Dr. Emin Gün Sirer testifies before the US House of Representatives Financial Services Committee

The Owl
By and The Owl
Dr. Emin Gün Sirer testifies before the US House of Representatives Financial Services Committee

Dr Emin Gun Sirer, Founder & CEO of Ava Labs, testified on 13 June 2023 before the US House of Representatives, House Financial Services Committee on Fostering responsible growth of blockchain technology.

Watch his 5 minute introductory speech below.

Ahead of his appearance, the Committee published his written testimony which can be read in full below or here

Fostering Responsible Growth Of Blockchain Technology

Testimony of Dr. Emin Gün Sirer Founder & CEO, Ava Labs, Inc.

Before the United States House of Representatives, House Financial Services Committee

Chairman McHenry, Ranking Member Waters, and Members of the Committee.

It is an honor to be here with you today. I thank you for the opportunity to appear before you as a computer scientist to discuss blockchain technology, its innovative uses, why it is impactful to the economy, and how to understand the use cases that blockchain will support. With an understanding of these key concepts, it is possible to develop sensible regulatory frameworks and ensure the technology will thrive in the United States.

There have been several testimonies before this Committee regarding blockchain, but they have been primarily provided by lawyers and business people. To that end, I hope this testimony will provide a helpful overview of blockchain and tokenization from a technology and computer science perspective. I will focus on blockchain’s ability to transform society by making digital services more efficient, reliable and accessible to all.

The collective goal is that the United States should seek to enable the free, safe, and responsible proliferation of blockchain technologies and their many applications so that, as a country, the United States and its citizens can benefit greatly from the economic growth that blockchain technologies will enable.

My Background

I am the founder and CEO of Ava Labs, a software company founded in 2018 that is headquartered in Brooklyn, New York, whose mission is to digitize the world’s assets. Ava Labs is a software company that builds and helps implement technologies on the Avalanche public blockchain and other blockchain ecosystems. We have developed some of the most significant recent technological innovations in blockchain, including the biggest breakthrough in consensus protocols following Bitcoin. Before founding Ava Labs, I was a professor of computer science at Cornell for almost 20 years, advancing the science of blockchains with a focus on improving their scalability, performance, and security. During that time, I consulted with various U.S. government agencies and departments on a range of topics. I have made fundamental contributions to several areas of computer science, including distributed systems, operating systems, and networking, with dozens of peer-reviewed articles (among other things, I am one of the most cited authors in the blockchain space after Satoshi Nakamoto). I hold a National Science Foundation CAREER award and previously served on the DARPA ISAT Committee. I serve as a member of the Commodity Futures Trading Commission’s Technology Advisory Committee. But I am perhaps most proud of having helped write a parody of the blockchain space with John Oliver.

The Big Picture

We are living through a period of unprecedented technological progress and transformation. The computer revolution set this trend in motion, initially with mainframes and later with personal computers. However, these early systems were limited by their "stand-alone architecture," capable only of processing local data and executing local computations. Although they made existing tasks more efficient, they failed to create a multiplier effect due to their lack of network connectivity. 

The emergence of the internet and, subsequently, world wide web marked a pivotal shift from isolated, local computing to global-scale computing. Architecturally, we transitioned from standalone computers to a "client-server architecture," which enabled us to connect to remote services operated by others to leverage their programs and capabilities. This new paradigm gave rise to digital services that catered to the entire world, created millions of jobs, and solidified the U.S.'s position as a global economic leader.

Blockchains represent the next phase in the evolution of networked computer systems. Whereas the client-server systems that power the web today rely on point-to-point technologies to connect clients to servers, blockchains facilitate many-to-many communication over a shared ledger. This allows multiple computers to collaborate, achieve consensus, and act in unison. Blockchain technologies allow us to build shared services in the network. In turn, this enables the development of unique, secure digital assets, more efficient financial services systems, tamper-proof supply chain tracking, digital identity solutions, and transparent voting systems, among many other innovative applications. By harnessing the power of blockchain technology and the digital uniqueness it allows us to create, we can redefine trust, ownership, commerce, recreation, and communications, ultimately transforming how we interact with digital systems and each other.

The implications of this breakthrough are far-reaching. Blockchain technology allows us to create systems that reduce costs, increase efficiencies, and gain more control over our digital lives and the virtual world. Additionally, we can establish new kinds of 2 marketplaces, novel digital goods, and services that empower individuals and communities to foster economic growth and social impact.

The advancements from blockchain technology will result in leaps forward, just like the internet itself, because they will improve the internet itself. This technology creates a new kind of public good, namely, a shared ledger that can be purposed for a wide range of applications. As we enter the era of customizable blockchains and smart contracts, the fine-tuning of this software will further enhance and improve what the technology delivers today while empowering compliance with relevant regulations.

