Regulators from Europe, the United States and elsewhere are busily hammering out details on how to designate decentralized exchanges (DEXs) as “broker
Regulators from Europe, the United States and elsewhere are busily hammering out details on how to designate decentralized exchanges (DEXs) as “brokers,” transaction agents or similar entities that affect a transfer and cooperate with each other. The U.S. called for multinational cooperation in its executive order on responsible digital asset development, as did the European Union with its recent Financial Stability and Integration Review. And that is just what’s publicly accessible.
Behind the scenes, the whisper of regulation is getting louder. Did anyone notice that all the Know Your Customer (KYC) requirements have been laid on smaller centralized exchanges in exotic locations over the past two months? That was the canary in the coal mine. With the aforementioned designation and cooperation, DEXs will start to feel regulator heat soon.
Yes, regulations are coming, and the main reason why DEXs will hardly survive the coming storm is their proclaimed lack of ability to identify the users using and contributing to liquidity pools. In conventional financial circles, rendering services without proper KYC procedures is a big no-no. Not tracking identity allowed Russian oligarchs to use the Hawala payment service to anonymously move millions of dollars leading up to the war in Ukraine, so regulators are justifiably concerned about DEXs. For most DEX enthusiasts, KYC sounds like an insult, or at least, something that a DEX is fundamentally incapable of doing. Is that really the case, though?
Related: Crypto’s impact on sanctions: Are regulators’ concerns justified?
DEXs are actually pretty central
Let’s start with the anatomy of a DEX, and we’ll find that they aren’t even as decentralized as one may think. Yes, DEXs run on smart contracts, but the team or person that uploads the code on-chain usually gets special admin-level privileges and permissions. Additionally, a known, centralized team usually takes care of the front end. For example, Uniswap Labs recently added the ability to scrub known hacker wallets, removing tokens from their menu. While DEXs claim to be pure code, in reality, there is still a more-or-less centralized developer team behind this ethereal entity. This team also takes in any profits to be made.
Furthermore, an in-depth look at the way users communicate with permissionless chains reveals more centralized choke points. For example, last month, MetaMask was unavailable in a few regions. Why? Because Infura, a centralized service provider that the on-chain wallet relies on for an Ethereum API, decided so. With a DEX, things can always play out in a similar way.
Some people say that DEXs are more decentralized by virtue of being open source, meaning any community is free to fork the code and build their own DEX. Sure, you can have as many DEXs as you want, but the question is about which ones manage to bring more liquidity to the table, and where users actually go to trade their tokens. That is, after all, what exchanges are for in the first place.
Related: DEXs and KYC: A match made in hell or a real possibility?
From a regulatory standpoint, an entity facilitating such trades can be seen as a “broker” or a “transfer agent” regardless of whether it is open source or not. That is where most regulations are heading. Once identified as such, DEXs will take major fire unless they can comply with a wide array of requirements. These would include getting a license, verifying user identities and reporting transactions, including suspicious ones. In the U.S., they would also have to comply with the Bank Secrecy Act and freeze accounts upon request from the authorities. Without all of that, DEXs are likely to go under.
The identity-and-KYC issue
Since DEXs claim they are decentralized, they also claim that they are technologically incapable of implementing any identity verification or KYC controls. But in truth, KYC and pseudonymity are not mutually exclusive from a technological standpoint. Such an attitude reveals, at best, laziness or an unhinged push for lower costs, and at worst, a desire to profit from dirty money being moved around.
Arguments that a DEX is unable to do KYC without creating a honeypot of personal information lack technical merit and imagination. Multiple teams are already building identity solutions based on zero-knowledge proofs, a cryptographic method that allows one party to prove it has certain data without revealing that information. For example, proof of identity can include a green checkmark that the person has passed the KYC, but does not reveal personally identifiable information. Users can share this ID with a DEX for verification purposes without the need for a centralized repository of information.
Since their users don’t have to pass a KYC, DEXs become part of the puzzle when it comes to ransomware: Hackers use them as a major hub for moving bounty. Due to the lack of ID verification, DEX teams are unable to explain the “source of funds,”…
cointelegraph.com