- Key insight: The risks posed by stablecoins — including the less-understood risks of technology — should not be used to halt progress.
- What's at stake: Risk that is not studied and hedged can do the most damage.
- Forward look: Regulators and market participants should come up with guardrails that protect users while supporting the creation of a new architecture for tomorrow's financial system.
As any traveler through life will tell you, risk can be prepared for if it is identified, and managed if it is quantified. It's the risks that are not studied and hedged that can do the most damage.
In the intersection of banks and stablecoins, we
We're also
But I've not heard much chatter about a type of risk that is equally structural but less understood: that stemming from the underlying technology. What's more, this type of risk could be even more challenging to deal with as it's not so much about things going wrong, as about who takes responsibility.
Listing all the blockchain-related points of vulnerability would push this article beyond a reasonable length and well into techno-speak, so I'll limit myself to outlining some of the more obvious ones relating to public blockchains.
First up has to be the decentralized governance of public blockchains, on which most stablecoins move. Their distributed, open nature is a key advantage in that it ensures accessibility and embeds resilience, which fuse into a solid reassurance of continuity. These blockchains are maintained by a global community of developers who rely on consensus for any updates to the underlying code; they don't answer to financial institutions or stablecoin issuers and, while unlikely, it's not inconceivable that they could decide on an upgrade that key users don't agree with. Stablecoin issuers have both influence — given the transaction volume their products account for — and choice, as they can switch blockchains with little upheaval (the main ones already work on several). But the lack of control of the design on which stablecoins run is a radical departure from the established governance of traditional finance rails.
What if there is momentum but no consensus on a key public blockchain feature proposal? There have been occasions in the past when ambitions diverge and factions emerge, leading to an upgrade followed by only some of the community. This is known as a fork as one chain splits into two, the new and the old running side by side, with the scary possibility of double spending — assets issued on one chain also appear on the other. How would stablecoin issuers and users handle this situation?
Also, public blockchains have no control over the volume of transactions coursing through the network at any given time. Ethereum — on which the majority of today's stablecoins circulate — has enhanced its scalability over the years, with further expansion on the road map. But, even today, a flood of activity from a meme frenzy or similar demand surge could lead to network congestion, reflected in higher fees and slower transaction times. What's more, even the hint of this possibility could lead to a wave of stablecoin redemptions or chain migrations, exacerbating the congestion.
Speaking at the Digital Asset Summit, the Comptroller of the Currency argued that part of his goal in shifting the agency's posture toward the crypto industry is to allow smaller financial institutions to engage in novel technologies, which he said will keep banks relevant.
Then again, ethereum has been running with full uptime for many years. The same can't be said for newer chains, some of which have been
Another point of vulnerability is the movement of stablecoins between blockchains via programs known as bridges. Most either lock tokens up and mint replacements on a different chain, creating attractive honeypots for hackers; or they burn tokens on one chain and mint on another.
Both types rely on smart contracts, self-executing programs that perform actions such as minting stablecoins, paying yield, swapping assets and so on. While presumably well-tested, bugs are a possibility. These can be fixed — but what if upgrade credentials are leaked or stolen and a fix is blocked, or malicious code is inserted? In this situation, who would bear responsibility?
The bigger issue is that while technology-related problems can be fixed, they often have legal consequences that are not yet well-defined. Traditional financial rails have also
If money is lost, who is legally responsible? If stolen stablecoins are swiftly bounced around privacy shields, can they still be recovered? If surplus stablecoins are accidentally minted (as
In traditional finance, rails may be disjointed, inefficient and sometimes incompatible, but responsibilities for system maintenance and fixes are well defined, as is accountability. Public blockchains, on the other hand, are not legal entities and don't have a clear management structure. In this new diffuse on-chain landscape, who bears responsibility for technology-related risk?
Many may prefer that we stop the evolution of stablecoins and decentralized finance more broadly while we figure this out, but that would be a regressive mistake — evolution can't wait for perfection. Yet when it comes to finance and payments, caution is required as any hiccup, however small, can reverberate around the world.
Regulators are no doubt working on this as the stakes are high. Together with market participants, they will hopefully come up with guardrails that protect users while supporting the creation of a new architecture for tomorrow's financial system.