Blockchains and Smart Contracts: Impact Across Applications

Blockchains solve a long-standing challenge in computer science: enabling a diverse set of computers worldwide to reach consensus (agreement) on a piece of data and the larger dataset to which it belongs. While it may appear obscure at first glance, this is a crucial building block for solving complex problems that traditional internet systems struggle to address, such as creating digitally unique assets, tracking their ownership, and safely executing business and other processes. In doing so, this technology does not have to rely on humans or intermediaries for its security properties; in fact, it typically provides strong integrity guarantees even in the presence of (partial) system failures.

Let me be clear: this ability to leverage distributed or decentralized networks is a desirable goal for many reasons that have nothing to do with securities laws, financial services regulation, or the laws and rules governing other areas of commerce, recreation, and communications. Distributed networks are more resilient, secure, auditable, and available for builders. Blockchain builders did not set out to develop the technology to evade laws and rules. We set out to solve computer science problems.

The potential applications for blockchain technology are vast and varied in contrast to the client-server model where many functions are expensive or impossible. Below, I will discuss just some of the key applications and innovations blockchains enable.

Blockchains are evolving rapidly

Blockchain technology has evolved rapidly in the 14 years since Satoshi Nakamoto introduced Bitcoin to the world. The Bitcoin blockchain pioneered a consensus mechanism – the way that the data is agreed upon by participating computers – popularly and inaccurately known as "proof-of-work." Bitcoin has demonstrated to the world that public, permissionless blockchains are possible. The topic of consensus was known in computer science literature as "byzantine fault tolerance" and research into creating such systems had been funded by the National Science Foundation and DARPA, and involved hundreds of academics, myself included, for multiple decades. Bitcoin solved the problem and proved to the world that this technology could create and maintain a digital asset, as well as establish and transfer ownership over it. Bitcoin has remained up and accessible, even as it weathered numerous attacks throughout its 14 years, without a central authority or controller maintaining its health. In contrast, even the best client-server services built by Microsoft, Google, Amazon, and Facebook have experienced numerous outages during the same timeframe.

Computer scientists did not stop there. Subsequent blockchain technologies have expanded this core functionality. Most notably, Ethereum introduced the concept of smart contracts, self-executing programs encoded on blockchains. Smart contracts can facilitate all manner of applications, including currently popular ones like peer-to-peer lending, social networks, digital collectibles such as NFTs and gaming skins, and the tokenization of real-world (traditional) assets on a single chain governed by a uniform set of rules.

The latest breakthrough in blockchain architecture is known as multichain blockchains. In these systems, developers can create chains with custom rule sets, execution environments, and governance regimes tailored to their needs. Not only does this level of customization unlock use cases previously not possible on blockchains with single rule sets, but it also isolates traffic and data into environments purpose-built for a task or application. Examples of these systems include Avalanche and Cosmos, which enable the creation of specialized blockchains, sometimes referred to as subnets or app-chains, that can be compliant by design.

For instance, SK Planet, a company in South Korea, recently created a specialized blockchain on Avalanche that onboarded more than 58,000 fully identified customers in its first few days. Additionally, Ava Labs is working with Wall Street firms to create a specialized institutional blockchain. With a multichain architecture, operators have complete control over who can access the chain, who secures it, what token, if any, is used for transaction fees, and more.

There is a general trend here. Blockchain technology is evolving rapidly and naturally progressing towards making itself more flexible and secure. In other words, it has been through code that many challenging issues have already been addressed.

The lesson from these developments is clear: Policymakers should enunciate clear objectives based on the particular implementation of the technology (that is, the activity it is used for), while leaving the mechanisms of achieving those objectives up to experts to determine. Because we can customize blockchain implementations, it is easier than ever to regulate the implementation rather than the technology, and achieve neutrality of regulation.

Regulation in The Token World

Blockchains are technologies that allow us to build resilient and fault-tolerant applications. They are, in effect, openly programmable platforms that their users can interact with as if they are a public commons. This powerful construct naturally gives rise to many different kinds of applications and, consequently, tokenization, the creation of digital representations of bundles of rights, assets, and other things.

All tokens are not equivalent in their implementation or function – they must be treated differently according to their essential nature. Tokens cannot simply be lumped together under a single set of regulations because they vary so widely in function and features. A good analogy is paper; we regulate the bundle of rights, assets, or things created by the words, numbers and pictures on the page.

Types of tokens include but are not limited to:

  • A real-world asset: A token can be the direct or indirect representation of a traditional asset. For example, one could tokenize land ownership such that each token corresponds to a uniquely identifiable piece of land. In many cases, real-world assets are already regulated, and their digitization into a blockchain format should not necessitate wholesale new regulation.

