Last month, the technology developer Gnosis sold $12.5 million worth of “GNO,” its in-house digital currency, in 12 minutes. The April 24 sale, intended to fund development of an advanced prediction market, got admiring coverage from Forbes and The Wall Street Journal. On the same day, in an exurb of Mumbai, a company called OneCoin was in the midst of a sales pitch for its own digital currency when financial enforcement officers raided the meeting, jailing 18 OneCoin representatives and ultimately seizing more than $2 million in investor funds. Multiple national authorities have now described OneCoin, which pitched itself as the next Bitcoin, as a Ponzi scheme; by the time of the Mumbai bust, it had already moved at least $350 million in allegedly scammed funds through a payment processor in Germany.
These two projects—one trumpeted as an innovative success, the other targeted as a criminal conspiracy—claimed to be doing essentially the same thing. In the last two months alone, more than two dozen companies building on the “blockchain” technology pioneered by Bitcoin have launched what are known as Initial Coin Offerings to raise operating capital. The hype around blockchain technology is turning ICOs into the next digital gold rush: According to the research firm Smith and Crown, ICOs raised $27.6 million in the first two weeks of May alone.
Unlike IPOs, however, ICOs are catnip for scammers. They are not formally regulated by any financial authority, and exist in an ecosystem with few checks and balances. OneCoin loudly trumpeted its use of blockchain technology, but holes in that claim were visible long before international law enforcement took notice. Whereas Gnosis had experienced engineers, endorsements from known experts, and an operational version of their software, OneCoin was led and promoted by known fraudsters waving fake credentials. According to a respected blockchain engineer who was offered a position as OneCoin’s Chief Technology Officer, OneCoin’s “blockchain” consisted of little more than a glorified Excel spreadsheet and a fugazi portal that displayed demonstrably fake transactions.
And yet, OneCoin attracted hundreds of millions of dollars more than Gnosis. The company seems to have targeted a global category of aspirational investors who noticed the breathless coverage and booming valuations of cryptocurrencies and blockchain companies, but weren’t savvy enough to understand the difference between the real thing and a sham. Left unchecked, this growing crypto-mania could be hugely destructive to one of the most promising technologies of the 21st century.
* * *
This danger exists in large part because grasping even the basics of blockchain technology remains daunting for non-specialists. In a nutshell, blockchains link together a global swarm of servers that hosts thousands of copies of the system’s transaction records. Server operators constantly monitor one another’s records, meaning that to steal money or otherwise alter the ledger, a hacker would have to compromise many machines across a vast network in one fell swoop. Even as the global banking system faces relentless cyberattacks, the more than $30 billion in value on Bitcoin’s blockchain has proven essentially immune to hacking.
That level of security has potential uses far beyond digital money. Introduced in July of 2015, a platform called Ethereum pioneered the idea of more complex and interactive applications backed by blockchain tech. Because these systems can’t be altered without the agreement of everyone involved, and maintain incorruptible records of every change, blockchains could eventually streamline sensitive, high-value networks ranging from health records to interbank transfers to remote file storage. Some have called the blockchain “Cloud Computing 3.0.”
Using most of these blockchain applications will require owning the digital currencies linked to them—the same digital currencies being sold in all these ICOs. So, for example, to upload your vacation photos to the blockchain cloud-storage service Storj will cost a few Storj tokens. In the long term, demand for services will set the price of each blockchain project’s token.
While a traditional stock is a legal claim backed up by regulators and governments, then, the tokens sold in an ICO are deeply embedded in the blockchain software their sale helps create. Knowledgeable tech investors are excited by this because, along with the open-source nature of much of the software, it means that ICO-funded projects can, like Bitcoin itself, outlast any single founder or legal entity. In a 2016 blog post, Joel Monegro, of the venture capital fund Union Square Ventures, compared owning a blockchain-based asset to owning a piece of digital infrastructure as fundamental as the internet’s TCP/IP protocol.
Almost all groups launching ICOs reiterate some version of this idea to potential buyers, in part as a kind of incantation to ward off financial regulators. The thinking is that, if they are selling part of a platform, rather than stakes in any company, they’re not subject to oversight by bodies like the U.S. Securities and Exchange Commission. But in practice, ICOs are constantly traded across a variety of online marketplaces as buyers breathlessly track their fluctuating prices. In this light, they look an awful lot like speculative investments.
