I'm a retired software engineer so I focus here on the technological risks. I have no positions in cryptocurrencies or related companies. Nearly a quarter-century ago I started work at Stanford on a decentralized peer-to-peer consensus system using Proof-of-Work. It won a Best Paper award five years before Satoshi Namakoto published the Bitcoin protocol.
This discussion is badly framed; the term "digital asset" is counter-productive. My checking accounts are digital assets. What you want to talk about are "cryptocurrencies" or "digital ledger technologies" or "blockchains", but these terms cover two completely different technologies:
- permissioned or centralized systems with an obvious locus of control to which regulations can be applied,
- and permissionless or decentralized systems which claim to lack a locus of control, and thereby to be immune from regulation.
That a system is permissionless is a fact, that it is decentralized is a claim. In practice the claim is false, they do have loci of control. The spurious claim is used to deter regulation, so don't accept it by using the "decentralized" word.
Centralized systems, whether they use a conventional database or a permissioned blockchain, don't raise significant new risks or regulatory problems, but permissionless systems do. They are not fit for purpose in at least five areas:
- User Experience
Second, users of permissionless systems can create arbitrarily many identities, pseudonyms. Newly created pseudonyms are anonymous, but in systems such as Bitcoin and Ethereum as they become enmeshed in the web of transactions they can be linked to real-world identities fairly easily.
|BitFinex loot transfers
More sophisticated miscreants use "mixers" such as Tornado Cash, or coins such as Monero or Zcash that use advanced cryptography to obscure transactions. These capabilities of permissionless cryptocurrencies enable a massive crime wave including sanctions evasion, ransomware and drug dealing. Further, even with escrow "smart contracts", users cannot safely purchase physical goods.
Fourth, the history of transactions in a permissionless system is necessarily public. Maintaining anonymity requires operational security beyond ordinary users' ability. Thus in practice most users' transaction history is effectively both public and immutable, enabling abuse and harassment on an unprecedented scale.
Fifth, because of the catastrophic nature of mistakes, users of these purportedly "trustless" systems generally do not access permissionless systems directly, but must place their trust in a user experience layer above the base system's API. As is normal in software, increasing returns and network effects mean that these layers have one or two dominant applications (Alchemy and Infura for Ethereum, for example). A compromise of these systems would place the whole ecosystem at risk.
As you see, permissionless cryptocurrency technology really doesn't work well at all. Evidence for this is the need for so-called "layer-2 systems" such as the Lightning Network, which doesn't really work either. So why put up with this inadequate technology? To deflect regulation so that the insiders and the criminals can continue to rip off everyone else. Encouraging "responsible development" of a technology whose main purpose is to enable irresponsibility is a fool's errand.