Monthly Archive: February 2019

0

Why are Smart Contract Security Audits So Important?

To say that we are living in the “ICO era” is a gross understatement.

They have generated billions of dollars in revenue and have pretty much become a household name in the process. However, with so much money flowing around, extra care must be taken to make sure that the smart contracts are not exploited and that the money generated is secure.

Faulty or careless coding can lead to a host of attacks by hackers like the reentrancy attack, overflow/underflow attack etc. Remember, at the end of the day, it is not just your money which is at stake.

So, having said that, let’s understand what smart contracts are and the different types of contracts out there.

Why are Smart Contract Security Audits So Important?

 

Different Types of Smart Contract

Smart contracts are automated contracts. They are self-executing with specific instructions written on its code which get executed when certain conditions are made.

You can learn more about smart contracts in our in-depth guide here.

Smart contracts are how things get done in the Ethereum ecosystem. When someone wants to get a particular task done in Ethereum they initiate a smart contract with one or more people.

Smart contracts are a series of instructions, written using the programming language “solidity”, which works on the basis of the IFTTT logic aka the IF-THIS-THEN-THAT logic. Basically, if the first set of instructions are done then execute the next function and after that the next and keep on repeating until you reach the end of the contract.

There are three kinds of smart contracts:

  • Fully on chain standard compliant contracts which have no ether (or any compliant tokens) transfers. These are the ones that are the easiest to audit as they follow a particular standard. Since they are completely on the blockchain and has no ether transfers, it is not vulnerable to attacks 
  • Fully on chain standard compliant contracts which have enabled Ether transfers like ICO. These contracts ar a little harder to audit than the former ones. Having said that, contracts which enable ICOs usually follow templates which makes it easier to audit. 
  • Finally, we have contracts which have off-chain interactions like oracles, channels, etc. These are extremely hard to audit as they involve some operations which are outside the blockchain. In fact, it won’t be a stretch to say that fully auditing these contracts is nearly impossible.

Alright, so now we know what smart contracts are, let’s look into the importance of auditing these contracts.

Importance of Auditing

It is futile to tell you about the importance of auditing without telling you about the most famous hack in the short history of ICOs.

The DAO aka the Decentralized Autonomous Organization was a complex smart contract which was going to revolutionize Ethereum forever. It was basically going to be a decentralized venture capital fund which was going to fund all future DAPPS made in the ecosystem.

The way it worked was pretty straightforward. If you wanted to have any say in the direction DAPPS that would get funded, then you would have to buy “DAO Tokens” for a certain amount of Ether. The DAO tokens were indicators that you are now officially part of the DAO system.

So, how were DAPPS going to get approved and built? Well, firstly they need to get whitelisted by the curators, who were basically known figureheads in the Ethereum world. After getting their stamp of approval, they will get voted on by the DAO token holders. If the proposal gets a 20% approval in the vote, then they will get the required funds to get started.

The potential of the DAO and the flexibility, control and complete transparency that it offered was unprecedented; people leaped in to get their share of the pie. Within 28 days of its formation, it accumulated over $150 million worth of ether in a crowdsale. At that time, it had 14% of all ether tokens issued to date.

You might be wondering, that’s all good but how does one go out of the DAO? What if some DAPP gets approved that you are not a huge fan of, how do you opt out of the DAO then? To enable this, an exit door was created called the “Split Function.” Using this function, you would get back the ether you have invested and, if you so desired, you could even create your own “Child DAO.” In fact, you could split off with multiple DAO token holders and create your own Child DAO and start accepting proposals.

There was one condition in the contract, however, after splitting off from the DAO you would have to hold on to your ether for 28 days before you could spend them.

So everything looks nice and spiffy for now….except, there was one little problem. A lot of people saw this possible loophole and pointed it out. The DAO creators assured that this was not going to be a big issue. The only thing is, it really was a big issue. This very thing created the entire storm that split Ethereum into Ethereum and Ethereum Classic.

On 17th June 2016, someone exploited this very loophole in the DAO and siphoned away one-third of the DAO’s funds. That’s around $50 million dollars. The loophole that the hacker(s) discovered was pretty straightforward in hindsight.