  • A virtual item: A token can represent a piece of digital art, a collectible, a gaming skin, and more. These can be varied in function and form as well. They can range from simple non-programmable pictures, a common use of NFTs, to complex assets, some used in games, that can encode all sorts of functions and features of the asset directly inside the asset itself.

  • Pay-for-use: Public blockchains constitute shared computing resources that must be allocated efficiently. A token is the perfect mechanism to meter resource consumption and prioritize important activities. Such tokens are sometimes known as "gas tokens." For example, BTC is the gas token of the Bitcoin blockchain, ETH for Ethereum, AVAX for Avalanche, and so on. Without gas or transaction costs, a single user or small group of users could potentially overwhelm the blockchain, similar to a denial of service attack, making the blockchain unusable.

The list above covers expansive categories...

But remains just a snapshot of what is happening and what is possible. I encourage you to review our Owl Explains educational initiative for more information. As a matter of first principles, the determination of the regulatory regime must start and end with the functionality and features of the token, not the technology used to create it. At Ava Labs, we call this sensible token classification.

Let me be clear again: Tokenization was not created to evade laws. It is the natural product of blockchain technology and an improvement that blockchains offer over traditional systems, just like computer databases were an improvement over paper filing cabinets.

In addition to sensible token classification, regulations that pertain to tokens must be devised in a manner that can be enforced at a layer that has access to the necessary information for enforcement. In the same way that we do not expect internet routers to check the verity of content sent on social media applications, we cannot impose a regulatory burden on technology layers that are unaware of the content or operations carried out on-chain. The platforms already provide features, such as lockups and transfer restrictions, that can assist in coding these limitations.

Enhancing Market Efficiency, Transparency, and Oversight

Blockchains and smart contracts can be the foundation of a more transparent and efficient financial system that enables all participants to share a level playing field. This includes regulators, who can have greater visibility than ever before into the actions and activities of all market participants. Privacy remains an important component of any system. Developing these new ways of providing and regulating financial services should incorporate personal privacy. These improvements can only come with the support and collaboration of regulators and policymakers by providing sensible laws and regulations that allow for the responsible growth of the technologies.

How has this played out in the wild? A perfect example is the trustworthiness of exchanges.

Last year saw the failure of several crypto-asset exchanges, most notably FTX. Make no mistake: these failures were not failures of blockchain technology. They were failures of traditional custodians who were supposed to secure user deposits. Not a single major decentralized exchange was affected by a similar failure. Blockchain technology is purpose-built to eliminate this reliance on centralized intermediaries, who can jeopardize user funds, market integrity, and other desired features of a well-functioning system.

In addition to on-chain custody and transacting, a more recent breakthrough known as enclaves enables new marketplaces where code severely constrains what even the owner and operator of the marketplace can do. This innovation can rule out unwanted behaviors like front-running, stop-loss hunting, and breaches of privacy that challenge market integrity. Ava Labs’s own Enclave Markets is at the forefront of this innovation, which we call fully encrypted exchanges.

Another example that points up the benefits of engaging in activities on-chain as opposed to with centralized parties comes in the lending context. Last year saw major failures of lenders and borrowers who conducted their activities off-chain, while the major on-chain lending platforms weathered the stormy markets mostly unscathed. These protocols adeptly navigated liquidations and collateral calls in rapidly falling markets, due to their reliance on over-collateralization and automated systems. While there is no panacea, the evidence so far points to the success of decentralized networks in managing stress conditions much better than centralized counterparties. These results are in line with what blockchain design predicts.

Stablecoins as the Digital Gateway for the U.S. Dollar

Stablecoins, which are predominantly denominated in United States Dollars, are expanding globally because they are a superior way of holding dollars. Stablecoins not only enhance the user experience—by increasing the velocity of capital and reducing the cost of transferring it—but also cater to a growing demand for stablecoin dollars among those facing economic uncertainty and hyperinflation in their local economies.

By transforming the dollar's capacity to retain value into an accessible product outside the U.S., stablecoins help individuals protect their life savings from fluctuations in the value of their local currencies and from being stolen by criminals and other rogue actors.

This potential can be realized with appropriate regulation, which allows for the responsible growth of stablecoins through new technologies and configurations.

Blockchains Can Accelerate Recoveries from Climate Disasters with Insurance

Consider the emerging property insurance crisis catalyzed by more frequent and extreme climate events. State Farm, the largest property insurer in California, announced it will no longer provide insurance due to the risk of wildfires. Insurers in Texas, Florida, Colorado, and Louisiana have felt the same pressure to stop provisioning insurance, increase rates, or find backstops for insolvency.

Who will communities in these states, and in the U.S. as a whole, rely on to insure their homes and economic futures? If the industry consolidates as bankruptcies hit smaller regional insurers, how will that risk be managed?

