ICO craze birthed 1,000 millionaires but cryptoasset code often failed to include promised investor protections
The computer code of the majority of the top-raising initial coin offering (ICO) token sales failed to deliver on whitepaper promises to protect investors.
That’s the finding of two academics, David Hoffman, a law professor at the University of Pennsylvania and David Wishnick a fellow at the same institution, who together conducted a survey of the 50 ICOs that raised the most amount in the 2017 fundraising frenzy.
According to the pair “ICOs birthed a thousand millionaires” before the bubble burst.
The crypto code is not law – token sale contractual promises not coded
Hoffman says the central innovation of ICOs rested on the “possibility
of using computer code to deliver on contractual promises.
The researchers compared the promises in the whitepaper to
the actual computer code of the project to see to what extent promises had been
Professor Hoffman found that the majority of projects failed
to deliver on promised investor protection.
Things as fundamental as token supply were not coded into
20% of the cryptoasset surveyed which means that there was no protection
against an ICO promoter simply minting more coins, thereby diluting the value
of the tokens held by ICO investors.
Protection against team exits not in code of ICO smart contracts
Another key consideration for any investor doing their due diligence
was the team lock-in to prevent them selling up and leaving investors high and
Alarmingly, the University of Pennsylvania survey discovered
that 25 of the 36 projects with explicit restrictions on team divestment had
not included the parameter in their code.
Even worse, the academics found 12 cryptoassets that allowed
a centralised entity to modify smart contract code, flying in the face of what is
meant to be the essence of blockchain architecture where no trusted third party
of centralised gatekeeper is present.
Of those 12 offending projects just four of them shared this
information with investors.
Additionally, Hoffman says he “found no evidence that investors punished firms for failing to put investor protections into code”.
He said crypto rating agencies focused on the security risks around smart contracts but neglected to consider whether the code conformed with the promised investor protections.
With such lax practices in the industry, the individual private investor is burdened with having to audit the code themselves, an onerous task, if not impossible, for the average individual.
The solution proposed by Hoffman is for projects to be required to match promises in the whitepaper with deployed code, or to force cryptoasset promoters to provide plain English walkthroughs of what the code does.
As is so often the case in the crypto industry, the crypto
projects can be their own worst enemy.
“Such market integrity measures won’t just protect investors, they will also build trust in the asset class itself and enable it to move from a curiosity to something of real economic worth,” Hoffman concludes in an article published in the print edition of the Financial Times.
Did you invest in an ICO? Do you know whether the project smart contract had investor protection hard-coded in? Share your experiences in the comments below and help to inform other investors.