If one wished to exit the DAO, then they can do so by sending a request. The splitting function will then follow the following two steps:

  • Give the user back his/her Ether in exchange for their DAO tokens. 
  • Register the transaction in the ledger and update the internal token balance.

What the hacker did was they made a recursive function in the request, so this is how the splitting function went:

  • Take the DAO tokens from the user and give them the Ether requested. 
  • Before they could register the transaction, the recursive function made the code go back and transfer even more Ether for the same DAO tokens. 
  • This went on and on until $50 million worth of Ether were taken out and stored in a Child DAO and as you would expect, pandemonium went through the entire Ethereum community.

So, to summarize everything.

The DAO was supposed to be a revolutionary dApp which was going to change Ethereum forever. However, because of a simple flaw in the smart contract code, a hacker was able to siphon away $50 million worth of Ether. As a result, the following happened:

The DAO, more than anything, serves as a reminder as to why ICOs must make sure that they invest in quality auditing services. The truly sad part is that this could have been avoided if the contract was submitted to a decent enough auditing service.

This also personifies the main problem faced by most modern smart contracts: over-engineering.

Most of the contracts are developed by multiple developers, which inevitably leads to an unnecessarily high level of complexity. This high level of complexity leads to a higher vulnerability which increases the attack surface of the Dapp.

So, having said that, let’s look at the fundamental approaches that are there to contract auditing.

Fundamental Approaches to Auditing

There are two fundamental approaches to smart contract auditing:

  • Manual code analysis
  • Automatic code analysis.

Manual Code Analysis

Manual analysis should be done if you have a decent-sized development team. Basically, the team will go through and examine each and every line of code and test them for different security issues. While it goes without saying that this is the best way to go about auditing, the problem remains in the fact that it is extremely time-consuming. Also, if you don’t already have your own dev team, it will cost you tons of money to hire the required number of developers to go through your code in-depth.

Automatic Code Analysis

On the other hand, automatic code analysis saves developers a ton of money as they make use of sophisticated penetration tests to help them find vulnerabilities. Developers use software like Truffle to conduct automatic code testing. They can also use Populus, which is a python based framework.

While this method is fast and money-efficient, it has a number of problems.

Automatic testing can miss quite a lot of vulnerabilities and it can also falsely identify a code as problematic even though it isn’t.

So, the most ideal solution will be a combination of the thoroughness of the manual analysis and the time and economic efficiency of the automatic analysis. That is what we have achieved with BountyOne.

We will introduce you to BountyOne soon, however before we do that, we need to you tell you about the current state of the Auditing Industry.

The Current State of Auditing

Well, to put it mildly, the current state of the auditing industry is broken. There are two things that are worth taking note of:

  • Firstly, the supply of developers who are knowledgeable enough to run through different iterations of the code to find vulnerabilities is extremely low. It is a highly niched area.
  • Secondly, the demand is extremely high. Just look at the sheer number of ICOs out there. Obviously, they all want proper auditors for their smart contracts.

Because of these reasons, the price of proper auditing and testing goes through the roof.

The exact cost of conducting a smart contract audit really depends on a number of key factors.

As we have said before, if you don’t have your own developer team, then you will need to outsource your contract, which will greatly inflate your budget.

Having said that, a simple smart contract with no business logic costs around $4000. More complicated and advanced smart contracts can go from $50,000 all the way up to $100,000.

Plus, if that’s not enough. There is usually a 3-4 weeks waitlist and then it takes 8 weeks for the auditing process to be completed.

So, not only are you spending a lot of money, you are wasting a lot of time as well. This is why we have introduced the BountyOne platform, to:

  • Get together different developers from around the world on one platform
  • Secondly, it will help project creators to save up a lot of time and money and still achieve the best possible audit.

Alright, so let’s introduce you to BountyOne.

What is Different about BountyOne?

Think of BountyOne as the “Uber” of smart contract auditors. Any auditor can choose to work on any contract that is currently active on the platform. Each and every one of these auditors are vetted extensively by us. They go through a detailed application process which makes sure that only the best auditors get on our platform.

