The market for security platforms seems to be getting crowder every weeks. In a market with only a handful of actively traded security , we already have over 50 platforms that are promising to be the future of crypto-securities. On paper, most of those platforms look incredibly similar which contributes to the noise in the market. To differentiate signal from noise, security platforms must evolve their technical capabilities in order to support more sophisticated offerings. And we don’t need to start from scratch; the ecosystem offers a rich set of protocols that can easily improve the feature-set of the next generation security platforms. Today, I would like to explore some key protocols that I believe are incredibly well suited for building some of the key blocks of the security infrastructure.
The goal of this article is not to focus on super futuristic capabilities but rather in features that are already present in the current generation of use cases and in protocols that have achieved meaningful level of traction and maturity.
Until now, security platforms have focused on solving two fundamental problems: compliance and post-issuance management. While these capabilities are incredibly important, there are far from being sufficient to enable sophisticated security offerings(STOs). New STOs are already demanding new infrastructure capabilities which are missing from the current ecosystem of security platforms.
The Biggest Competitor of Security Token Platforms
The current state of the crypto-securities markets presents a strange dynamic in which security platforms are not really competing against themselves but against custom issuances by, let’s say, more sophisticated vendors. Recently, we’ve seen the announcements of the ’s and both of which are likely to be built in-house instead of relying on an existing platform. You can certainly make the case that those are isolated examples but I believe they are a manifestation of a familiar dynamic in early stage app-driven technology markets.
Technology markets can be classified in two main groups: infrastructure-driven and app-driven. In infrastructure-driven markets(ex: software-defined networking, quantum computing…), the evolution of the space is fundamentally dictated by breakthroughs in the infrastructure layer. On the other hand, app-driven markets(mobile apps, web….) evolve based not only on infrastructure breakthroughs but on the evolution of domain-specific use-cases. When the infrastructure to support those use cases doesn’t evolve fast enough, it creates an incentive for some parts of the market to deliver custom-built solutions that address use-cases that are not enabled by the more mainstream platforms. In a and competitive app-driven technology market, the value proposition of the platforms should eventually catch up and surpass the early stage custom-built platforms but that path is not always clear in the early days.
Another interesting dynamic of app-driven technology markets is that, in most cases, applications tend to drive infrastructure improvements (I make the caveat of in most cases because that dynamic is extremely complicated)
In the context of security , the infrastructure provided by the current generation of platforms remains relatively basic and you can try to boil the ocean with exoteric use cases that have no correlation with real world scenarios. However, in the current state of the crypto-securities market, we are already seeing some major challenges that can translate into immediate capabilities in the next wave of security platforms. Here are some of my favorites:
· Privacy: The current model for security in the lacks the access control and privacy levels required by some security offerings.
· Identity: Security desperately need interoperable and more robust ways to represent identity for investors and issuers.
· Data Access: Querying and accessing runtime data about crypto-securities is essential for reporting and compliance requirements.
· Disclosures: Ability to publish and access material information relevant to a security is key to bring fairness to the security market.
· On-Chain Legal Agreements: Enforcing security agreements on-chain.
Five Protocols that can Help Improve Security Token Platforms in the Short Term
In order to avoid confusion, I’d listed a single protocol per capability. That doesn’t mean that those are the only protocols addressing that specific challenge but rather that they are some of the easiest one to adapt into security platforms.
Identity
The notion of identity in security platforms needs to evolve from a simple output of a know-your-customer(KYC) checkpoint to protocols that enable robust authentication and access control policies. identity is an emerging area of research within the community but already there are some interesting protocols that can be easily adapted into security platforms:
· : uPort has been steadily building a series of protocols and solutions for managing identities in decentralized applications. The current stack is compatible with smart contracts and can be leveraged in permissioned applications
Privacy
Security are subjected to diverse privacy requirements based on regulatory constraints. To some extent, privacy can be considered one of the main roadblocks for the mainstream of security . In the current ecosystem, there are protocols that are addressing this challenge:
· Aztec enables a zero-knowledge privacy model for transactions. Aztec combines techniques such as homomorphic encryption and range proofs to enable computations on top of encrypted transactions.
Data Access
Accessing data generated by security is essential to enable reporting and compliance capabilities for specific industries. However, querying smart contract data remains one of the greatest challenges in the ecosystem. Here are some protocols that might help:
· : The Graph provides a model to query smart contract information using GraphQL. This capability allows any third party application to programmatically interact with the data generated by smart contracts without having to build any specific artifacts.
Oracles
Security require off-chain data in order to ensure their correct behavior as well as fair trade interactions. Oracles is the component of platforms that bridges on-chain and off-chain data sources. There are several protocols focused on enabling the implementation of Oracles in the :
· : The Rhombus protocol provides one of the friendliest and most flexible programming models for the implementation of Oracles. Rhombus enables the execution of Oracles on scheduled or on-demand basics.
On-Chain Legal Contracts
Enforcing the premises of a security contract off-chain remains one of the biggest challenges in the space. The off-chain, on-chain dichotomy remains one of the bigeest roadblocks for the mainstream of security . There are some interesting efforts within the community to address this challenge:
· : The OpenLaw protocol provides a foundation for building legally enforceable smart contracts using a flexible programmable model. Many of the building blocks of OpenLaw are immediately applicable to security .
Those are some of the main protocols I think can bring immediate value to security platforms. The capabilities provided by these protocols can address some of the main challenges in the current generation of security platforms and improve their value proposition to support more sophisticated offerings.
Published at Tue, 23 Apr 2019 14:08:14 +0000
(@JulianAssange) 