Using smart contracts and the Avalanche network, Lemonade Foundation is now providing insurance to more than 7,000 farmers who previously only had access to products with unaffordable premiums or delays in payout that had lasting, multi-season impacts. These premiums were not economically feasible for the organization due to the manually-intensive processes now condensed into a single smart contract. As another example, in 2019, the U.S. government completed the accounting for Hurricane Katrina disbursements, a full 14 years after its catastrophic impact in 2005. The delays stemmed partly from the difficulty of achieving agreement among the many stakeholders participating in this process.

In 2012, Superstorm Sandy damaged almost half a million homes and incurred roughly $50B in damages. The same gaps in insurance payouts stifled urgent recovery efforts across the East Coast. Families who had paid their premiums for years were given pennies on the dollar to rebuild their lives. By the time their lawsuits led to action and more financial payouts, the damage had been done, and scars set on these communities. Blockchain-based distributed ledgers can significantly streamline such processes, and our company is collaborating with Deloitte under a FEMA contract to develop and implement this technology.

Supply Chain and Fighting Counterfeiting

Global supply chains are facing challenges relating to the expedited demand for goods and pandemic-driven strains, including our most security-critical infrastructure. When supply chain problems hit, they can be especially problematic, and when there is fraud, the problems are exacerbated. Blockchains and smart contracts can help secure and validate supply chains for various global sectors.

Blockchains can perform supply-chain management to provide a reliable and transparent record of a product's origin and authenticity. The Tracr platform from De Beers has shown how to accomplish this for diamonds, while other deployments have addressed fields ranging from luxury goods to concert tickets. Blockchains can be vital tools to fight the counterfeiting of medical supplies, pharmaceuticals, food products, and consumer technologies that directly affect our communities and your constituents.

Upcoming Technological Improvements

While there have been highly-publicized exploits of smart contracts, the space has significantly matured since its early days, and new technologies stand poised to improve the safety of on-chain assets and applications.

The potential risks relating to smart contract-based systems have centered around flaws in implementation, such as poor coding and negligence in following best practices, rather than fundamental issues inherent to smart contracts or blockchain technology. Just as the internet software stacks were weak in the 1990s, smart contract programming tools are in their infancy.

The space has rapidly evolved to use code audits and other techniques to certify that smart contracts uphold safety standards, giving rise to a burgeoning field of software threat analysis, certification, and verification services. In addition, we are seeing the emergence of automated tools for program verification and model checking to help find bugs that human eyes cannot easily locate. These techniques operate even before programs are deployed to root out bugs before they can affect anyone.

Finally, there are new mechanisms, such as run-time integrity checks, smart contract escape hatches, and automated limits on money flows that operate in real-time to help contain the effects of any unintended errors that might pass through to production. Systems that have employed best practices, such as lending platforms and well-designed bridges, such as the ones Ava Labs has built, have seen billions of dollars pass through their contracts without compromise.

Given my background in academia and research, I am confident that the space will develop even stronger techniques for ensuring the correctness of smart contract software. One of the spillover effects of this activity will be better integrity and safety for all software, including software not related to blockchains.

Technological Competitiveness and Risk of Inaction

As we stand at the precipice of this new era, it is imperative that we nurture and support the development of this revolutionary technology. By doing so, we can unlock its full potential and ensure that the United States remains at the forefront of innovation, propelling the next generation of internet technologies and ushering in great economic growth.

Responsible actors in the blockchain space want sensible laws and regulations that incentivize growth and good behavior, punish bad actors, and elevate the users of blockchain networks. The community stands ready to provide guidance to policymakers to achieve those aims. However, without sensible frameworks and collaboration, there is a clear path to losing technological leadership to other countries.

The United States won the first wave of the internet revolution precisely because it enabled responsible freedom to innovate. The United States must follow the same path of enabling free but responsible growth of blockchain technology while carefully and intelligently classifying and regulating blockchain applications and tokens. Otherwise, there are two critical paths of failure for any regulatory framework.

First, the blockchain platforms themselves become regulated at the protocol layer. This would be the equivalent of regulating internet protocols, which would have doomed information technology and the vibrant internet we have today. Second, the tokens and smart contracts created with blockchains are lumped into homogenous and incompatible categories. This would be the equivalent of regulating a social media application like we regulate a consumer health care application. Instead, tokens and smart contracts must be analyzed case-by-case and regulated carefully based on their function and features.

As we move towards a more digitally-native world, aided by AI, virtual reality, and a work-from-home society, we will have to rely increasingly on digitally-native transfer and programmability of value. Blockchains are the clear technological answer to these needs and are definitively synergistic with the global economy. The addressable market for digitizing the world's assets and transferring value safely across the internet is greater than the sum of all the value of all existing assets. Failure to see the power of blockchain technology – whether due to a lack of understanding or misplaced fears of the technology – will have disastrous consequences. Failure to rapidly provide sensible regulatory frameworks will not only undermine economic growth but also make it easier for bad actors to conduct illicit activities.