The entire auditing process goes through three stages:

  • Stage 1: The auditors work on the contract and submit their versions
  • Stage 2: Senior auditors then look at the work that has been done by the auditors and marks it from 0-10
  • Stage 3: The community checks the work that has been done by the Sr. auditors and the auditors to see if everything is in place.

This “triple ditch audit” makes sure that everyone’s work gets, not just double, but triple checked. So, now that we know a general overview, let’s go into details.

Stage 1: Auditing

The contract giver submits a contract and assigns a particular amount of Ether to it. The bounties will be listed on the platform like a bulletin board of sorts. The contracts will be listed as “In Progress”.

Now any auditor who has been cleared by BountyOne can choose to work on this contract. The way they initiate it is by staking some of their ether into the contract. The reasoning behind this stake is simple, to make sure that things get done on time.

One of the biggest problems with current smart contract auditing services is that it is extremely consuming. Like we have mentioned before, it may take >50 days for a normal contract to be audited.

In BountyOne we make sure that timing is a priority by letting our auditors enter a time-sensitive contract. Basically, if they do not complete their work in the given amount of time, then they will lose their stake.

10 auditors can work on a project at a time.

Stage 2: Grading

Now comes the second stage of the process.

The auditors have created and submitted their versions of the contract, so now, how do we choose the best contract in a fair manner? For this, a jury needs to be selected.

Three senior auditors can choose to become jurors for a particular audit case by staking Ethereum into the contract. A senior auditor is basically an auditor who has done at least 3 successful audits in the BountyOne ecosystem. So, these senior auditors can rank the work of each auditor individually from 0-10, 0 being the lowest and 10 being exceptional.

Imagine that we have a hypothetical smart contract A and only two auditors are working on it, Alice and Bob. Imagine that three senior auditors mark Alice and Bob like this:

Ok, so turns out that Alice has done a great job and Bob has done a terrible job. This is at least what our jury has decided.

However, one more level of checking needs to be done. Remember how we said that each senior auditor needs to stake their own ethereum to become a jury member? This is where that stake comes into play.

Stage 3: Verifying

The final stage of the audit is the community check. BountyOne’s entire auditor community will get their hands on the following:

  • The original contract that was given for auditing
  • All the audited contracts that were submitted by the auditors
  • The marks that were given to the audited contracts by the senior auditors

The community check leverages the “wisdom of the crowd” to make sure that the senior auditors have marked the audited contracts fairly.

In order to do this, they will check each and every audited contract and see how much of an improvement it is over the original submitted contract. After that, they are going to check the marks given by the Sr. Auditor and see if it is fair or not.

If the community doesn’t find any faults, then well and good. However, suppose they find some glaring discrepancies. Suppose they checked Bob’s audits and they think that he has done a really good job and 2/10 is way too less a score for him. If that happens then they will raise a red flag.

This works in reverse as well.

Suppose a Sr. Auditor gave really good marks to a below-average audit. Then the community will red flag that audit and nullify the marks that the auditor has received.

Stage 3B: Red-Flagging (optional)

IF the community raises a red flag, then and only then is this second jury group of senior auditors formed. Senior Auditors who took part in the original jury will not be able to take part in this one.

If this jury finds out that certain senior auditors haven’t done their job properly in the original jury, then their stake is taken away immediately. As such, senior auditors always have an economic incentive to make sure that they are marking the audits properly.

Stage 4: Rewarding

Alright, so now that we know how the entire process works, let’s look deeper into the reward mechanism. How does the BountyOne platform reward its participants to make sure that everyone is getting their fair rewards?

The breakdown works like this:

  • 70% of the total ether reward goes to the auditors
  • 20% of the total ether goes to the Senor Auditors.
  • IF the community find anything wrong with the audits or the Senior Auditor’s work then they can raise a red flag which will be checked upon by a new jury of Senior Auditors. If this checks out, then the community and this second jury of Senior Auditors will get 10% of the total Ether.
  • However, if the community finds absolutely nothing wrong, then the extra 10% of the total ether will go back to the auditors. So in this case, they get a total of 80%
  • The auditors will get paid in proportion to the marks that they have received.