Buyer expectations may matter more to regulators than technical hair-splitting. Todd Kornfeld, a securities specialist at the law firm Pepper Hamilton, finds precedent in the landmark 1946 case SEC v. W.J. Howey Co. Howey, a Florida orange-growing operation, was selling grove plots and accompanying “service contracts” that paid faraway landowners based on the orange harvest’s success. When the SEC closed in, Howey argued they were selling real estate and services, not a security. But the Supreme Court ultimately disagreed, establishing what’s known as the Howey test: In essence, if you give someone else money in the hope that their activities will generate a profit on your behalf, you’ve just bought a security, no matter what the seller calls it.
Knowledgeable observers tend to agree that some form of regulation is inevitable, and that the term ICO itself—so intentionally close to IPO—is a reckless red flag waved in the SEC’s face. The SEC declined to comment on any prospective moves to regulate ICOs, but the Ontario Securities Commission has issued an advisory that “assets that are tracked and traded as part of a distributed ledger may be securities, even if they do not represent shares of a company or ownership of an entity.”
According to Kornfeld, even those who believe they are conducting ICOs in complete good faith could face serious repercussions when regulators do act, especially if prosecutors think they’ve made misleading statements. “If [prosecutors] think that you’re really bad,” he says. “They can say, hey, you deserve 20 years in jail.”
* * *
While it’s easy to see the lie in OneCoin’s fictional blockchain, entirely sincere claims about such a nascent sector still can strain the limits of mere optimism. Many experts, for instance, believe that Gnosis’s use of the blockchain to aggregate data could become a widespread backbone technology for managing complex systems from traffic to financial markets. But the $12.5 million worth of GNO sold in the Gnosis ICO represented only 5 percent of the tokens created for the project, implying a total market value of nearly $300 million. Most tech startups at similar stages are valued at under $5 million.
That astronomical early valuation alone could become bait for an aggressive regulator. Many founders of legitimate blockchain projects have chosen to remain anonymous because of this fear, in turn creating more opportunities for scams.
Much of the money flowing into these offerings is smart, both in that it comes from knowledgeable insiders, and in a more literal sense: Buying into ICOs almost always requires using either Bitcoin or Ethereum tokens (OneCoin, tellingly, accepted payment in standard currency). Jeff Garzik, a longtime Bitcoin developer who now helps organize ICOs through his company Bloq, thinks their momentum is largely driven by recently minted Bitcoin millionaires looking to diversify their gains. Many of these investors are able to do their own due diligence—evaluating a project’s team, examining demo versions of their software, or scrutinizing their blockchain after launch.
But as cryptocurrency becomes more mainstream, ICOs will present greater risks to larger numbers of people. There are few barriers to participation aside from knowing how to conduct a Bitcoin transaction, and the space mostly lacks the robust independent analysis performed by underwriters in the IPO market, which can help tamp down overoptimism. The risk isn’t just to individual investors; many argue that the mania of the late-1990s internet bubble ultimately slowed the entire sector down by making investors skittish for years afterwards. Imagine how much worse things might have been if the whole thing had been entirely unregulated.
Careful regulation, then, could protect blockchain projects from a hugely damaging bust. And the model is genuinely utopian enough to deserve nurturing. Cryptographic tokens effectively make all of a platform’s users part-owners. Anyone selling goods for Bitcoin, for example, has had a chance to benefit from its huge price boost over the past year, while Facebook and Google users have not shared in those companies’ growth.
The Gnosis team is taking this very long view. Their token sale was halted after that furious 12 minutes by an Ethereum-based bot that knew exactly what the fundraising goal was. It even returned more than $1 million to eager buyers who missed the cutoff. Gnosis’s co-founder Martin Koppelman says the company wants to use its remaining tokens not to enrich its creators, but to attract developers and users. That’s similar to the way that Uber has used cash subsidies to recruit riders and drivers, except that once those new recruits hold Gnosis tokens, they will have a serious stake in the platform’s future.
We want to hear what you think about this article. Submit a letter to the editor or write to email@example.com.