Finally, it is essential to remember that just as there are good people committed to public service, there are also good people committed to building technologies to improve lives. By working together, we can lay the foundation for trustworthy, efficient, and self-enforcing systems that serve as the foundation for our modern economy.

Articles

sand-
2026-04-15

The SEC Confirms: The Nature of the Activity Matters

How the SEC’s User Interface Guidance Aligns with APC’s Framework Recent guidance from the SEC’s Division of Trading and Markets on broker-dealer registration for user interfaces (the “Staff Statement”) marks an important step toward bringing clarity to digital asset regulation. While the statement focuses specifically on user interfaces interacting with crypto asset securities, its broader significance lies in the analytical framework it adopts. That framework closely aligns with the Avalanche Policy Coalition’s (APC) long-standing position: Regulation should turn on the nature of the activity, not the technology used to perform it. In our May 2025 submission to the SEC Crypto Task Force, we articulated this concept as the “nature of the activity test.” The Staff Statement demonstrates that this approach is increasingly reflected in regulatory practice. The Core Question: When Does a Tool Become an Intermediary? The SEC’s statement addresses a central issue in modern market structure: When does a software interface that enables transactions become a broker-dealer? Rather than creating a new category for “crypto interfaces” or focusing on the use of blockchain technology, the Staff applies a familiar inquiry rooted in existing law. The analysis turns on whether the provider is engaging in traditional intermediary activities, such as: Soliciting transactions Recommending securities Exercising discretion Receiving transaction-based compensation Custodying assets Acting as an intermediary between buyers and sellers If these hallmarks are present, broker registration is required. If they are not, the provider should not be treated as a broker.  This is a functional test—one that looks to what the entity does, not the means by which it is done. APC’s “Nature of the Activity” Test This approach closely mirrors the framework proposed in Ava Labs’ May 2025 submission to the Task Force. In that letter, APC articulated the nature of the activity test as a method for determining when infrastructure providers should be treated as securities intermediaries. The test asks a simple question: Are the activities ones performed by a broker, dealer, or investment adviser? If the answer is yes, existing regulatory obligations apply. If not, registration should not be required. This framework is grounded in decades of securities law. As the submission explains, the SEC has long evaluated whether entities fall within the scope of broker, dealer, or adviser regulation based on factors such as: Engagement in the business of effecting transactions Providing investment advice Receipt of transaction-based compensation Active solicitation of trades Participation in negotiations Custody of customer funds or securities Notably, none of these factors depend on the technology used. They were developed in an era of paper-based markets and continued to apply as markets digitized. We went on to say that the same logic should apply to blockchain-based systems, which represent the next iteration of digital market infrastructure. Infrastructure vs. Intermediation A central theme of the APC submission is the distinction between infrastructure providers and intermediaries. Infrastructure providers—such as validators, software developers, and communications providers—perform essential technical functions. They enable networks to operate but do not: Solicit transactions Provide advice Exercise discretion Control assets Know or influence the nature of specific transactions As the submission explains, these actors are: “invisible and indiscriminate in verifying, recording, and enabling transactions.” Their role is analogous to that of internet service providers, cloud service providers, API and RPC providers, and similar technical services.   These functions have never been treated as regulated financial intermediation, even though they are essential to the operation of financial markets. Our recent blog post comparing the GENIUS Act’s exceptions for infrastructure with the exceptions for “ancillary infrastructure” in the EU’s Transfer of Funds Regulation reinforces this distinction. SEC’s User Interface Guidance: A Practical Application The Staff Statement reflects this same distinction, even if it uses different terminology. The statement identifies a category of providers—those offering interfaces assisting users in crypto asset securities transactions (“Covered User Interfaces”)—for which broker-dealer registration is not required, provided they satisfy certain conditions. These conditions effectively define what it means to operate as infrastructure rather than an intermediary. To remain outside broker-dealer status, an interface provider must: Allow users to set all transaction parameters Avoid recommendations or investment advice Refrain from soliciting trades Operate without discretion or control Present execution options using objective criteria Maintain neutral, non-conflicted compensation structures Provide clear disclosures These requirements collectively describe a passive, neutral conduit—precisely the type of actor that has historically received no-action relief.  Continuity with SEC No-Action Precedent The APC submission places heavy emphasis on the SEC’s long history of granting no-action relief to technology providers performing neutral functions. Examples include: Messaging systems connecting brokers Electronic bulletin boards posting trade information Matching platforms linking investors and issuers Data providers offering analytics and research In each case, the SEC focused on whether the provider: Exercised control Participated in negotiations Provided advice or recommendations Handled funds or securities Earned transaction-based compensation Where these elements were absent, the SEC consistently declined to require registration. The user interface guidance follows the same pattern. It does not create new rules; it applies existing principles to new technology.  The Staff Statement even frames its conclusion in terms that closely resemble traditional no-action relief:  In circumstances where a Covered User Interface Provider takes the measures discussed below relating to its creation, offering, and/or operation of a Covered User Interface, the Staff will not object to the Covered User Interface Provider creating, offering, and/or operating a Covered User Interface without registering as a broker-dealer pursuant to Section 15(b) of the Exchange Act. Conclusion The convergence between APC’s framework and the SEC’s guidance has important implications. First, it confirms that existing law is sufficient when applied correctly. There is no need to create new categories for blockchain-based actors. Second, it reinforces the importance of functional analysis. Regulatory outcomes should depend on what an entity does—not on labels, technology, or proximity to financial activity. By focusing on the nature of the activities conducted, regulators can distinguish between: True financial intermediaries, and The infrastructure and tools that support modern markets Third, it provides a path forward for innovation. By clarifying that neutral infrastructure and tools are not automatically subject to intermediary regulation, the SEC reduces uncertainty and enables development within a compliant framework. APC is encouraged to see this clear alignment with its “nature of the activity” test. It demonstrates that longstanding principles of securities law remain vibrant and adaptable—even as markets evolve. The next step is to apply this same logic consistently across the digital asset ecosystem, ensuring that regulation remains targeted, coherent, and grounded in how these technologies actually operate. As our 2026 policy priorities make clear: Infrastructure providers are not intermediaries. Getting this distinction right is essential—not only for regulatory clarity, but for ensuring that robust, competitive markets can develop within a coherent and predictable framework.