Let’s take an example of this and see how the reward breakdown will go through.

Suppose, we have a contract with a 10 ETH reward price. Let’s assume that only two auditors, Alice and Bob were working on it, and during the auditing process, the community didn’t have to come into play.

So, Alice and Bob will receive 80% of the total Ether reward price which is, 8 ETH.

Now, let’s assume that the senior auditors scored Alice and Bob like this:

The total score received are: 9+10+9+3+3+2 = 36

Of this, Alice’s share is: 9+10+9 = 28 out of 36 which is 28/36*100 = 77.78%

Bob’s share is: 3+3+2 = 8 out of 36 which 8/36*100 = 22.22%

So, after the audit, Alice will get 6.24 ETH (77.78% of 8) and Bob will get 1.76 ETH.

You can check out the infographic of all the processes in BountyOne right here.

Why BountyOne Over Other Platforms?

So, why should you select BountyOne over other auditing platforms? Well, let’s take a look:

  • It is cheaper because we do not have full-time auditors that we must pay hundreds of thousands of dollars to keep. They have other solidity development jobs and just do this on the side like an Uber driver. 
  • We pay them based on performance and not simply for saying they read the code. This is the reason why the auditors are economically incentivized to do the best work possible. 
  • The auditors risk losing all their staked money if they do not do a good job and don’t submit their work on time. This makes sure that there are no unnecessary delays. 
  • Also, the community (including other auditors) can make a significant amount of money by disproving the works that others have done.

All these factors combine to make sure that the end product that you’re getting is the best possible audit of your smart contract.

Conclusion

So, there you have it.BountyOne, the decentralized Bounty marketplace. We believe that this model, which uses economic incentives and a more user-friendly environment will help bring some much-needed order into a highly chaotic and broken space i.e. smart contract auditing.

If you want to learn more about us, then you may get started here

The post Why are Smart Contract Security Audits So Important? appeared first on Blockgeeks.

Malta AI & Blockchain Summit Handing Out 100 Free Booths to Startups 0

Malta AI & Blockchain Summit Handing Out 100 Free Booths to Startups

CoinSpeaker

Malta AI & Blockchain Summit Handing Out 100 Free Booths to Startups

Malta AI & Blockchain Summit: 22-25 May, Hilton, St. Julian’s – Malta.

Malta AI & Blockchain Summit Handing Out 100 Free Booths to Startups

Continue reading at Coinspeaker

Top European VCs for Seed Funding | Startup Stash 0

Top European VCs for Seed Funding | Startup Stash

Top European VCs for Seed Funding

When you create your own startup, one of the most important things to consider is where you will get your early funding from. When you begin your project, revenue is likely to be scarce or merely stable, rather than abundant and the success of your business may be centered around whether or not you can secure external investment to jumpstart your venture.

With this in mind, we will be exploring seven European venture capital firms that are experts in their selected industries, who may be able to help you secure the funding that is necessary for your sustained success.

SNÖ Ventures

SNÖ Ventures are a Norweigan early-stage venture capital firm, that offers investments to technology-related startups and business owners. The team at SNÖ Ventures have extensive knowledge and experience in technology-related ventures and some have had their own businesses succeed.

The firm has established offices in their native Norway, in Oslo and has also established a presence in Palo Alto, in the United States since their founding by Magne Uppman and Teodor Bjerrang during 2015.

(READ MORE: 7 Thought Leaders You Should Be Following in 2019)

The average size of a round of seed funding conducted by the firm is $1 Million.

At this time, SNÖ Ventures have only made investments in their own country, with the industries of the companies invested in ranging from technology to marketing. Two of their notable investments were in Timely in 2016 and Inzpire.me in 2017. Both of these funding rounds netted the companies in question $1 Million in funding.

