Equity Tokens: Safeguarding vs. Corporate Action
Tokens representing a share of equity in a distributed organization pose challenges of a new type in the world currently dominated by share certificates stored in centralized depositories. One of the main challenges is how to work out a trade-off between safeguarding of the asset and convenience of taking a corporate action, which the asset entitles, or even obliges the shareholder to.
Say you own a share in a distributed organization represented by an equity token (or a security token if you will). The organization offers its shareholders to vote on a certain action - for example issuing more tokens, releasing funds for supporting projects, or providing inputs for smart contract oracles. Furthermore, the equity token collects dividends in the form of fees for providing functions for the autonomous organization.
Take the proposed Bitcoin Hivemind distributed prediction market as an example. For an equity (“voting”) token holder, the voting is not only allowed but mandatory in order to maintain your share because your voting is necessary to determine outcomes of the events and to resolve the event derivative contracts. For that, the equity token collects a reward in the form of a trade fee.
The problem is, that in order to take the action, you need to sign it with a corresponding private key, which means exposing it to an online environment. That creates a security risk of your keys being compromised. That risk can be mitigated using hardware wallets or security modules, but at some point, some value, and for some users, those might not be considered secure enough, might not meet the users’ license and regulatory requirements, are virtually uninsurable, and they would have to offer the required functionality or integration.
Of course, there is a simple workaround - that is to effectively centralize issuance of these types of tokens, making their primary issuance and trading subject to KYC and thus if they get compromised, re-issue them to their rightful owners. And that might be sufficient for equity tokens whose sole purpose is to raise funds for otherwise centralized businesses (a use-case, which many dismiss, but I find perfectly valid in the regulatory world, which makes it very difficult for many people to invest in the early stage startups).
That, however, is not a solution for organizations, which wish to become truly distributed in order to be fully censorship-resilient and trustless. For such an organization, there can be no central issuer or KYC process.
The solution might be in allowing for two classes of tokens - one representing ownership of the share, and the second allowing for the corporate action to take place. The ownership tokens would have only a very limited set of functions and that is to create, burn, and perhaps periodically confirm the corporate action tokens.
In practice, the shareholder could store the equity ownership tokens in a cold storage, or a very safe and fully insured custody (I can think of one :-) and have the corporate action (or voting) token in an online environment ready to be used when needed. In case the voting token gets compromised and used to either take a malicious vote or to change dividend issuance address in an attempt to redirect dividends to the attacker’s wallet, the smart contract would allow the shareholder for a sufficient veto period to take their ownership token out of the cold storage and use it to re-issue new voting token and change their own vote or the dividend destination address, or to ask their custodian to do the same.
I’m sure there are other, perhaps better approaches to this and I’m interested in reading about them, so please comment or reach out.