The Owl
By and The Owl
shutterstock 2730976661
2026-04-13

DeFi Governance Is a Question of Concentration, Not Decentralization

A recent European Central Bank working paper looks to analyze decentralization in DeFi protocols from the standpoint of governance.  It finds concentration in governance and that this undermines decentralization.  This claim, however, rests on a conceptual error: it conflates system decentralization with governance concentration. And governance concentration that does not affect transaction finality or asset ownership is not relevant to whether a system is decentralized. The distinction matters and clarifies both the paper’s findings and their implications. At Avalanche Policy Coalition, we have consistently defined decentralization from a technical standpoint. A system or network is decentralized when there is no single source of truth, no single point of failure, and no authority with the ability or responsibility to change data, transactions or balances.  It is a definition focused on finality. It ensures that users can trust what they see regarding ownership of assets and the completion of transactions.  The working paper errs by reframing decentralization as a governance question rather than a matter of network finality.  It compounds this error by trying to answer the question of who to regulate in DeFi by looking at concentration of governance power and participation across major DeFi protocols.  What the paper actually demonstrates is not a failure of decentralization, but the presence of concentrated governance layered on top of decentralized infrastructure. Confusing governance concentration with decentralization risks pushing regulation toward infrastructure rather than actors—undermining the very properties that make these systems trustworthy. Here is a summary of the paper’s empirical findings:  Token ownership is heavily skewed, with the top 100 holders controlling more than 80% of supply across the studied protocols, and the top five holders often control a substantial fraction of that total. Governance systems also rely extensively on delegation, whereby token holders assign voting power to intermediaries. As a result, a relatively small number of delegates exercise a disproportionate share of voting power, in some cases controlling the majority of delegated votes. Delegation thus operates as a structural amplifier of concentration. The paper also notes that concentration of governance power is further compounded by opacity. A substantial share of the most influential participants cannot be linked to identifiable individuals or institutions, making it difficult to determine whether governance power is independent or coordinated, whether incentives are aligned or conflicted, and whether influence is exercised by insiders, intermediaries, or diffuse communities. At the same time, governance processes themselves do little to redistribute power. The paper shows that most proposals concern operational parameters—risk settings, asset listings, and similar adjustments—while very few address governance structure. As a result, the paper concludes, existing distributions of power tend to reproduce themselves over time. The paper then concludes that decentralization is a property of governance. Under this view, a system is decentralized to the extent that decision-making authority is widely distributed, no small group can dominate outcomes, and the relevant actors are identifiable and accountable. If governance power is concentrated, the paper concludes that decentralization is incomplete or illusory.  This definition is viscerally appealing, particularly from a regulatory perspective. Regulators require identifiable points of control, and the paper emphasizes the difficulty of relying on governance token holders, developers, or exchanges as regulatory “anchor points” precisely because of opacity and fragmentation in governance structures.  Yet this definition departs from the more established understanding of decentralization in distributed systems, where the concept refers not to governance dispersion but to system architecture: whether there is a single point of failure, a single source of truth, or a single authority capable of altering data or transactions. On the more technically precise definition of decentralization, the protocols studied in the paper—built on public blockchains—remain decentralized. Framed in these terms, the paper’s findings are best understood as documenting concentrations of governance power, not undercutting decentralization.  The paper does not show that any individual token holder, delegate, or developer can rewrite transaction history, override consensus, or unilaterally alter the state of the ledger. Nor does it show that the voting groups have this power.  It also implicitly recognizes that where governance does not affect asset ownership or transaction finality, regulatory hooks are difficult to establish.  Indeed, as noted above, the proposals on which votes are sought have nothing to do with transaction finality or asset ownership.   At best, the paper can conclude that the infrastructure remains decentralized even if governance becomes concentrated. This distinction suggests a more precise analytical framework. At the infrastructure layer, finality is distributed, consensus is collective, and no single point of failure exists. At the governance layer, ownership can become concentrated, voting power aggregated, and influence unevenly distributed. These are not contradictory observations but complementary ones. DeFi systems can be both decentralized and concentrated, depending on the layer of analysis. Recognizing this layered structure clarifies the nature of the challenges identified in the paper. The difficulty regulators face is not that decentralization has failed, but that concentration exists without clear attribution.  This produces a structural asymmetry.  Governance actors can shape protocol outcomes—adjusting parameters, allocating resources, and influencing development trajectories—but they do so within systems whose core integrity cannot be compromised by that concentration. The result is a hybrid condition in which decentralized infrastructure coexists with concentrated influence over things that do not undercut decentralization. Reframing the issue in terms of concentration rather than decentralization also shifts the focus of regulation. For regulators, the challenge is not identifying a centralized intermediary in the traditional sense (i.e., one that controls transactions or custodies assets), but understanding how concentrated influence operates within systems that lack formal control points on the areas of typical regulation. Addressing these issues will require regulatory approaches that focus on identifiable actors and activities, rather than attempting to impose control at the infrastructure layer where it does not exist. The ECB paper makes a significant contribution by documenting the realities of DeFi governance. But its conceptual framing requires greater precision. Decentralization and concentration are not opposing descriptions of the same phenomenon; they operate at different levels of analysis. The systems studied in the paper are not failed attempts at decentralization. They are decentralized systems with concentrated governance structures. And where those structures do not affect transaction finality or asset ownership, the system remains decentralized. Recognizing this distinction provides a clearer understanding of both the risks and the possibilities inherent in DeFi. To hear more on this and related topics, please listen to this webinar from Global Blockchain Business Council.