Inzpire.me is a marketing startup from Norway that seeks to connect different brands with appropriate social media influencers who can collaborate with them. Timely is a time tracking app, geared towards freelancers, which allows them to automatically track the amount of time they take on a task, this allows them to accurately charge by the hour and to manage their time more effectively.

01 Ventures

01 Ventures are a British venture capital firm, based in the country’s capital, London. They specialize in providing early-stage investment for deep technology companies. The investment team for 01 Ventures are all specialists in their own area of technology, in their own right, which helps to guide their decisions when making investments.

01 Ventures predominantly invest into European startups, however, they have also invested in companies in the United States and China.

(READ MORE: From Zero to Hero: Peter Thiel’s 3 Rules for Entrepreneurial Success)

01 Ventures were founded in 2015 by a group of investors namely, Chris Haley, Correy Voo, Eeswaran Navaratnam and Ton van’t Noordende. The average size of one of the firm’s seed funding rounds stands at $1.875 Million.

As it stands, the firm has currently invested in the seed rounds of two different companies. Firstly, they invested in Bibblio on the 3rd of July 2017 and then they invested in Teralytic on the 8th of August 2017. The level of funding received by Bibblio stood at $1.5 Million and for Teralytic the investment stood at $2.25 Million.

Teralytic is a New York-based agriculture technology firm that seeks to help farmers lower their costs and increase their crop yield by making use of machine learning, advanced sensor technology and soil analysis. Bibblio is a London-based company that provides a set of tools to publishers and content creation companies, helping them to make their content more relevant and engaging to their target audiences.

Inventure

Inventure is a Finnish firm that offers early-stage funding to startups that can show they are either innovative or are working in high-tech sectors. The venture capital firm was founded in 2005 by Sami Lampinen and Timo Tirkkonen.

Inventure market themselves as the “Nordic technology fund” with the main bulk of their investment focused on countries in Europe, with some of their operations taking place in China. The average size of one of their recent seed funding operations stands at around $900,000.

Inventure has invested in a number of seed rounds in the past, with recent, notable examples of their investments coming in the form of their involvement with Thirdpresence on the 21st of February 2018 and their leading investment into OME Health on the 4th of June 2018.

Thirdpresence is a company based in Helsinki that provides video advertising services, powered by artificial intelligence, which helps to allow companies to engage with their audiences on a larger scale. OME Health is a London-based company that offers preventative health coaching and analytics to its customers. Inventure sunk $1.3 Million into the venture.

Superhero Capital

Superhero Capital is a Finnish venture capital firm that specializes in investing in business at the early stages. They predominantly involve themselves in Business to Business software startups, with emphasis on the e-commerce, fintech, healthcare and industrial technology sectors.

Superhero Capital was founded on the 6th of June 2015 by a group of entrepreneurs, including Jakob Storå, Juha Ruohonen, Jussi Harvela, and Moaffak Ahmed. The company primarily keeps its investments focused in their native Finland. In the last two years, their average investment into other company’s seed rounds totalled around $1.2 Million.

(READ MORE: 7 Leadership Lessons from Scandinavia)

Some examples of their more recent, notable investments can be found in their leading investment into Valohai on the 27th of March 2018 and their leading investment into Codescoop on the 1st of June, 2018.

Valohai is a Finnish startup that provides a system that can provide training and infrastructure for businesses that are looking to develop their own machine learning platforms. Codescoop is a Finnish business with Spanish origins that are seeking to solve the problem of cumbersome software stacks by providing open source software management and quality tracking services to their clients.

Seedcamp

Seedcamp is a European seed fund that is currently based in London, England. They are an established firm with experience of investing in early-stage technology firms that are looking to crack into the global market. Their primary sectors and involvements are in financial technology, artificial intelligence and software.

Seedcamp was founded on the 1st of May, 2007 by both Saul Klein and Reshma Sohoni. The fund primarily centers their investments around companies in the European Union, however, they also have a notable presence in North America. The average seed funding raised for their more recent investments since November 2018 stands at $2.025 Million.

In recent times, they have made a number of notable investments. Some examples of these are their $4 Million seed investment into Ezra on the 15th of November, 2018 and their $1.6 Million investment into Gameye on the 23rd of January, 2019.

