you just have a slow and inefficient database.

DeFi: Support the full range of DeFi automation, including structuring, leveraging, and trading.

Exchange: Human participants, DeFi protocols, and machines must be able to freely exchange asset-backed tokens.

Innovation: Innovators should be able to add new software and automation without pre-approval.

Wholesale market with registered participants

In order to increase reliability, and work with regulators, we will need to restrict access to qualified and identified participants.

Regulators want to make sure that they are working with qualified participants. This is especially important for jurisdictions that don’t want to get into trouble with FATF AML rules. So, we need a qualification process.

Blockchains are global. Regulators want to enforce differing local rules, especially in the US. We can avoid triggering some local rules by working with non-US, professional investors. These investors will have exemptions in their home jurisdictions that allow them to buy and exchange tokens and private securities.

Regulators want to eliminate the risk of loss. Good idea! Restricting access to known wallets will dramatically reduce losses from hacks, fraud, and mistakes.

Here is an SEC statement on the matter: “Traditional securities transactions generally are processed and settled through clearing agencies, depositories, clearing banks, transfer agents, and issuers. A broker-dealer’s employees, regulators, and outside auditors can contact these third parties to confirm that the broker-dealer is in fact holding the traditional securities reflected on its books and records and financial statements, thereby providing objective processes for examining the broker-dealer’s compliance with the Customer Protection Rule. Also, the traditional securities infrastructure has established processes to reverse or cancel mistaken or unauthorized transactions.

In the SEC system, a problem solver can call around to find the participants in a bad transfer. In our system of DeFi-ready securities, a problem solver can find participants in a qualifier’s registry. Ruggers and thieves will have no place to hide. We can track down and negotiate a resolution to mistakes.


In this section, we describe our implementation of DeFi-ready securities, along with some of the other implementation options.

Ethereum ecosystem

Our implementation uses Ethereum-style tokens. Today, the majority of DeFi assets are on Ethereum compatible chains. We use L2 chains for scaling, with Axelar and LayerZero token bridging and messaging.

Future implementations may use platforms that represent tokens and wallet credentials differently.

Swiss securities

Swiss securities are now authorized for DLT (distributed ledger technology). They have simple private placement requirements. They can be offered by entities from foreign jurisdictions.

Regulators will qualify issuers

Regulators from various jurisdictions will qualify issuers, in exchange for entity formation fees. We will present a list of participating venues.

Tokens with transfer restrictions

We need to fix a fatal flaw in the original concept of Swiss DLT securities. The Swiss rules require that securities be sold to qualified buyers, and redeemed from qualified buyers. However, there is no restriction on secondary sales to unqualified wallets. This makes them useful for DeFi. However, it also exposes the issuer to buyers and securities laws in a multitude of countries, including the US. For this reason, players such as Uniswap have refused to handle Swiss DLT securities.

In order to gain wider acceptance, we need to restrict the tokens to qualified wallets. Then, we are only exposed to the known securities rules that cover our buyers.

I do this with a simple “TransferVerifier” contract attached to my tokens. We can plug in rules enforcing no transfers, AML blacklisting, whitelisting, or on-chain credentials like “soulbound” NFTS. We will publish a set of these TransferVerifiers.

Shared qualifications

Qualifiers will collect KYB and AML information from potential buyers, and issue on-chain credentials for related wallets. They will save this information in a private registry.

There are several ways to organize the process of qualifying buyers.

  1. Every issuer collects qualifying information from every customer. This is the standard used by banks, and promoted by FATF. It requires a lot of work from both customers and vendors. It leaks private information.
  2. One entity does the qualification and builds a master ID registry. Many companies have tried to do this. Customers have not agreed with them.
  3. Qualifiers “federate” to share customer credentials. This is the most successful model. It is used in the securities exchange system. Each broker qualifies its own customers, and they share accounts through exchange member agreements. This is the topology that will work best for a DeFi-ready securities market.

Exchanges and KYB providers will issue their own credentials. We will ask them to share those credentials, hold them to standards of qualification, and organize procedures for gaining access to the real name registry.

On-chain buyer credentials

There are several ways to represent credentials.

  1. Presentation of zero knowledge proofs, in a ZK system where we cannot see who is doing what. This has advantages for traders. Their activities will be private while they build and unload positions. However, it will meet resistance from market participants and regulators who benefit from transparency
  2. Off-chain credentials for wallets on a transparent blockchain. This category includes a variety of “self-sovereign” ID systems which help users send credentials. Users have not adopted these systems. They are not motivated to do the work to maintain and send the credentials.
  3. Whitelists. A whitelist is a variant of an NFT holder list.
  4. On-chain credentials, in the form of non-transferrable NFTs. This leaks some privacy. However, it has many advantages in usability, simplicity, and portability across blockchains.

We will start our market with on-chain NFT credentials. We can use them with the pluggable transfer restrictions.

An open door for DeFi

We want to make it easy for DeFi protocols to handle DeFi-ready securities.

Technically, DeFi contracts will need on-chain credentials to hold our restricted tokens. A DeFi contract is not a legal entity that can get KYB credentials. So, we will add them to a special whitelist for contracts.

Any developer can add contract addresses to this whitelist, and start handling DeFi-ready securities. However, we can block those contracts later. This “optimistic” process keeps the door open for innovation.

Help build DeFi-ready securities

The next article on Using DeFi-ready securities introduces specific types of deals where coordination and automation are important.

Follow ongoing progress on Twitter and here on Medium.



Andy Singleton

Software entrepreneur/engineer. Building DeFi banking at Maxos — . Previously started Assembla, PowerSteering Software, SNL Financial.