The Owl
By and The Owl
IMG 8810
2026-04-03

Getting Infrastructure vs. Intermediary Right: EU Transfer of Funds Regulation and the US GENIUS Act

Financial regulation has always looked to capture intermediaries, the money transmitters, brokers, exchanges, custodians, and others that move, hold or control assets on behalf of end users. In traditional financial services, that boundary is relatively clear: regulation attaches to those who intermediate transactions, control client assets, or provide financial services. It does not attach to the wider infrastructure that supports those activities. As digital asset ecosystems become more complex, that same boundary is being tested in new ways, making it important to defend the underlying principle. This piece examines how the EU’s implementation of the Travel Rule (via the recast Funds Transfer Regulation or “TFR”) correctly draws that line using the concept of “ancillary infrastructure,” and how a similar distinction appears in the U.S. GENIUS Act. At its core, the analysis is simple but consequential: when does a participant in a crypto system become a regulated intermediary, and when are they merely part of the infrastructure that makes the system work? These two pieces of legislation on both sides of the Atlantic show how policy makers can ensure regulation remains in force for the activities they want to capture, without blurring the distinction between infrastructure providers and financial intermediaries. In the EU: Where the Concept Comes From The EU’s idea of ancillary infrastructure appears in the recitals of the TFR, which guide how the regulation should be interpreted. The regulation explains (emphasis added): Persons that provide only ancillary infrastructure, such as internet network and infrastructure service providers, cloud service providers or software developers, that enable another entity to provide transfer services for crypto-assets, should not fall within the scope of the Regulation unless they perform transfers of crypto-assets. That is the entirety of it. The term is not further defined. There is no formal category or test in the operative provisions of the TFR, just this functional description and a few examples. But that short passage does a lot of good work. A Working Definition Taking the recital’s examples and its express limit together, ancillary infrastructure can be more specifically understood as: Infrastructure that is used by others in connection with crypto-asset transfers, but does not itself effect, execute, or control the transfer of crypto-assets, or provide custody of such assets. This is not a technology-based definition. It is a role-based definition, grounded in the regulatory perimeter. (This is consistent with other EU Regulations in the crypto-space, such as the Markets in Crypto-Assets (MiCA) Regulation.) What matters is not what the system looks like, but what the activity actually is. Two elements define the boundary: 1. Used in Connection with Transfers The infrastructure is part of the ecosystem that enables crypto-asset transfers. It may be essential to the functioning of the system. It may sit directly in the transaction flow. But it operates in a supporting role to the financial transaction, and is used by other entities such as CASPs and end users. 2. No Transfer or Custody Function The infrastructure provider does not: effect or execute transfers, control the movement of crypto-assets, or provide custody or control over those assets. That is the dividing line. Once a provider crosses into movement or control of value, it begins to look like an intermediary. If it does not, it remains infrastructure. What Counts as Ancillary Infrastructure The TFR itself provides only a handful of examples, but they point to a broader and consistent categorization. They are infrastructures that enable the system to function, without themselves engaging in the activities of financial intermediation. Internet Network Providers, such as internet service providers and network connectivity providers. These entities move data, not value. They carry transaction information across networks, but they have no relationship to the underlying assets being transferred or parties making the transfers. Cloud Service Providers, such as infrastructure-as-a-service providers and cloud hosting platforms. These providers supply computing power, storage, and hosting. They make it possible to run nodes, exchanges, and applications, but do not execute transfers, hold assets or interact directly with customers. Software Developers, such as developers of non-custodial wallets, developers of blockchain protocols, and providers of APIs and developer tools. These