Ezra is an American health startup, based in New York that is seeking to revolutionize early cancer detection by utilizing artificial intelligence and high-tech medical imaging systems. Gameye is a Dutch gaming startup that is offering custom built server architecture for multiplayer, online video games.

Mercia Fund Managers

Mercia Fund Managers is a British venture capital firm, based in Birmingham in the West Midlands region of England. They primarily decide to invest in early-stage technology companies in the West Midlands, however, they also invest in other businesses around the UK. Startups hoping to receive investment must show Mercia that they can grow rapidly and that they are in a strong position with their concept regarding intellectual property, their technology and their products.

The main sectors explored by Mercia are bio-science, software, engineering and digital entertainment.

The firm was founded in 2010 by Mark Payton and Tim Hazell. On average, their investments into early-stage businesses total between £50,000 and £250,000 for seed funding rounds. In later rounds, they have guidelines which urge them to only invest up to £1 Million in each portfolio company.

In the last year, they have made an investment into a number of companies with notable goals. For instance, on the 3rd of October 2018, they launched a leading investment into Aceleron and then, on the 21st of November, 2018 they also invested in Technically Compaitable.

Aceleron is a British-based company that develop lithium-ion batteries, with an emphasis on trying to help the world move over to more renewable sources of energy by using sustainable batteries. Technically Compaitable is a company that offers software which can be used by recruiters for the IT sector to create tailored tests for their candidates to find the best person for the role they are recruiting for.

Speedinvest

Speedinvest is an Austria-based venture capital firm that is headquartered in Vienna. They invest in early-stage startups, with an emphasis on technology companies. Their main area of operation is centred around business in the European Union, however, they also have a strong global presence which includes operations in Silicon Valley.

The main areas of investment carried out by Speedinvest involves fintech. deep tech, industrial tech, consumer tech and network effects.

The firm was founded on the 1st of June, 2011 by a group of entrepreneurs which includes Daniel Keiper-Knorr, Erik Bovee, Michael Schuster, Oliver Holle, and Werner Zahnt. With regards to their level of funding for seed stage startups, they offer investment of up to 1 Million Euros.

Speedinvest has involved themselves in a number of high-profile investments. On the 22nd of January, they launched their leading investment into fintech startup, TaxScouts during the company’s seed round. Furthermore, on the 15th of November, 2018 they launched a leading investment in the seed funding round for Admix.in.

TaxScouts, as previously mentioned is a fintech startup based in the UK. The company mission is to assist accountants and UK taxpayers with preparing their tax online, in the wake of the UK government’s aim to make tax digital in the country. Admix.in is an industry first startup that allows developers of both augmented reality and virtual reality to specifically programme adverts into their content. They aim to make these adverts as seamless in the user experience as possible.

Originally published at startupstash.com on February 14, 2019.


Top European VCs for Seed Funding | Startup Stash was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.

Craig Wright Claims to Be Satoshi in Critical Response to CFTC on Ethereum 0

Craig Wright Claims to Be Satoshi in Critical Response to CFTC on Ethereum

In a response to the CFTC, nChain chief scientist Craig Wright has criticized ethereum and restated his claim to be Satoshi Nakamoto.

The Surprising Dictatorial Inclinations of Public Blockchain Developers 0

The Surprising Dictatorial Inclinations of Public Blockchain Developers

Democracy is two wolves and a lamb voting what to have for dinner, Adam Back, Blockstream’s President, said back in 2016. Raising the question: if public blockchains are not democratic,…

The post The Surprising Dictatorial Inclinations of Public Blockchain Developers appeared first on Trustnodes.

Bullish Sentiment for Bitcoin As Long Bets Near 11-Month Highs 0

Bullish Sentiment for Bitcoin As Long Bets Near 11-Month Highs

Bullish bets on bitcoin, the world’s largest cryptocurrency by value, reached 11-month highs on Monday.