actors create the tools that others use to interact with crypto-assets. Once deployed, they do not control how those tools are used, nor do they execute or custody transactions. Technical Infrastructure Providers, such as node infrastructure providers, remote node access (RPC) providers, blockchain data indexing services, and validators and miners. These entities maintain and operate the underlying networks. They validate transactions, order and record them according to protocol rules, and ensure the system continues to function. They do not act on behalf of users, determine the purpose of transactions, or take custody of assets. Their role is protocol-level infrastructure and maintenance, not financial intermediation. Data and Analytics Providers, such as blockchain analytics firms, transaction monitoring tools, and risk scoring services. These providers analyze and interpret blockchain data. They support compliance, investigation, and risk management, but they do not initiate, execute, or control transfers. As we see, the concept of ancillary infrastructure covers a lot of different providers and activities, none of which intermediates or has direct responsibility for transfers or custody. This recognition provides a critical distinction between who is and who is not subject to regulation. A Parallel Approach: The GENIUS Act The same boundary appears explicitly in the U.S. GENIUS Act, which introduces the concept of a Digital Asset Service Provider (DASP) and provides exceptions for infrastructure providers. The Act defines DASPs by reference to familiar intermediary activities: exchanging digital assets, transferring them to third parties, acting as custodians, and providing financial services tied to issuance. In other words, DASPs are intermediaries. But the definition goes further by explicitly stating what is not an intermediary. The definition of DASP explicitly excludes: a distributed ledger protocol; developing, operating, or engaging in the business of developing distributed ledger protocols or self-custodial software interfaces; an immutable and self-custodial software interface; developing, operating, or engaging in the business of validating transactions or operating a distributed ledger; or participating in a liquidity pool or other similar mechanism for the provisioning of liquidity for peer-to-peer transactions. This is the same idea as ancillary infrastructure in the TFR, but stated directly in the text (rather than the recitals), and in greater detail. The Same Line, Two Drafting Styles The TFR and the GENIUS Act take different drafting approaches, but they arrive at the same place. The TFR uses a functional exclusion (“ancillary infrastructure”) The GENIUS Act uses explicit statutory carve-outs Both frameworks draw the same distinction: Intermediaries are regulated because they effect or execute transactions, or control or custody assets - activities that are traditionally within the regulatory perimeter. Infrastructure providers are not, because they enable systems rather than effect transactions or custody assets - activities that have never been captured within the regulatory perimeter, although firms using the infrastructure to undertake regulated activities may themselves require regulatory authorization. In both, that principle holds across network providers, software developers, validators and miners, and other technical actors. Conclusion: Why This Distinction Matters This boundary is not just a drafting detail, it continues to apply a foundational principle. Crypto systems are built in layers. Many actors contribute to how transactions are created, transmitted, and recorded. Without a clear distinction, regulation could easily expand to capture the entire stack. The concept of ancillary infrastructure prevents that outcome. It ensures that providing infrastructure, which is neutral and only indirectly involved, is not treated the same as acting as an intermediary in transactions. That principle is now reflected on both sides of the Atlantic. As digital asset markets evolve, it is likely to remain one of the most important lines in crypto regulation. And together these two pieces of legislation show how policy makers can update rulebooks for new technologies without unwittingly regulating the technology itself. We at Avalanche Policy Coalition have discussed this point multiple times over the last year, including in our April and May comment letters to the SEC Crypto Task Force, our response to the Australian Treasury consultation, and this blog post. Preserving the distinction between infrastructure and intermediary is one of our 2026 policy priorities.

The Owl
By and The Owl
See all