Regulators Explain Why Bitcoin Futures Are Easier to Approve Than Bitcoin ETFs 0

Regulators Explain Why Bitcoin Futures Are Easier to Approve Than Bitcoin ETFs

Commissioners of the U.S. Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) have come together to discuss their regulatory approaches to bitcoin futures contracts and bitcoin exchange-traded funds (ETFs). The two regulators are also open to collaborating on their oversight of crypto investment products.

Also read: Indian Supreme Court Moves Crypto Hearing, Community Calls for Positive Regulations

CFTC Regulating Bitcoin Futures

At a Bipartisan Policy Center event entitled “The Year Ahead for Capital Markets” last week, SEC Commissioner Hester Peirce and CFTC Commissioner Brian Quintenz discussed their agencies’ approaches to regulating crypto investment products.

Explaining his agency’s oversight of bitcoin futures contracts listed by Cboe Futures Exchange and CME Group, Quintenz stated:

We have a process in the Commodity Exchange Act that allows the exchanges to self-certify a contract if they believe it meets the requirements of the Act.

He elaborated that the CFTC has a “review period in which we can say no we disagree with you and here’s why, but if we don’t disagree, [then] they have the opportunity to go ahead and self-certify that contract.” He noted that both of the above “exchanges pursue that self-certification [route] so these contracts get listed without our approval but also without our disapproval.”

The commissioner also revealed, “Our jurisdiction over those contracts requires that they not be readily susceptible to manipulation … in any capacity,” adding that there is also the “question of how easily can we discover it and usually it’s very easily.”

SEC Reluctant to Approve Bitcoin ETF

SEC Commissioner Peirce, sometimes known as “crypto mom” within the Bitcoin community, said that “At the SEC we’ve been unwilling to … sign off on a bitcoin ETF, an exchange-traded product based on bitcoin,” voicing:

My concern about our approach in that area is it looks a little bit like a merit-based approach judging the underlying bitcoin markets.

Contradicting her agency’s view that bitcoin markets are not regulated enough, Peirce argued that “there are lots of markets that aren’t regulated but we nevertheless build products on top of them.” She concluded, “I think we have to be very careful with that kind of reasoning.”

Her statement echoes a similar one she made in August last year when she explained that the SEC “looked through to the underlying asset [bitcoin] … and raised some concerns about the market for that underlying product.” Crypto mom believes that “by doing that they went beyond what the statute allows us to do and we should have really focused on the market where the exchange-traded product would trade as opposed to focusing on the underlying bitcoin markets.”

Commodities vs. Securities

Quintenz proceeded to describe significant differences between securities and commodities, stating:

We only have fraud and enforcement jurisdiction over the commodity space. Our oversight jurisdiction is over the commodity derivatives space, so the trading of commodities themselves like things like Ebay we don’t have any type of oversight over that.

He emphasized that having no oversight is “not necessarily a bad thing” if trading platforms “can implement a free-market approach” to solve problems such as market manipulation. “Because of our lack of statutory oversight capability, I’ve suggested that these platforms come together to form some type of self-regulatory structure where they can discuss, agree to, implement, and hopefully examine or audit themselves.”

In addition, he clarified that these platforms can set standards themselves “however they view is appropriate … from conflicts of interest, business conduct, insider trading, redemptions, custody, liquidity…”

SEC and CFTC Open to Collaborating

Peirce was also asked whether she thought that “the SEC and other regulators generally take a too-restrictive approach to cryptocurrencies” and whether “regulation in this area [is] burdensome.” She replied that restrictive may not be the word she would use, but rather it is “too confusing.” She proceeded to say that this is “an area where I think Brian and I are interested in working together,” elaborating:

There [are] questions about where your jurisdiction ends and ours begins and again we don’t want to have overlap there so you know my main concern has been that I think we need to do a better job providing guidance.

What do you think of the differences between how the CFTC and SEC approach bitcoin investment products? Let us know in the comments section below.


Images courtesy of Shutterstock.


Need to calculate your bitcoin holdings? Check our tools section.

The post Regulators Explain Why Bitcoin Futures Are Easier to Approve Than Bitcoin ETFs appeared first on Bitcoin News.